Posez votre question Signaler

Comment supprimer win32 trojan

celine - Dernière réponse le 24 avril 2014 à 02:56
bonjour
aprés un scan avec avast , il m'a détecter win32 trojan sur c:/WINDOW/SYSTEM/CD_CLINT.DLL
le problème est qu'il ne peut pas le mettre en quarantaine car il me dit que le fichier est utilisé par le système
comment dois je procédé merci d'avance pour votre aide
Lire la suite 
Réponse
+6
moins plus
Salut !

En premier lieu, assures-toi que ton anti-virus est mis à jour.

Ensuite, commence par redémarrer ton ordinateur en mode sans échec.
Pour ce faire, tu dois appuyer continuellement sur la touche F8 (pas trop vite, mais juste assez) jusqu'à ce qu'un écran te demande comment tu veux démarrer.
Tu choisis le mode "Sans échec".

Comme ça, ton ordinateur va démarrer avec juste le nécessaire pour son fonctionnement.
Scannes à nouveau ton ordinateur.
Ensuite, tu peux redémarrer normalement.

Reviens pour dire si ça a été suffisant !
ghariss2007 4Messages postés mercredi 7 janvier 2009Date d'inscription 29 juillet 2009Dernière intervention - 29 juil. 2009 à 02:19
essayé remove trojan 6.7.9 telecharger sur ce lien fait un mise a jour et commencer a supprimé les trojans et virus http://www.01net.com/...
bonne chance celine
Répondre
jean louis 37 1600Messages postés dimanche 1 août 2004Date d'inscription 14 avril 2007Dernière intervention jean louis 37 - 9 août 2005 à 17:57
RE
D'après ce qui est sur ce lien ,cest un fichier leurre de Kaaza
Recherche sur Google CD_Clint dll tu trouveras peut être plus d'info
http://forum.telecharger.01net.com/telecharger/virus_et_assimiles/trojan_et_spywares/spywarewin32cydoor-392104/messages-1.html
Répondre
raleuboleu 5037Messages postés mercredi 13 décembre 2006Date d'inscription 14 mars 2012Dernière intervention jean louis 37 - 14 juil. 2007 à 23:29
alu


si tu es certain (e) qu'il s'agit de baggle rends toi ici :

comment supprimer baggle

poste 1 rapport hijack stp ensuite

bizous
Répondre
dam59- 25 févr. 2011 à 12:24
merci j ai fait ce que ta dit et je me suis debaraser du cheval de trois
encore merci
Répondre
wellington- 7 nov. 2012 à 15:22
un grand merci a toi ghariss2007,
car grace a ce log j'ai pu virer 2 trojan de mon pc.
merci beaucoup ;) et vive l'entraide ;)
Répondre
Ajouter un commentaire
Réponse
+2
moins plus
Bonjour,
g moi ossi un trojan : Win 32 mé situé dans C:/Documents and Settings/rockmyroot/local settings/tempory internet/con......
est ce ossi un canular ou dois je m'en méfié g viré l dossier m&é mn antivirus me di k'il est tjr la et g utilisé le programme pr supprimé les baggles et il n'a rien trouvé
merci de me repondre au plus vite
Ajouter un commentaire
Réponse
+1
moins plus
kev-06200 ouvre un sujet a part stp
Ajouter un commentaire
Réponse
+0
moins plus
j'aimerai bien mais comment on fait ??
Ajouter un commentaire
Réponse
+0
moins plus
c bn c fé ds forum windows 3/11 si je ne te rep po desuite c ke je sré a un rallye
Ajouter un commentaire
Réponse
+0
moins plus
Je suis dépassée par les événements : 19 infections dont trojans et beagle ; n'étant pas très expérimentée dans le domaine de l'informa,
je serais bien heureuse que quelqu'un me donne une explication simple, dans la mesure du possible ; je n'ose plus télécharger quoi
que ce soit. Merci
Ajouter un commentaire
Réponse
+2
moins plus
salut, ne télécharge plus rien d'autre et fais ceci:

1) Clique ICI pour télécharger le fichier d'installation d'HijackThis :http://www.infos-du-net.com/telecharger/HijackThis,0301-454.html

Enregistre HJTInstall.exe sur ton bureau

Double-clique sur HJTInstall.exe pour lancer le programme

Par défaut, il s'installera là || C:\Program Files\Trend Micro\HijackThis

Accepte la license en cliquant sur le bouton "I Accept"

