Aller au contenu

James Dean

Membres
  • Compteur de contenus

    14
  • Inscription

  • Dernière visite

Tout ce qui a été posté par James Dean

  1. ...par exemple, à chaque fois que je vais sur ce site, une page s'ouvre en fond d'écran avec cette adresse: http://shop.offerbox.com/ et d'autres viennent se mettre derrière. par contre, n'avez vous rien d'autre à me proposer que combofix qui m'a l'air assez dangereux pour mon PC..! lorsqu'on lit le descriptif, ça ne donne vraiment pas envie de l'installer. j'aimerai savoir ce que vous avez trouvé dans tous les rapports que je vous ai envoyé, car depuis la situation est restée la même. merci
  2. la pub apparait toujours, même en ce moment derrière la page ou je vous écris. Pouvez me dire ce que vous pensez de ce nouveau rapport que j'ai fais avec Ad-Aware, merci. windows live messenger est toujours bloqué...! Logfile created: 09/08/2010 17:27:11 Ad-Aware version: 8.3.0 Extended engine: 3 Extended engine version: 3.1.2770 User performing scan: DEAN *********************** Definitions database information *********************** Lavasoft definition file: 150.44 Genotype definition file version: 2010/08/09 07:45:41 Extended engine definition file: 6705.0 ******************************** Scan results: ********************************* Scan profile name: Analyse complète (ID: full) Objects scanned: 155378 Objects detected: 3 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 1 Folders.........: 0 LSPs............: 0 Cookies.........: 2 Browser hijacks.: 0 MRU objects.....: 0 Removed items: Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0 Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0 Quarantined items: Description: c:\program files\stk017_v2.03\stk017m.exe Family Name: Win32.Adware.Cres/A Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: ef0fce430a6e6dbb55e7c2c6d0e5ea9a Scan and cleaning complete: Finished correctly after 5643 seconds *********************************** Settings *********************************** Scan profile: ID: full, enabled:1, value: Analyse complète ID: folderstoscan, enabled:1, value: C:\ ID: useantivirus, enabled:1, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: true ID: scanhostsfile, enabled:1, value: true ID: scanmru, enabled:1, value: true ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: true ID: onlyexecutables, enabled:1, value: false ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:1, value: Daily 1 ID: time, enabled:1, value: Sun Nov 22 16:37:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily2, enabled:1, value: Daily 2 ID: time, enabled:1, value: Sun Nov 22 22:37:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily3, enabled:1, value: Daily 3 ID: time, enabled:1, value: Sun Nov 22 04:37:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily4, enabled:1, value: Daily 4 ID: time, enabled:1, value: Sun Nov 22 10:37:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Sun Nov 22 16:37:00 2009 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: true ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: true ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: false ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language ID: autoentertainmentmode, enabled:1, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple Realtime protection settings: ID: realtime, enabled:1 ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ID: layers, enabled:1 ID: useantivirus, enabled:1, value: true ID: usespywareheuristics, enabled:1, value: true ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: registryprotection, enabled:1, value: false ID: networkprotection, enabled:1, value: false ID: onaccessprotection, enabled:1, value: false ****************************** System information ****************************** Computer name: PC-DE-DEAN Processor name: Intel® Pentium® D CPU 3.00GHz Processor identifier: x86 Family 15 Model 6 Stepping 5 Processor speed: ~2999MHZ Raw info: processorarchitecture 0, processortype 586, processorlevel 15, processor revision 1541, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3] Physical memory available: 1005907968 bytes Physical memory total: 2146258944 bytes Virtual memory available: 1817489408 bytes Virtual memory total: 2147352576 bytes Memory load: 53% Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002) Windows startup mode: Running processes: PID: 436 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: AUTORITE NT PID: 568 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT PID: 608 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: AUTORITE NT PID: 620 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT PID: 656 name: C:\Windows\System32\services.exe owner: SYSTEM domain: AUTORITE NT PID: 668 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: AUTORITE NT PID: 676 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: AUTORITE NT PID: 724 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: AUTORITE NT PID: 868 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 932 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: AUTORITE NT PID: 960 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1004 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1108 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1176 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1208 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1304 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1324 name: C:\Windows\System32\SLsvc.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1360 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1476 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1516 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: AUTORITE NT PID: 1752 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT PID: 1856 name: C:\Windows\System32\dwm.exe owner: DEAN domain: PC-de-DEAN PID: 1892 name: C:\Windows\explorer.exe owner: DEAN domain: PC-de-DEAN PID: 260 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT PID: 312 name: C:\Program Files\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: AUTORITE NT PID: 324 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 380 name: C:\Windows\System32\taskeng.exe owner: DEAN domain: PC-de-DEAN PID: 648 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: AUTORITE NT PID: 1544 name: C:\Windows\System32\taskeng.exe owner: DEAN domain: PC-de-DEAN PID: 1908 name: C:\Program Files\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: AUTORITE NT PID: 1264 name: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT PID: 1484 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM domain: AUTORITE NT PID: 744 name: C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe owner: SYSTEM domain: AUTORITE NT PID: 2136 name: C:\Program Files\CDBurnerXP\NMSAccessU.exe owner: SYSTEM domain: AUTORITE NT PID: 2180 name: C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe owner: SYSTEM domain: AUTORITE NT PID: 2364 name: C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe owner: SYSTEM domain: AUTORITE NT PID: 2392 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 2424 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 2460 name: C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE owner: SYSTEM domain: AUTORITE NT PID: 2492 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: AUTORITE NT PID: 2772 name: C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE