Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

infecté par rajump, vundo, infostealer... tout essayé!

timvg

Par timvg
dans Analyses et éradication malwares

 Partager

Messages recommandés

Lien Rag Full Patch Member

Lien Rag

Posté(e)
Posté(e)

Bonsoir

 

avant de regarder pour ta clef on creuse encore pour ton PC:

 

Télécharge ComboFix (par sUBs) sur ton Bureau

 

Démarre en mode sans echec

 

 

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse,et nouveau rapport hijackthis

 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

timvg Junior Member

timvg

Posté(e)
  • Auteur
Posté(e)

salut,

 

voici le log combo

suivi de celui d'hijackthis

 

là j'ai mon par feu (xp) qui me demande si il doit bloquer ou pas des programme (messenger...)

je commence à en avoir trop marre :P

 

Et merci encore de l'aide...

 

 

ComboFix 07-06-13.3 - C:\Documents and Settings\UTILISATEUR1\Bureau\ComboFix.exe

"UTILISATEUR1" - 2007-06-16 9:50:37 - Service Pack 2 NTFS [sAFE MODE]

 

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\install.log

C:\WINDOWS\icroso~1.net

C:\WINDOWS\wr.txt

 

 

((((((((((((((((((((((((( Files Created from 2007-05-16 to 2007-06-16 )))))))))))))))))))))))))))))))

 

 

2007-06-16 09:50 49,152 --a------ C:\WINDOWS\nircmd.exe

2007-06-14 22:23 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft

2007-06-11 23:14 53,248 --a------ C:\WINDOWS\system32\Process.exe

2007-06-11 23:12 <REP> d-------- C:\Program Files\Navilog1

2007-06-10 23:32 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys

2007-06-10 23:26 <REP> d-------- C:\Program Files\avg antispy

2007-06-10 14:34 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys

2007-06-10 14:31 92,064 --a------ C:\DOCUME~1\UTILIS~1\mqdmmdm.sys

2007-06-10 14:31 9,232 --a------ C:\DOCUME~1\UTILIS~1\mqdmmdfl.sys

2007-06-10 14:31 79,328 --a------ C:\DOCUME~1\UTILIS~1\mqdmserd.sys

2007-06-10 14:31 66,656 --a------ C:\DOCUME~1\UTILIS~1\mqdmbus.sys

2007-06-10 14:31 6,208 --a------ C:\DOCUME~1\UTILIS~1\mqdmcmnt.sys

2007-06-10 14:31 5,936 --a------ C:\DOCUME~1\UTILIS~1\mqdmwhnt.sys

2007-06-10 14:31 4,048 --a------ C:\DOCUME~1\UTILIS~1\mqdmcr.sys

2007-06-10 14:31 25,600 --a------ C:\DOCUME~1\UTILIS~1\usbsermptxp.sys

2007-06-10 14:31 22,768 --a------ C:\DOCUME~1\UTILIS~1\usbsermpt.sys

2007-06-09 14:27 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic

2007-06-09 14:24 <REP> d-------- C:\Program Files\antivir

2007-06-09 11:18 <REP> d-------- C:\WINDOWS\BDOSCAN8

2007-06-06 18:15 <REP> d-------- C:\hijackthis

2007-06-04 15:18 9,344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys

2007-06-04 15:17 8,320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys

2007-06-04 15:14 6,272 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys

2007-05-29 15:15 <REP> d-------- C:\VundoFix Backups

2007-05-29 12:51 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

2007-05-28 22:19 <REP> d-------- C:\Program Files\a-squared Free

2007-05-21 21:23 <REP> d-------- C:\Program Files\SJphone 1.65

2007-05-21 21:22 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard

2007-05-19 15:37 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys

2007-05-17 10:00 <REP> d-------- C:\DOCUME~1\UTILIS~1\.housecall6.6

2007-05-17 09:48 <REP> d-------- C:\WINDOWS\system32\ActiveScan

2007-05-16 08:19 645,866 --------- C:\WINDOWS\system32\uxadd.bak1

 

 