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

Colle le rapport que tu viens de copier sur ce forum

Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
math- 25 mai 2008 à 17:49
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.6.9.2533. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 17:13:34 25 mai 2008
Using Database v7005
Operating System: Windows XP SP2 [Windows XP Home Edition Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: D:\Documents and Settings\huby\Application Data\Simply Super Software\Trojan Remover\
Logfile directory: D:\Documents and Settings\huby\Mes documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges


**************************************************
The following Anti-Malware program(s) are loaded:
Nortons Anti-Virus

**************************************************


**************************************************
17:13:35: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS

**************************************************
17:13:36: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS

**************************************************
17:13:36: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

**************************************************
17:13:47: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1037312 bytes
Created: 16/08/2004
Modified: 13/06/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
25088 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
515584 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: IMJPMIG8.1
Value Data: "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
208952 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
--------------------
Value Name: PHIME2002ASync
Value Data: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
455168 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
--------------------
Value Name: PHIME2002A
Value Data: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
455168 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
--------------------
Value Name: VTTimer
Value Data: VTTimer.exe
C:\WINDOWS\system32\VTTimer.exe
53248 bytes
Created: 26/05/2006
Modified: 08/03/2005
Company: S3 Graphics, Inc.
--------------------
Value Name: VTTrayp
Value Data: VTtrayp.exe
C:\WINDOWS\system32\VTtrayp.exe
163840 bytes
Created: 26/05/2006
Modified: 01/11/2005
Company: S3 Graphics Co., Ltd.
--------------------
Value Name: SoundMan
Value Data: SOUNDMAN.EXE
C:\WINDOWS\SOUNDMAN.EXE
77824 bytes
Created: 26/05/2006
Modified: 20/01/2005
Company: Realtek Semiconductor Corp.
--------------------
Value Name: SunJavaUpdateSched
Value Data: C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
36975 bytes
Created: 26/05/2006
Modified: 03/06/2005
Company: Sun Microsystems, Inc.
--------------------
Value Name: Vade Retro Outlook Express
Value Data: "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
310272 bytes
Created: 26/05/2006
Modified: 04/10/2004
Company:
--------------------
Value Name: ccApp
Value Data: "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
53096 bytes
Created: 17/09/2005
Modified: 07/03/2008
Company: Symantec Corporation
--------------------
Value Name: PCMService
Value Data: "c:\APPS\Powercinema\PCMService.exe"
c:\APPS\Powercinema\PCMService.exe
147456 bytes
Created: 26/05/2006
Modified: 23/02/2006
Company: CyberLink Corp.
--------------------
Value Name: NvCplDaemon
Value Data: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
C:\WINDOWS\system32\NvCpl.dll
7700480 bytes
Created: 22/10/2006
Modified: 22/10/2006
Company: NVIDIA Corporation
--------------------
Value Name: nwiz
Value Data: nwiz.exe /install
C:\WINDOWS\system32\nwiz.exe
1622016 bytes
Created: 22/10/2006
Modified: 22/10/2006
Company:
--------------------
Value Name: NvMediaCenter
Value Data: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
C:\WINDOWS\system32\NvMcTray.dll
86016 bytes
Created: 22/10/2006
Modified: 22/10/2006
Company: NVIDIA Corporation
--------------------
Value Name: SystrayORAHSS
Value Data: "C:\Program Files\Orange\Systray\SystrayApp.exe"
C:\Program Files\Orange\Systray\SystrayApp.exe
94208 bytes
Created: 06/05/2008
Modified: 25/09/2007
Company: France Telecom SA
--------------------
Value Name: ORAHSSSessionManager
Value Data: C:\Program Files\Orange\SessionManager\SessionManager.exe
C:\Program Files\Orange\SessionManager\SessionManager.exe
102400 bytes
Created: 06/05/2008
Modified: 25/09/2007
Company: France Telecom SA
--------------------
Value Name: au
Value Data: C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\DealioAU.exe
591200 bytes
Created: 16/04/2008
Modified: 16/04/2008
Company: Vendio Services, Inc.
--------------------
Value Name: SearchSettings
Value Data: C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\SearchSettings.exe
985440 bytes
Created: 16/04/2008
Modified: 16/04/2008
Company: Vendio Services, Inc.
--------------------
Value Name: BitDefender Antiphishing Helper
Value Data: "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe
61440 bytes
Created: 09/10/2007
Modified: 09/10/2007
Company: BitDefender
--------------------
Value Name: BDAgent
Value Data: "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
360448 bytes
Created: 16/02/2008
Modified: 16/02/2008
Company: BitDefender S.R.L.
--------------------
Value Name: BM87df9fc1
Value Data: Rundll32.exe "C:\WINDOWS\system32\yheuayxx.dll",s
C:\WINDOWS\system32\yheuayxx.dll [file not found to scan]
--------------------
Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\qttask.exe" -atboottime
C:\Program Files\QuickTime\qttask.exe
98304 bytes
Created: 26/05/2006
Modified: 26/05/2006
Company: Apple Computer, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe
C:\Program Files\Trojan Remover\Trjscan.exe
877136 bytes
Created: 25/05/2008
Modified: 21/05/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: SmpcSys
Value Data: C:\APPS\SMP\SmpSys.exe
C:\APPS\SMP\SmpSys.exe
975360 bytes
Created: 17/11/2005
Modified: 17/11/2005
Company: Packard Bell BV
--------------------
Value Name: ctfmon.exe
Value Data: C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
15360 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
--------------------
Value Name: updateMgr
Value Data: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
313472 bytes
Created: 30/03/2006
Modified: 30/03/2006
Company: Adobe Systems Incorporated
--------------------
Value Name: MsnMsgr
Value Data: "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
5724184 bytes
Created: 18/10/2007
Modified: 18/10/2007
Company: Microsoft Corporation
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty

**************************************************
17:13:49: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------

**************************************************
17:13:49: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

**************************************************
17:14:10: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\WINDOWS\system32\logon.scr
C:\WINDOWS\system32\logon.scr
221696 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
--------------------

**************************************************
17:14:10: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----

**************************************************
17:14:15: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: AppMgmt
%SystemRoot%\System32\appmgmts.dll - file is globally excluded (file cannot be found)
--------------------
Key: scan
Path: C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll
C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll
135168 bytes
Created: 14/02/2008
Modified: 14/02/2008
Company: S.C. BitDefender S.R.L
--------------------

**************************************************
17:14:16: Scanning ----- SERVICES REGISTRY KEYS -----
Key: abp480n5
ImagePath: system32\DRIVERS\ABP480N5.SYS
C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
23552 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: adpu160m
ImagePath: system32\DRIVERS\adpu160m.sys
C:\WINDOWS\system32\DRIVERS\adpu160m.sys
101888 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: agpCPQ
ImagePath: system32\DRIVERS\agpCPQ.sys
C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
44928 bytes
Created: 16/08/2004
Modified: 03/08/2004
Company: Microsoft Corporation
----------
Key: Aha154x
ImagePath: system32\DRIVERS\aha154x.sys
C:\WINDOWS\system32\DRIVERS\aha154x.sys
12800 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: aic78u2
ImagePath: system32\DRIVERS\aic78u2.sys
C:\WINDOWS\system32\DRIVERS\aic78u2.sys
55168 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: aic78xx
ImagePath: system32\DRIVERS\aic78xx.sys
C:\WINDOWS\system32\DRIVERS\aic78xx.sys
56960 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: alim1541
ImagePath: system32\DRIVERS\alim1541.sys
C:\WINDOWS\system32\DRIVERS\alim1541.sys
42752 bytes
Created: 16/08/2004
Modified: 03/08/2004
Company: Microsoft Corporation
----------
Key: amdagp
ImagePath: system32\DRIVERS\amdagp.sys
C:\WINDOWS\system32\DRIVERS\amdagp.sys
43008 bytes
Created: 16/08/2004
Modified: 03/08/2004
Company: Advanced Micro Devices, Inc.
----------
Key: amsint
ImagePath: system32\DRIVERS\amsint.sys
C:\WINDOWS\system32\DRIVERS\amsint.sys
12032 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: AOL ACS
ImagePath: C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
1135728 bytes
Created: 26/05/2006
Modified: 08/04/2004
Company: America Online, Inc.
----------
Key: asc
ImagePath: system32\DRIVERS\asc.sys
C:\WINDOWS\system32\DRIVERS\asc.sys
26496 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Advanced System Products, Inc.
----------
Key: asc3350p
ImagePath: system32\DRIVERS\asc3350p.sys
C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22400 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: asc3550
ImagePath: system32\DRIVERS\asc3550.sys
C:\WINDOWS\system32\DRIVERS\asc3550.sys
14848 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Advanced System Products, Inc.
----------
Key: aspnet_state
ImagePath: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
32768 bytes
Created: 15/07/2004
Modified: 15/07/2004
Company: Microsoft Corporation
----------
Key: Bdfndisf
ImagePath: system32\DRIVERS\bdfndisf.sys
C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
85520 bytes
Created: 25/01/2008
Modified: 25/01/2008
Company: BitDefender SRL
----------
Key: bdfsfltr
ImagePath: s y s t e m 3 2 \ D R I V E R S \ b d f s f l t r . s y s
C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
85520 bytes
Created: 25/01/2008
Modified: 25/01/2008
Company: BitDefender SRL
----------
Key: bdftdif
ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
156688 bytes
Created: 25/01/2008
Modified: 25/01/2008
Company: BitDefender SRL
----------
Key: BDSelfPr
ImagePath: \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
8320 bytes
Created: 16/01/2008
Modified: 16/01/2008
Company: BitDefender S.R.L.
----------
Key: cbidf
ImagePath: system32\DRIVERS\cbidf2k.sys