owner: SYSTEM domain: AUTORITE NT PID: 3296 name: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe owner: DEAN domain: PC-de-DEAN PID: 3384 name: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe owner: DEAN domain: PC-de-DEAN PID: 3408 name: C:\Program Files\Freecorder\FLVSrvc.exe owner: DEAN domain: PC-de-DEAN PID: 3424 name: C:\Program Files\Common Files\Java\Java Update\jusched.exe owner: DEAN domain: PC-de-DEAN PID: 3432 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT PID: 3448 name: C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe owner: DEAN domain: PC-de-DEAN PID: 3568 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: AUTORITE NT PID: 3620 name: C:\Program Files\OrangeHSS\Launcher\Launcher.exe owner: DEAN domain: PC-de-DEAN PID: 3656 name: C:\Program Files\iTunes\iTunesHelper.exe owner: DEAN domain: PC-de-DEAN PID: 3672 name: C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe owner: DEAN domain: PC-de-DEAN PID: 3708 name: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe owner: DEAN domain: PC-de-DEAN PID: 3720 name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: DEAN domain: PC-de-DEAN PID: 3728 name: C:\Genius\ioCentre\gTaskBar.exe owner: DEAN domain: PC-de-DEAN PID: 3760 name: C:\Windows\ehome\ehtray.exe owner: DEAN domain: PC-de-DEAN PID: 3856 name: C:\Windows\ehome\ehmsas.exe owner: DEAN domain: PC-de-DEAN PID: 3912 name: C:\Program Files\Windows Media Player\wmpnscfg.exe owner: DEAN domain: PC-de-DEAN PID: 3928 name: C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe owner: DEAN domain: PC-de-DEAN PID: 4052 name: C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe owner: DEAN domain: PC-de-DEAN PID: 4060 name: C:\Program Files\Windows Live\Messenger\msnmsgr.exe owner: DEAN domain: PC-de-DEAN PID: 1076 name: C:\Genius\ioCentre\gMouseTask.exe owner: DEAN domain: PC-de-DEAN PID: 652 name: C:\Genius\ioCentre\gKbdTask.exe owner: DEAN domain: PC-de-DEAN PID: 1300 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: DEAN domain: PC-de-DEAN PID: 2664 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1964 name: C:\Genius\ioCentre\gAutoPan.exe owner: DEAN domain: PC-de-DEAN PID: 1848 name: C:\Genius\ioCentre\gAutoScroll.exe owner: DEAN domain: PC-de-DEAN PID: 1960 name: C:\Genius\ioCentre\gZoom.exe owner: DEAN domain: PC-de-DEAN PID: 3168 name: C:\Genius\ioCentre\gMGlass.exe owner: DEAN domain: PC-de-DEAN PID: 2320 name: C:\Genius\ioCentre\gIMMgm.exe owner: DEAN domain: PC-de-DEAN PID: 3208 name: C:\Genius\ioCentre\gDeskMgm.exe owner: DEAN domain: PC-de-DEAN PID: 2228 name: C:\Genius\ioCentre\gTaskSwitch.exe owner: DEAN domain: PC-de-DEAN PID: 3356 name: C:\Genius\ioCentre\gPreset.exe owner: DEAN domain: PC-de-DEAN PID: 3648 name: C:\Genius\ioCentre\gKbStatus.exe owner: DEAN domain: PC-de-DEAN PID: 2728 name: C:\Windows\System32\wbem\unsecapp.exe owner: DEAN domain: PC-de-DEAN PID: 3520 name: C:\Program Files\iPod\bin\iPodService.exe owner: SYSTEM domain: AUTORITE NT PID: 828 name: C:\Windows\System32\SearchProtocolHost.exe owner: SYSTEM domain: AUTORITE NT PID: 2060 name: C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe owner: SYSTEM domain: AUTORITE NT PID: 3152 name: C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe owner: SYSTEM domain: AUTORITE NT PID: 1340 name: C:\Windows\System32\SearchFilterHost.exe owner: SYSTEM domain: AUTORITE NT PID: 3640 name: C:\Program Files\OrangeHSS\Systray\SystrayApp.exe owner: DEAN domain: PC-de-DEAN PID: 3508 name: C:\Program Files\OrangeHSS\Deskboard\Deskboard.exe owner: DEAN domain: PC-de-DEAN PID: 3420 name: C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe owner: DEAN domain: PC-de-DEAN PID: 808 name: C:\Program Files\OrangeHSS\Connectivity\corecom\CoreCom.exe owner: DEAN domain: PC-de-DEAN PID: 4112 name: C:\Program Files\Windows Live\Contacts\wlcomm.exe owner: DEAN domain: PC-de-DEAN PID: 4484 name: C:\Program Files\OrangeHSS\Connectivity\corecom\OraConfigRecover.exe owner: DEAN domain: PC-de-DEAN PID: 4492 name: C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe owner: DEAN domain: PC-de-DEAN Startup items: Name: msnmsgr imagepath: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background Name: avgnt imagepath: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min Name: ORAHSSSessionManager imagepath: "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" Name: Google Desktop Search imagepath: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup Name: Freecorder FLV Service imagepath: "C:\Program Files\Freecorder\FLVSrvc.exe" /run Name: SunJavaUpdateSched imagepath: "C:\Program Files\Common Files\Java\Java Update\jusched.exe" Name: Adobe Reader Speed Launcher imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" Name: Adobe ARM imagepath: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Name: QuickTime Task imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime Name: iTunesHelper imagepath: "C:\Program Files\iTunes\iTunesHelper.exe" Name: MSN Toolbar imagepath: "C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe" Name: Microsoft Default Manager imagepath: "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Component Categories cache daemon Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: AeLookupSvc displayname: Expérience d’application Name: AntiVirSchedulerService displayname: Avira AntiVir Planificateur Name: AntiVirService displayname: Avira AntiVir Guard Name: Apple Mobile Device displayname: Apple Mobile Device Name: AudioEndpointBuilder displayname: Générateur de points de terminaison du service Audio Windows Name: Audiosrv displayname: Audio Windows Name: BFE displayname: Moteur de filtrage de base Name: BITS displayname: Service de transfert intelligent en arrière-plan Name: Bonjour Service displayname: Service Bonjour Name: Browser displayname: Explorateur d'ordinateurs Name: CryptSvc displayname: Services de chiffrement Name: DcomLaunch displayname: Lanceur de processus serveur DCOM Name: Dhcp displayname: Client DHCP Name: Dnscache displayname: Client DNS Name: DPS displayname: Service de stratégie de diagnostic Name: EapHost displayname: Protocole EAP (Extensible Authentication Protocol) Name: EMDMgmt displayname: Service ReadyBoost Name: Eventlog displayname: Journal d’événements Windows Name: EventSystem displayname: Système d'événement COM+ Name: fdPHost displayname: Hôte du fournisseur de découverte de fonctions Name: FDResPub displayname: Publication des ressources de découverte de fonctions Name: FTRTSVC displayname: France Telecom Routing Table Service Name: gpsvc displayname: Client de stratégie de groupe Name: hidserv displayname: Accès du périphérique d'interface utilisateur Name: iphlpsvc displayname: Assistance IP Name: iPod Service displayname: Service de l’iPod Name: KeyIso displayname: Isolation de clé CNG Name: LanmanServer displayname: Serveur Name: LanmanWorkstation displayname: Station de travail Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: lmhosts displayname: Assistance NetBIOS sur TCP/IP Name: MMCSS displayname: Planificateur de classes multimédias Name: MpsSvc displayname: Pare-feu Windows Name: Netman displayname: Connexions réseau Name: netprofm displayname: Service Liste des réseaux Name: NlaSvc displayname: Connaissance des emplacements réseau Name: NMSAccessU displayname: NMSAccessU Name: nsi displayname: Service Interface du magasin réseau Name: nvsvc displayname: NVIDIA Display