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

2007-06-16 07:46:32 -------- d-----w C:\DOCUME~1\UTILIS~1\APPLIC~1\Wallpaper

2007-06-15 15:22:18 -------- d-----w C:\Program Files\Windows Live Safety Center

2007-06-15 06:56:05 -------- d-----w C:\Program Files\ad aware

2007-06-14 20:23:11 -------- d-----w C:\DOCUME~1\UTILIS~1\APPLIC~1\Lavasoft

2007-06-14 10:33:13 -------- d-----w C:\Program Files\Fichiers communs\Roxio Shared

2007-06-14 10:33:13 -------- d-----w C:\DOCUME~1\UTILIS~1\APPLIC~1\Roxio

2007-06-11 13:49:57 -------- d-----w C:\Program Files\Windows Journal

2007-06-11 13:48:13 -------- d-----w C:\Program Files\SSC

2007-06-11 13:47:55 -------- d-----w C:\Program Files\Savvy TV

2007-06-11 13:47:24 -------- d-----w C:\Program Files\Nokia Digital Pen

2007-06-11 13:47:19 -------- d-----w C:\Program Files\NavNT

2007-06-11 13:47:16 -------- d-----w C:\Program Files\MSN Messenger

2007-06-11 13:41:23 -------- d-----w C:\Program Files\Apoint2K

2007-06-10 13:35:56 -------- d--h--w C:\Program Files\InstallShield Installation Information

2007-05-30 19:52:07 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll

2007-05-21 19:22:31 -------- d-----w C:\Program Files\free

2007-05-17 16:08:38 -------- d-----w C:\Program Files\ulead

2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll

2007-05-15 17:16:31 -------- d-----w C:\Program Files\Fichiers communs\Ulead Systems

2007-05-13 19:16:07 -------- d-----w C:\DOCUME~1\UTILIS~1\APPLIC~1\Media Player Classic

2007-05-13 19:12:48 -------- d-----w C:\Program Files\codec

2007-05-13 19:12:48 -------- d-----w C:\DOCUME~1\UTILIS~1\APPLIC~1\Apple Computer

2007-05-13 19:11:38 -------- d-----w C:\Program Files\Fichiers communs\Real

2007-05-13 19:10:52 -------- d-----w C:\DOCUME~1\UTILIS~1\APPLIC~1\Real

2007-05-13 19:09:40 -------- d-----w C:\Program Files\quicktime

2007-05-13 19:03:00 -------- d-----w C:\Program Files\xvid

2007-05-13 18:49:49 -------- d-----w C:\Program Files\DivX

2007-05-13 09:44:08 -------- d-----w C:\Program Files\IrfanView

2007-05-11 17:54:15 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe

2007-05-11 04:37:15 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll

2007-05-11 04:37:15 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll

2007-05-11 04:37:15 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll

2007-05-11 04:37:15 740,442 ----a-w C:\WINDOWS\system32\DivX.dll

2007-04-25 14:22:35 144,896 ------w C:\WINDOWS\system32\schannel.dll

2007-04-23 00:15:29 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll

2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll

2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll

2007-04-23 00:02:34 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll

2007-04-23 00:02:34 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll

2007-04-23 00:02:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll

2007-04-23 00:02:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll

2007-04-23 00:02:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll

2007-04-23 00:02:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll

2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll

2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll

2007-04-23 00:01:47 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll

2007-04-23 00:01:46 124,472 ----a-w C:\WINDOWS\system32\DivXCodecUpdateChecker.exe

2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll

2007-04-13 13:19:52 7,680 ----a-w C:\WINDOWS\system32\lsdelete.exe

2007-03-25 08:22:44 468,728 ----a-w C:\WINDOWS\system32\perfh00C.dat

2007-03-25 08:22:43 75,704 ----a-w C:\WINDOWS\system32\perfc00C.dat

2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll

 

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

*Note* empty entries & legit default entries are not shown

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

{53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]

{83B80A9C-D91A-4F22-8DCF-EA7204039F79}=C:\Program Files\net transport\NetXfer\NXIEHelper.dll [2006-09-25 06:22]