Driver Service Name: PcaSvc displayname: Service de l’Assistant Compatibilité des programmes Name: PlugPlay displayname: Plug-and-Play Name: ProfSvc displayname: Service de profil utilisateur Name: RasAuto displayname: Gestionnaire de connexion automatique d'accès distant Name: RasMan displayname: Gestionnaire de connexions d'accès distant Name: RoxWatch9 displayname: Roxio Hard Drive Watcher 9 Name: RpcSs displayname: Appel de procédure distante (RPC) Name: SamSs displayname: Gestionnaire de comptes de sécurité Name: Schedule displayname: Planificateur de tâches Name: SeaPort displayname: SeaPort Name: SENS displayname: Service de notification d’événements système Name: SessionEnv displayname: Configuration des services Terminal Server Name: ShellHWDetection displayname: Détection matériel noyau Name: slsvc displayname: Licence du logiciel Name: Spooler displayname: Spouleur d'impression Name: SSDPSRV displayname: Découverte SSDP Name: SstpSvc displayname: Service SSTP (Secure Socket Tunneling Protocol) Name: stisvc displayname: Acquisition d'image Windows (WIA) Name: SysMain displayname: Superfetch Name: TabletInputService displayname: Service Panneau de saisie Tablet PC Name: TapiSrv displayname: Téléphonie Name: TermService displayname: Services Terminal Server Name: Themes displayname: Thèmes Name: TrkWks displayname: Client de suivi de lien distribué Name: upnphost displayname: Hôte de périphérique UPnP Name: UxSms displayname: Gestionnaire de sessions du Gestionnaire de fenêtrage Name: W32Time displayname: Horloge Windows Name: WdiSystemHost displayname: Hôte système de diagnostics Name: WerSvc displayname: Service de rapport d'erreurs Windows Name: WinDefend displayname: Windows Defender Name: WinHttpAutoProxySvc displayname: Service de découverte automatique de Proxy Web pour les services HTTP Windows Name: Winmgmt displayname: Infrastructure de gestion Windows Name: Wlansvc displayname: Service de configuration automatique WLAN Name: wlidsvc displayname: Windows Live ID Sign-in Assistant Name: WMPNetworkSvc displayname: Service Partage réseau du Lecteur Windows Media Name: WSearch displayname: Windows Search Name: wudfsvc displayname: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur
  3. voici le rapport du nettoyage et pour le plantage, je vous disais au début de ma dernière réponse, qu'il y a un long texte en blanc sur fond noir qui demande de redémarrer normalement ou en mode sans échec. cela vous convient t-il..?? ======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 26/07/10 à 12:00 Contact: AdRemover.contact[AT]gmail.com Site web: Ad_Remover C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 16:19:24 le 09/08/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) DEAN@PC-DE-DEAN (PACKARD BELL BV ISTART F9221 AM) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\Prefs.js -- Ligne supprimée: user_pref("CT1060933.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne supprimée: user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106... Ligne supprimée: user_pref("CT2314456.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_... Ligne supprimée: user_pref("CT2314456.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231... Ligne supprimée: user_pref("CT2314456.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=E... Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com"); Ligne supprimée: user_pref("browser.search.defaultthis.engineName", "Megastreaming Customized Web Search"); -- Fichier Fermé -- 0,Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6 (fr)] ** -- C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\User.js -- keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= -- C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\Prefs.js -- CommunityToolbar.SearchFromAddressBarSavedUrl, data:text/plain,keyword.URL=hxxp://www.google.com/search?ie=UTF-8&oe=UTF-... browser.download.lastDir, C:\\Users\\DEAN\\Desktop browser.search.defaultenginename, Search the web (Babylon) browser.search.defaulturl, hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch browser.search.selectedEngine, Search the web (Babylon) browser.startup.homepage, hxxp://fr.google.mozilla.com/firefox?client=firefox-a&rls=com.google:fr:official browser.startup.homepage_override.mstone, rv:1.9.2 keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= privacy.popups.showBrowserMessage, false ======================================== ** Internet Explorer Version [8.0.6001.18928] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Custom Search URL: 1 Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\System32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 17 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 09/08/2010 (3896 Octet(s)) C:\Ad-Report-SCAN[1].txt - 09/08/2010 (3963 Octet(s)) Fin à: 16:24:16, 09/08/2010 ============== E.O.F ==============
  4. salut et merci encore de m'aider. lors des plantages, j'ai un long texte sur fond noir qui me demande de redémarrer normalement en appuyant sur entrée. voici le nouveau rapport. ======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 26/07/10 à 12:00 Contact: AdRemover.contact[AT]gmail.com Site web: Ad_Remover C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 13:55:11 le 09/08/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) DEAN@PC-DE-DEAN (PACKARD BELL BV ISTART F9221 AM) ============== RECHERCHE ============== -- Fichier ouvert: C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\Prefs.js -- Ligne trouvée: user_pref("CT1060933.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne trouvée: user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106... Ligne trouvée: user_pref("CT2314456.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_... Ligne trouvée: user_pref("CT2314456.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231... Ligne trouvée: user_pref("CT2314456.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=E... Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com"); Ligne trouvée: user_pref("browser.search.defaultthis.engineName", "Megastreaming Customized Web Search"); -- Fichier Fermé -- 0,Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6 (fr)] ** -- C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\User.js -- keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= -- C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\Prefs.js -- CommunityToolbar.SearchFromAddressBarSavedUrl, data:text/plain,keyword.URL=hxxp://www.google.com/search?ie=UTF-8&oe=UTF-... browser.download.lastDir, C:\\Users\\DEAN\\Desktop browser.search.defaultenginename, Search the web (Babylon) browser.search.defaulturl, hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch browser.search.selectedEngine, Search the web (Babylon) browser.startup.homepage, hxxp://fr.google.mozilla.com/firefox?client=firefox-a&rls=com.google:fr:official browser.startup.homepage_override.mstone, rv:1.9.2 keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= privacy.popups.showBrowserMessage, false ======================================== ** Internet Explorer Version [8.0.6001.18928] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Custom Search URL: 1 Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\System32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 09/08/2010 (3834 Octet(s)) Fin à: 13:59:20, 09/08/2010 ============== E.O.F ============== ...faut-il que je fasse le nettoyage aussi..??
  5. ...j'ai bien désactivé l'uac comme demandé. en ce moment, mon Ordi plante au moins 2 fois par jour, alors je vous poste le rapport de mon antivirus Avira Antivir. Pouvez vous me dire, svp s'il est vraiment éfficace...?? je veux bien refaire le scan Ad-Remover, mais je ne sais pas comment le faire en mode sans échec; pouvez vous me guider...!?? Avira AntiVir Personal Date de création du fichier de rapport : lundi 9 août 2010 10:32 La recherche porte sur 2689530 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows Vista Version de Windows : (Service Pack 2) [6.0.6002] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : PC-DE-DEAN Informations de version : BUILD.DAT : 9.0.0.77 21698 Bytes 09/06/2010 12:01:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 21/11/2009 14:45:55 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 14:45:55 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 14:45:55 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 19:10:29 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 14:35:25 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 19:07:00 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 18:02:59 VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 09:50:35 VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 16:41:20 VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 16:41:20 VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 16:41:21 VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 16:41:21 VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 16:41:21 VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 16:41:21 VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 18:19:32 VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 18:25:20 VBASE015.VDF : 7.10.10.28 139264 Bytes 02/08/2010 18:19:40 VBASE016.VDF : 7.10.10.52 127488 Bytes 03/08/2010 18:19:42 VBASE017.VDF : 7.10.10.84 137728 Bytes 06/08/2010 18:19:45 VBASE018.VDF : 7.10.10.85 1536 Bytes 06/08/2010 18:19:45 VBASE019.VDF : 7.10.10.86 1536 Bytes 06/08/2010 18:19:45 VBASE020.VDF : 7.10.10.87 1536 Bytes 06/08/2010 18:19:45 VBASE021.VDF : 7.10.10.88 1536 Bytes 06/08/2010 18:19:45 VBASE022.VDF : 7.10.10.89 1536 Bytes 06/08/2010 18:19:45 VBASE023.VDF : 7.10.10.90 1536 Bytes 06/08/2010 18:19:45 VBASE024.VDF : 7.10.10.91 1536 Bytes 06/08/2010 18:19:45 VBASE025.VDF : 7.10.10.92 1536 Bytes 06/08/2010 18:19:45 VBASE026.VDF : 7.10.10.93 1536 Bytes 06/08/2010 18:19:45 VBASE027.VDF : 7.10.10.94 1536 Bytes 06/08/2010 18:19:45 VBASE028.VDF : 7.10.10.95 1536 Bytes 06/08/2010 18:19:46 VBASE029.VDF : 7.10.10.96 1536 Bytes 06/08/2010 18:19:46 VBASE030.VDF : 7.10.10.97 1536 Bytes 06/08/2010 18:19:46 VBASE031.VDF : 7.10.10.104 109056 Bytes 08/08/2010 18:19:47 Version du moteur : 8.2.4.34 AEVDF.DLL : 8.1.2.1 106868 Bytes 29/07/2010 18:27:02 AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 29/07/2010 18:26:58 AESCN.DLL : 8.1.6.1 127347 Bytes 12/05/2010 19:55:40 AESBX.DLL : 8.1.3.1 254324 Bytes 23/04/2010 17:52:19 AERDL.DLL : 8.1.8.2 614772 Bytes 20/07/2010 16:34:53 AEPACK.DLL : 8.2.3.5 471412 Bytes 06/08/2010 18:19:48 AEOFFICE.DLL : 8.1.1.8 201081 Bytes 21/07/2010 16:34:37 AEHEUR.DLL : 8.1.2.11 2834805 Bytes 06/08/2010 18:19:48 AEHELP.DLL : 8.1.13.2 242039 Bytes 20/07/2010 16:34:09 AEGEN.DLL : 8.1.3.19 393587 Bytes 06/08/2010 18:19:46 AEEMU.DLL : 8.1.2.0 393588 Bytes 23/04/2010 17:52:18 AECORE.DLL : 8.1.16.2 192887 Bytes 20/07/2010 16:33:58 AEBB.DLL : 8.1.1.0 53618 Bytes 23/04/2010 17:52:18 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 21/10/2009 19:38:25 AVREP.DLL : 8.0.0.7 159784 Bytes 17/02/2010 18:13:32 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 21/10/2009 19:38:24 RCTEXT.DLL : 9.0.73.0 88321 Bytes 21/11/2009 14:45:53 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : lundi 9 août 2010 10:32 La recherche d'objets cachés commence. '111080' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'OfferBox.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'conime.exe' - '1' module(s) sont contrôlés Processus de recherche 'wlcomm.exe' - '1' module(s) sont contrôlés Processus de recherche 'unsecapp.exe' - '1' module(s) sont contrôlés Processus de recherche 'FTCOMModule.exe' - '1' module(s) sont contrôlés Processus de recherche 'WmiPrvSE.exe' - '1' module(s) sont contrôlés Processus de recherche 'OraConfigRecover.exe' - '1' module(s) sont contrôlés Processus de recherche 'unsecapp.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnetwk.exe' - '1' module(s) sont contrôlés Processus de recherche 'WLIDSVCM.EXE' - '1' module(s) sont contrôlés Processus de recherche 'CoreCom.exe' - '1' module(s) sont contrôlés Processus de recherche 'ConnectivityManager.exe' - '1' module(s) sont contrôlés Processus de recherche 'Deskboard.exe' - '1' module(s) sont contrôlés Processus de recherche 'SystrayApp.exe' - '1' module(s) sont contrôlés Processus de recherche 'SearchIndexer.exe' - '1' module(s) sont contrôlés Processus de recherche 'WLIDSVC.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés Processus de recherche 'RoxWatch9.exe' - '1' module(s) sont contrôlés Processus de recherche 'NMSAccessU.exe' - '1' module(s) sont contrôlés Processus de recherche 'FTRTSVC.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'gKbStatus.exe' - '1' module(s) sont contrôlés Processus de recherche 'gPreset.exe' - '1' module(s) sont contrôlés Processus de recherche 'gTaskSwitch.exe' - '1' module(s) sont contrôlés Processus de recherche 'gDeskMgm.exe' - '1' module(s) sont contrôlés Processus de recherche 'gIMMgm.exe' - '1' module(s) sont contrôlés Processus de recherche 'gMGlass.exe' - '1' module(s) sont contrôlés Processus de recherche 'gZoom.exe' - '1' module(s) sont contrôlés Processus de recherche 'AlertModule.exe' - '1' module(s) sont contrôlés Processus de recherche 'gAutoScroll.exe' - '1' module(s) sont contrôlés Processus de recherche 'gAutoPan.exe' - '1' module(s) sont contrôlés Processus de recherche 'gKbdTask.exe' - '1' module(s) sont contrôlés Processus de recherche 'gMouseTask.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehmsas.exe' - '1' module(s) sont contrôlés Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'OrangeInside.