{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 13:32]

{AC2E8306-D24E-4082-8669-7781499F4E03}=C:\PROGRA~1\EVERYT~1.1\everycom.dll []

{B78D2BC2-76AA-4B1A-A207-BEA15773050D}=C:\WINDOWS\system32\urqppop.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TabletTip"="C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" [2004-08-20 01:10]

"AuditMode"="C:\sysprep\factory.exe" []

"GhostStartTrayApp"="C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-19 12:58]

"AGRSMMSG"="AGRSMMSG.exe" [2002-11-21 16:17 C:\WINDOWS\AGRSMMSG.exe]

"@"="" []

"FjEvents"="C:\Program Files\Fujitsu\Utils\fjevents.exe" [2003-07-28 11:22]

"FjDspMon"="C:\Program Files\Fujitsu\Utils\FjDspMon.exe" [2003-07-28 11:20]

"Fujitsu Menu"="C:\Program Files\Fujitsu\Utils\FjMnuIco.exe" [2003-07-28 11:24]

"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-06-17 15:55]

"SoundMan"="SOUNDMAN.EXE" [2003-03-27 11:34 C:\WINDOWS\SOUNDMAN.EXE]

"Logitech Pen TrayIcon Server"="C:\Program Files\Logitech\ioSoftware\LPTrySvr.exe" [2002-10-03 11:28]

"vptray"="C:\Program Files\NavNT\vptray.exe" [2001-09-26 18:06]

"Savvy DTV Service"="C:\Program Files\Savvy TV\DTV Service.exe" [2006-05-29 23:35]

"UVS10 Preload"="C:\Program Files\ulead\Ulead VideoStudio 10\uvPL.exe" [2006-03-07 00:52]

"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]

"!AVG Anti-Spyware"="C:\Program Files\avg antispy\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-14 15:59]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]

"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55]

"Wallpaper"="C:\Documents and Settings\UTILISATEUR1\Bureau\tim\ap\Wallpaper.exe" [2006-05-22 19:17]

"Oemo"="C:\WINDOWS\ICROSO~1.NET\dexplore.exe" []

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"AllowLegacyWebView"=1 (0x1)

"RevertWebViewSecurity"=1 (0x1)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B78D2BC2-76AA-4B1A-A207-BEA15773050D}"="C:\WINDOWS\system32\urqppop.dll" []

"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\avg antispy\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]

C:\Program Files\Fichiers communs\Microsoft Shared\Ink\loginkey.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]

TabBtnWL.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]

tpgwlnot.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]

"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Pen Docking Engine Server]

C:\Program Files\Fichiers communs\Anoto\DockingEngine.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]

"C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]

"C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

"C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]

AutoRun\command- F:\ReadMe.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{283cd3de-9853-11db-af75-000423812a97}]

Auto\command- AdobeR.exe e

AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b91d694-cbe4-11db-afe7-000423812a97}]

AutoRun\command- F:\ReadMe.exe

 

 

**************************************************************************

 

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-06-16 09:55:35

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

**************************************************************************

 

Completion time: 2007-06-16 9:56:26

C:\ComboFix-quarantined-files.txt ... 2007-06-16 09:56

 

--- E O F ---

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:07:13, on 17/06/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\ad aware\aawservice.exe

C:\Program Files\Fichiers communs\Anoto\2.0\caspar.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\avg antispy\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\NavNT\defwatch.exe

C:\WINDOWS\System32\digtizer.exe

C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe

C:\WINDOWS\system32\cba\pds.exe

C:\Program Files\NavNT\rtvscan.exe

C:\Program Files\SSC\NSCTOP.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\system32\ams_ii\hndlrsvc.exe

C:\WINDOWS\system32\MsgSys.EXE

C:\WINDOWS\system32\cba\xfr.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\SYSTEM32\WISPTIS.EXE

C:\WINDOWS\System32\tabbtnu.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe

C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Fujitsu\Utils\fjevents.exe

C:\Program Files\Fujitsu\Utils\FjDspMon.exe

C:\WINDOWS\System32\igfxext.exe

C:\Program Files\Fujitsu\Utils\FjMnuIco.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Logitech\ioSoftware\LPTrySvr.exe

C:\Program Files\NavNT\vptray.exe

C:\Program Files\Savvy TV\DTV Service.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\avg antispy\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Documents and Settings\UTILISATEUR1\Bureau\tim\ap\Wallpaper.exe

C:\Program Files\Nokia Digital Pen\DockingDirector.exe

C:\PROGRA~1\FICHIE~1\Anoto\2.0\DOCKIN~1.EXE

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\mozilla firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=cache.polytech.univ-nantes.prive:3128;http=cache.polytech.univ-nantes.prive:3128;https=cache.polytech.univ-nantes.prive:3128

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ireste.fr;home;local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: {EA551C00-2AE5-11d3-8592-00A0C98E9EA4} - - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Reactivator - {AC2E8306-D24E-4082-8669-7781499F4E03} - C:\PROGRA~1\EVERYT~1.1\everycom.dll (file missing)

O2 - BHO: (no name) - {B78D2BC2-76AA-4B1A-A207-BEA15773050D} - C:\WINDOWS\system32\urqppop.dll (file missing)

O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" /resume

O4 - HKLM\..\Run: [AuditMode] C:\sysprep\factory.exe -logon

O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [FjEvents] C:\Program Files\Fujitsu\Utils\fjevents.exe

O4 - HKLM\..\Run: [FjDspMon] C:\Program Files\Fujitsu\Utils\FjDspMon.exe

O4 - HKLM\..\Run: [Fujitsu Menu] C:\Program Files\Fujitsu\Utils\FjMnuIco.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Logitech Pen TrayIcon Server] C:\Program Files\Logitech\ioSoftware\LPTrySvr.exe

O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe

O4 - HKLM\..\Run: [savvy DTV Service] C:\Program Files\Savvy TV\DTV Service.exe

O4 - HKLM\..\Run: [uVS10 Preload] C:\Program Files\ulead\Ulead VideoStudio 10\uvPL.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\avg antispy\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Wallpaper] "C:\Documents and Settings\UTILISATEUR1\Bureau\tim\ap\Wallpaper.exe" Starter

O4 - HKCU\..\Run: [Oemo] "C:\WINDOWS\ICROSO~1.NET\dexplore.exe" -vt yazb

O4 - Global Startup: Docking Director.lnk = ?

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Every Toolbar Search - res://C:\PROGRA~1\EVERYT~1.1\everycom.dll/GoRSDN.dll.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab

O16 - DPF: {594ECDD4-A991-4208-A7B7-00DDAD9BE328} (Photosynth Class) - http://media.labs.live.com/all/ps/_code_/Photosynth.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {6E2D6932-3885-4FA2-8DD4-DB63FFE33797} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkCnv.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = polytech.univ-nantes.prive

O17 - HKLM\Software\..\Telephony: DomainName = polytech.univ-nantes.prive

O17 - HKLM\System\CCS\Services\Tcpip\..\{9A2B0307-6E75-4533-A983-395704A4D04F}: NameServer = 212.27.54.252,212.27.53.252

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = polytech.univ-nantes.prive

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = polytech.univ-nantes.prive

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: loginkey - C:\Program Files\Fichiers communs\Microsoft Shared\Ink\loginkey.dll

O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll

O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll

O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\ad aware\aawservice.exe

O23 - Service: AnotoCasparService - Anoto AB - C:\Program Files\Fichiers communs\Anoto\2.0\caspar.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\avg antispy\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe

O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe

O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel Alert Handler - Intel Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe

O23 - Service: Intel File Transfer - Intel Corporation - C:\WINDOWS\system32\cba\xfr.exe

O23 - Service: Intel PDS - Intel Corporation - C:\WINDOWS\system32\cba\pds.exe

O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe

O23 - Service: Service de repérage Symantec System Center (NSCTOP) - Symantec Corporation - C:\Program Files\SSC\NSCTOP.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...