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnscfg.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehtray.exe' - '1' module(s) sont contrôlés Processus de recherche 'gTaskBar.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés Processus de recherche 'ISUSPM.exe' - '1' module(s) sont contrôlés Processus de recherche 'mswinext.exe' - '1' module(s) sont contrôlés Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'Launcher.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'FLVSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'dwm.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'AAWService.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvvsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'SLsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'audiodg.exe' - '0' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvvsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsm.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'wininit.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '88' processus ont été contrôlés avec '88' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! [iNFO] Veuillez relancer la recherche avec les droits d'administrateur Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! [iNFO] Veuillez relancer la recherche avec les droits d'administrateur Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! [iNFO] Veuillez relancer la recherche avec les droits d'administrateur Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! [iNFO] Veuillez relancer la recherche avec les droits d'administrateur La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '39' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <Disque Dur> C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Windows\SoftwareDistribution\Download\794c8edfe0b48e2d6228ac23e9e5ea88\BIT8E3B.tmp [0] Type d'archive: CAB (Microsoft) --> NVMUP.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. C:\Windows\System32\drivers\sptd.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Fin de la recherche : lundi 9 août 2010 11:11 Temps nécessaire: 38:59 Minute(s) La recherche a été effectuée intégralement 24737 Les répertoires ont été contrôlés 422336 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 422334 Fichiers non infectés 2594 Les archives ont été contrôlées 4 Avertissements 1 Consignes 111080 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés
  6. ======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 26/07/10 à 12:00 Contact: AdRemover.contact[AT]gmail.com Site web: Ad_Remover C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:17:44 le 08/08/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) DEAN@PC-DE-DEAN (PACKARD BELL BV ISTART F9221 AM) ============== RECHERCHE ============== 0,Fichier trouvé: C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\searchplugins\ask.xml 0,Fichier trouvé: C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\searchplugins\askcom.xml 0,Dossier trouvé: C:\Program Files\Ask & Record Toolbar 0,Dossier trouvé: C:\Program Files\AskTBar 0,Dossier trouvé: C:\Users\DEAN\AppData\Local\Conduit 0,Dossier trouvé: C:\Users\DEAN\AppData\LocalLow\Conduit 0,Dossier trouvé: C:\Program Files\Conduit 0,Dossier trouvé: C:\Users\DEAN\AppData\Roaming\EoRezo 0,Dossier trouvé: C:\Users\DEAN\AppData\Roaming\ItsLabel -- Fichier ouvert: C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\Prefs.js -- Ligne trouvée: user_pref("CT1060933.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne trouvée: user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106... Ligne trouvée: user_pref("CT2314456.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_... Ligne trouvée: user_pref("CT2314456.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231... Ligne trouvée: user_pref("CT2314456.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=E... Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com"); Ligne trouvée: user_pref("browser.search.defaultthis.engineName", "Megastreaming Customized Web Search"); -- Fichier Fermé -- 0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT1060933 0,Clé trouvée: HKLM\Software\bandoo 0,Clé trouvée: HKLM\Software\Conduit 0,Clé trouvée: HKLM\Software\Freeze.com 0,Clé trouvée: HKLM\Software\AppDataLow\Software\Conduit 0,Clé trouvée: HKCU\Software\Conduit 0,Clé trouvée: HKCU\Software\EoRezo 0,Clé trouvée: HKCU\Software\ItsLabel 0,Clé trouvée: HKCU\Software\AppDataLow\AskBarDis 0,Clé trouvée: HKCU\Software\AppDataLow\AskHomePage 0,Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit 0,Clé trouvée: HKU\.DEFAULT\Software\EoRezo 0,Clé trouvée: HKU\S-1-5-18\Software\EoRezo 3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} 0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp 0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp 0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc 0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine 0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo 0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} 0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} 0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{FE063DB9-4EC0-403E-8DD8-394C54984B2C} 0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6 (fr)] ** -- C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\User.js -- keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= -- C:\Users\DEAN\AppData\Roaming\Mozilla\FireFox\Profiles\3y81mdua.default\Prefs.js -- CommunityToolbar.SearchFromAddressBarSavedUrl, data:text/plain,keyword.URL=hxxp://www.google.com/search?ie=UTF-8&oe=UTF-... browser.download.lastDir, C:\\Users\\DEAN\\Desktop browser.search.defaultenginename, Search the web (Babylon) browser.search.defaulturl, hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch browser.search.selectedEngine, Search the web (Babylon) browser.startup.homepage, hxxp://fr.google.mozilla.com/firefox?client=firefox-a&rls=com.google:fr:official browser.startup.homepage_override.mstone, rv:1.9.2 keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= privacy.popups.showBrowserMessage, false ======================================== ** Internet Explorer Version [8.0.6001.18928] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://search.ke.voila.fr/S/voila?kw= Search Page: hxxp://www.google.com Show_ToolBar: yes Start Page: www.orange.fr Use Custom Search URL: 1 Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\System32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://www.google.com Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: hxxp://y.lo.st Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 08/08/2010 (6160 Octet(s)) Fin à: 22:22:58, 08/08/2010 ============== E.O.F ============== salut Pear, après le scan j'ai fais le nettoyage même 2 fois, mais aucun rapport n'est sortie après le redémarrage demandé, que dois-je faire, car j'ai toujours cette satanée pub sur mon ordi et windows live messenger est toujours bloqué; please Help..!!! merci
  7. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4406 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 08/08/2010 12:50:18 mbam-log-2010-08-08 (12-50-18).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 248251 Temps écoulé: 48 minute(s), 20 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\WinButler (Adware.WinButler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/) Good: (http://www.google.com) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Users\DEAN\AppData\Roaming\WinButler (Adware.WinButler) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Windows\RegGenieOnUninstall.exe (Spyware.Passwords) -> Quarantined and deleted successfully. C:\Users\DEAN\AppData\Roaming\WinButler\config.cfg (Adware.WinButler) -> Quarantined and deleted successfully.
  8. boMalwarebytes' Anti-Malware 1.32 Version de la base de données: 1618 Windows 6.0.6002 Service Pack 2 26/07/2010 18:22:37 mbam-log-2010-07-26 (18-22-37).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 163874 Temps écoulé: 2 hour(s), 3 minute(s), 43 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{6c51f7e9-8542-4f25-a30f-2060157752e1} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{90a52f08-64ac-4dc6-9d7d-4516670275d3} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c68ae9c0-0909-4ddc-b661-c1afb9f5ae53} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c68ae9c0-0909-4ddc-b661-c1afb9f5ae53} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c68ae9c0-0909-4ddc-b661-c1afb9f5ae53} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{90a52f08-64ac-4dc6-9d7d-4516670275d3} (Trojan.Downloader) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\MenuOrange.dll (Trojan.Downloader) -> Quarantined and deleted successfully. bonjour, voici le rapport/log de 07/2010avec toutes les affections et voici les derniers Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4406 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 08/08/2010 12:50:18 mbam-log-2010-08-08 (12-50-18).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 248251 Temps écoulé: 48 minute(s), 20 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\WinButler (Adware.WinButler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/) Good: (http://www.google.com) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Users\DEAN\AppData\Roaming\WinButler (Adware.WinButler) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Windows\RegGenieOnUninstall.exe (Spyware.Passwords) -> Quarantined and deleted successfully. C:\Users\DEAN\AppData\Roaming\WinButler\config.cfg (Adware.WinButler) -> Quarantined and deleted successfully. et un deuxième... Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1618 Windows 6.0.6002 Service Pack 2 02/08/2010 20:45:18 mbam-log-2010-08-02 (20-45-18).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 163154 Temps écoulé: 2 hour(s), 25 minute(s), 27 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  9. boMalwarebytes' Anti-Malware 1.32 Version de la base de données: 1618 Windows 6.0.6002 Service Pack 2 26/07/2010 18:22:37 mbam-log-2010-07-26 (18-22-37).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 163874 Temps écoulé: 2 hour(s), 3 minute(s), 43 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{6c51f7e9-8542-4f25-a30f-2060157752e1} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{90a52f08-64ac-4dc6-9d7d-4516670275d3} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c68ae9c0-0909-4ddc-b661-c1afb9f5ae53} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c68ae9c0-0909-4ddc-b661-c1afb9f5ae53} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c68ae9c0-0909-4ddc-b661-c1afb9f5ae53} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{90a52f08-64ac-4dc6-9d7d-4516670275d3} (Trojan.Downloader) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\MenuOrange.dll (Trojan.Downloader) -> Quarantined and deleted successfully. bonjour, voici le rapport/log de 07/2010avec toutes les affections et voici les derniers Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4406 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 08/08/2010 12:50:18 mbam-log-2010-08-08 (12-50-18).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 248251 Temps écoulé: 48 minute(s), 20 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\WinButler (Adware.WinButler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/) Good: (http://www.google.com) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Users\DEAN\AppData\Roaming\WinButler (Adware.WinButler) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Windows\RegGenieOnUninstall.exe (Spyware.Passwords) -> Quarantined and deleted successfully. C:\Users\DEAN\AppData\Roaming\WinButler\config.cfg (Adware.WinButler) -> Quarantined and deleted successfully. et un deuxième... Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1618 Windows 6.0.6002 Service Pack 2 02/08/2010 20:45:18 mbam-log-2010-08-02 (20-45-18).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 163154 Temps écoulé: 2 hour(s), 25 minute(s), 27 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  10. ok, j'ai du monde qui vient d'arriver; je fais tout cela demain matin et je vous l'envoi. merci
  11. cela vous suffit t-il...???
  12. Logfile of random's system information tool 1.08 (written by random/random) Run by DEAN at 2010-08-07 18:12:37 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 111 GB (48%) free of 230 GB Total RAM: 2047 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:12:40, on 07/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Freecorder\FLVSrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\OrangeHSS\Launcher\Launcher.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Genius\ioCentre\gTaskBar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Genius\ioCentre\gMouseTask.exe C:\Genius\ioCentre\gKbdTask.exe C:\Genius\ioCentre\gAutoPan.exe C:\Genius\ioCentre\gAutoScroll.exe C:\Genius\ioCentre\gZoom.exe C:\Genius\ioCentre\gMGlass.exe C:\Genius\ioCentre\gIMMgm.exe C:\Genius\ioCentre\gDeskMgm.exe C:\Genius\ioCentre\gTaskSwitch.exe C:\Genius\ioCentre\gPreset.exe C:\Genius\ioCentre\gKbStatus.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\Program Files\OrangeHSS\Deskboard\deskboard.exe C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\OfferBox\OfferBox.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\conime.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\Downloads\RSIT.exe C:\Program Files\trend micro\DEAN.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Voila - Recherche R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = nixud.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - (no file) O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\DEAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [orangeinside] C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: _ajouter cette page à vos favoris Orange - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html O8 - Extra context menu item: _envoyer le texte sélectionné par sms - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html O8 - Extra context menu item: _envoyer par sms - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html O8 - Extra context menu item: _envoyer un mail - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html O8 - Extra context menu item: _orange.fr - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html O8 - Extra context menu item: _rechercher le texte sélectionné - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html O8 - Extra context menu item: _traduire la page - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html O8 - Extra context menu item: _traduire le texte sélectionné - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O15 - Trusted Zone: http://*.mappy.com'>http://*.mappy.com'>http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr'>http://*.orange.fr'>http://*.orange.fr O15 - Trusted Zone: Orange : téléphones, forfaits mobiles, Internet, actualité, sport, video O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: c:\progra~1\google\go333c~1\goec62~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\System32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 26396 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Extension de garantie.job C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3577273043-257920405-112179905-1002Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3577273043-257920405-112179905-1002UA.job C:\Windows\tasks\PCConfidential.job C:\Windows\tasks\User_Feed_Synchronization-{EB06D1D1-CE9F-4C99-A516-91D7D7AF0D5B}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-16 2515552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-18 814648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}] IeMonitorBho Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll [2009-11-30 506712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] OfferBox - C:\Program Files\OfferBox\OfferBoxBHO.dll [2010-07-06 135000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-16 2515552] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192] {8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll [2009-11-30 506712] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "EoEngine"= [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2009-03-03 107248] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-09 30192] "Freecorder FLV Service"=C:\Program Files\Freecorder\FLVSrvc.exe [2009-11-15 158752] "eorezo"= [] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624] "MSN Toolbar"=C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe [2009-11-30 240472] "Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-12-04 68856] "ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "Google Update"=C:\Users\DEAN\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-09 135664] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "orangeinside"=C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [2010-07-20 843776] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cmds] C:\Users\DEAN\AppData\Local\Temp\geeeb.dll,c [] C:\Users\DEAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~1\google\go333c~1\goec62~1.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{88485281-8b4b-4f8d-9ede-82e29a064277}"=C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 192512] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-08-06 09:08:08 ----A---- C:\Windows\ntbtlog.txt 2010-08-03 10:51:28 ----A---- C:\Windows\system32\shell32.dll 2010-07-26 20:37:01 ----D---- C:\Program Files\CCleaner 2010-07-23 22:52:10 ----D---- C:\Users\DEAN\AppData\Roaming\Orange 2010-07-23 18:58:07 ----D---- C:\Program Files\MSN Toolbar 2010-07-23 18:57:47 ----D---- C:\Program Files\MSN Toolbar Installer 2010-07-23 18:22:07 ----D---- C:\Users\DEAN\AppData\Roaming\freeCompressor 2010-07-23 18:21:40 ----D---- C:\Program Files\FreeCompressor 2010-07-23 18:20:59 ----D---- C:\Users\DEAN\AppData\Roaming\OfferBox 2010-07-23 18:20:59 ----D---- C:\Program Files\OfferBox 2010-07-20 20:57:28 ----D---- C:\Users\DEAN\AppData\Roaming\vlc 2010-07-10 19:53:50 ----D---- C:\Program Files\iPod 2010-07-10 19:53:47 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-07-10 19:53:47 ----D---- C:\Program Files\iTunes 2010-07-10 19:41:32 ----D---- C:\Program Files\Apple Software Update 2010-07-10 19:38:10 ----D---- C:\Program Files\Bonjour ======List of files/folders modified in the last 1 months====== 2010-08-07 18:12:39 ----D---- C:\Windows\Temp 2010-08-07 18:12:39 ----D---- C:\Program Files\trend micro 2010-08-07 18:11:09 ----D---- C:\Windows\Prefetch 2010-08-07 17:44:59 ----D---- C:\Windows\Tasks 2010-08-07 15:57:10 ----D---- C:\Windows\system32\Tasks 2010-08-07 14:29:02 ----D---- C:\Windows\tracing 2010-08-06 23:13:53 ----SHD---- C:\System Volume Information 2010-08-06 23:07:21 ----D---- C:\Windows\system32\Msdtc 2010-08-06 23:07:19 ----D---- C:\Windows\system32\wbem 2010-08-06 23:07:19 ----D---- C:\Windows 2010-08-06 23:05:43 ----D---- C:\Windows\system32\config 2010-08-06 23:05:34 ----D---- C:\Windows\system32\spool 2010-08-06 23:05:34 ----D---- C:\Windows\system32\catroot2 2010-08-06 23:05:34 ----D---- C:\Windows\registration 2010-08-06 23:05:34 ----D---- C:\Windows\inf 2010-08-06 18:17:38 ----D---- C:\Program Files\MyDefrag v4.2.9 2010-08-06 17:28:12 ----D---- C:\ProgramData\Google Updater 2010-08-06 11:51:42 ----SHD---- C:\Windows\Installer 2010-08-06 11:51:42 ----D---- C:\Windows\winsxs 2010-08-06 11:51:42 ----D---- C:\Users\DEAN\AppData\Roaming\dvdcss 2010-08-06 11:51:42 ----AD---- C:\Windows\System32 2010-08-06 11:51:41 ----D---- C:\Program Files\Windows Live 2010-08-06 11:25:39 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-04 12:29:38 ----D---- C:\Windows\Microsoft.NET 2010-08-04 12:29:37 ----RSD---- C:\Windows\assembly 2010-08-03 10:47:11 ----D---- C:\Windows\system32\catroot 2010-07-27 22:52:55 ----D---- C:\Users\DEAN\AppData\Roaming\Skype 2010-07-27 15:03:55 ----D---- C:\Program Files\WinRAR 2010-07-26 20:37:46 ----D---- C:\Users\DEAN\AppData\Roaming\Media Player Classic 2010-07-26 20:37:01 ----RD---- C:\Program Files 2010-07-26 20:28:18 ----SD---- C:\Windows\Downloaded Program Files 2010-07-26 15:17:35 ----D---- C:\Users\DEAN\AppData\Roaming\InstallShield 2010-07-26 15:15:19 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-26 15:15:18 ----D---- C:\Windows\system32\drivers 2010-07-23 22:51:22 ----D---- C:\Program Files\Orange 2010-07-23 19:12:24 ----D---- C:\Program Files\QuickTime 2010-07-15 15:10:51 ----D---- C:\Windows\Debug 2010-07-14 09:28:36 ----D---- C:\Program Files\Windows Mail 2010-07-13 15:00:27 ----D---- C:\Program Files\Java 2010-07-11 10:56:47 ----D---- C:\Users\DEAN\AppData\Roaming\Apple Computer 2010-07-10 19:53:48 ----D---- C:\Program Files\Common Files\Apple 2010-07-10 19:53:47 ----HD---- C:\ProgramData ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-06-06 64288] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-02 721904] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-10-21 28520] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816] R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2006-07-14 14848] R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280] R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-01-23 50176] S3 catchme;catchme; \??\C:\Users\DEAN\AppData\Local\Temp\catchme.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2009-02-03 28224] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2009-02-03 27072] S3 RT2500USB;Hercules Wireless USB Dongle Driver; C:\Windows\system32\DRIVERS\rt73.sys [] S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-21 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2009-03-03 65536] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-06-29 1352832] R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 71096] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640] R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-11 166648] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06 135664] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-09 30192] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-11 887544] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] -----------------EOF----------------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:11:44, on 07/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Freecorder\FLVSrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\OrangeHSS\Launcher\Launcher.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Genius\ioCentre\gTaskBar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Genius\ioCentre\gMouseTask.exe C:\Genius\ioCentre\gKbdTask.exe C:\Genius\ioCentre\gAutoPan.exe C:\Genius\ioCentre\gAutoScroll.exe C:\Genius\ioCentre\gZoom.exe C:\Genius\ioCentre\gMGlass.exe C:\Genius\ioCentre\gIMMgm.exe C:\Genius\ioCentre\gDeskMgm.exe C:\Genius\ioCentre\gTaskSwitch.exe C:\Genius\ioCentre\gPreset.exe C:\Genius\ioCentre\gKbStatus.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\Program Files\OrangeHSS\Deskboard\deskboard.exe C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\OfferBox\OfferBox.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Voila - Recherche R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = nixud.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - (no file) O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\DEAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [orangeinside] C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: _ajouter cette page à vos favoris Orange - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html O8 - Extra context menu item: _envoyer le texte sélectionné par sms - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html O8 - Extra context menu item: _envoyer par sms - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html O8 - Extra context menu item: _envoyer un mail - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html O8 - Extra context menu item: _orange.fr - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html O8 - Extra context menu item: _rechercher le texte sélectionné - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html O8 - Extra context menu item: _traduire la page - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html O8 - Extra context menu item: _traduire le texte sélectionné - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: Orange : téléphones, forfaits mobiles, Internet, actualité, sport, video O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: c:\progra~1\google\go333c~1\goec62~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\System32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25982 bytes Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:11:44, on 07/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Freecorder\FLVSrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\OrangeHSS\Launcher\Launcher.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Genius\ioCentre\gTaskBar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Genius\ioCentre\gMouseTask.exe C:\Genius\ioCentre\gKbdTask.exe C:\Genius\ioCentre\gAutoPan.exe C:\Genius\ioCentre\gAutoScroll.exe C:\Genius\ioCentre\gZoom.exe C:\Genius\ioCentre\gMGlass.exe C:\Genius\ioCentre\gIMMgm.exe C:\Genius\ioCentre\gDeskMgm.exe C:\Genius\ioCentre\gTaskSwitch.exe C:\Genius\ioCentre\gPreset.exe C:\Genius\ioCentre\gKbStatus.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\Program Files\OrangeHSS\Deskboard\deskboard.exe C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\OfferBox\OfferBox.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DEAN\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Voila - Recherche R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = nixud.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - (no file) O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\DEAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [orangeinside] C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: _ajouter cette page à vos favoris Orange - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html O8 - Extra context menu item: _envoyer le texte sélectionné par sms - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html O8 - Extra context menu item: _envoyer par sms - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html O8 - Extra context menu item: _envoyer un mail - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html O8 - Extra context menu item: _orange.fr - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html O8 - Extra context menu item: _rechercher le texte sélectionné - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html O8 - Extra context menu item: _traduire la page - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html O8 - Extra context menu item: _traduire le texte sélectionné - C:\Users\DEAN\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: Orange : téléphones, forfaits mobiles, Internet, actualité, sport, video O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: c:\progra~1\google\go333c~1\goec62~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\System32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25982 bytes
  13. file:///C:/Users/DEAN/Desktop/hijackthis.log
  14. bonjour à tous, depuis plus d'un mois de la pub vient m'envahir l'écran à chaque clic sur internet exploreur et Mozilla firefox et google chrom..! j'ai installé aussi depuis 15 jours windows live messenger et ça ne fonctionne pas. Comment faire pour vous envoyer le rapport hijackthis si vous en avez besoin, car je n'y arrive pas et merci encore pour votre aide
×
×
  • Créer...