C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
13952 bytes
Created: 17/08/2001
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: ccEvtMgr
ImagePath: "C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
191848 bytes
Created: 17/09/2005
Modified: 07/03/2008
Company: Symantec Corporation
----------
Key: ccISPwdSvc
ImagePath: "C:\Program Files\Norton Internet Security\ccPwdSvc.exe"
C:\Program Files\Norton Internet Security\ccPwdSvc.exe
72328 bytes
Created: 14/10/2005
Modified: 20/02/2007
Company: Symantec Corporation
----------
Key: ccProxy
ImagePath: "C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe"
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
202088 bytes
Created: 17/09/2005
Modified: 13/09/2007
Company: Symantec Corporation
----------
Key: ccSetMgr
ImagePath: "C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe"
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
169320 bytes
Created: 17/09/2005
Modified: 07/03/2008
Company: Symantec Corporation
----------
Key: cd20xrnt
ImagePath: system32\DRIVERS\cd20xrnt.sys
C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
7680 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: CLCapSvc
ImagePath: "c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe"
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
266338 bytes
Created: 26/05/2006
Modified: 23/02/2006
Company:
----------
Key: CLSched
ImagePath: "c:\APPS\Powercinema\Kernel\TV\CLSched.exe"
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
114784 bytes
Created: 26/05/2006
Modified: 23/02/2006
Company:
----------
Key: CmdIde
ImagePath: system32\DRIVERS\cmdide.sys
C:\WINDOWS\system32\DRIVERS\cmdide.sys
6656 bytes
Created: 16/08/2004
Modified: 23/08/2001
Company: CMD Technology, Inc.
----------
Key: comHost
ImagePath: "C:\Program Files\Norton Internet Security\comHost.exe"
C:\Program Files\Norton Internet Security\comHost.exe
45696 bytes
Created: 22/10/2005
Modified: 01/02/2007
Company: Symantec Corporation
----------
Key: Cpqarray
ImagePath: system32\DRIVERS\cpqarray.sys
C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14976 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: CyberLink Media Library Service
ImagePath: "c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe"
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
1073152 bytes
Created: 26/05/2006
Modified: 23/02/2006
Company: Cyberlink
----------
Key: dac2w2k
ImagePath: system32\DRIVERS\dac2w2k.sys
C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
179584 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Mylex Corporation
----------
Key: dac960nt
ImagePath: system32\DRIVERS\dac960nt.sys
C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14720 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: dpti2o
ImagePath: system32\DRIVERS\dpti2o.sys
C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20192 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: eeCtrl
ImagePath: \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys
C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys
385072 bytes
Created: 06/05/2008
Modified: 17/04/2008
Company: Symantec Corporation
----------
Key: EraserUtilRebootDrv
ImagePath: \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
109616 bytes
Created: 06/05/2008
Modified: 17/04/2008
Company: Symantec Corporation
----------
Key: FTRTSVC
ImagePath: "C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe"
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
65536 bytes
Created: 06/05/2008
Modified: 25/09/2007
Company: France Telecom SA
----------
Key: gagp30kx
ImagePath: system32\DRIVERS\gagp30kx.sys
C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
46464 bytes
Created: 26/05/2006
Modified: 03/08/2004
Company: Microsoft Corporation
----------
Key: GenericHidService
ImagePath: c:\APPS\HIDSERVICE\HIDSERVICE.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
49152 bytes
Created: 26/05/2006
Modified: 07/01/2005
Company:
----------
Key: hpn
ImagePath: system32\DRIVERS\hpn.sys
C:\WINDOWS\system32\DRIVERS\hpn.sys
25952 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: i2omp
ImagePath: system32\DRIVERS\i2omp.sys
C:\WINDOWS\system32\DRIVERS\i2omp.sys
18560 bytes
Created: 16/08/2004
Modified: 03/08/2004
Company: Microsoft Corporation
----------
Key: ini910u
ImagePath: system32\DRIVERS\ini910u.sys
C:\WINDOWS\system32\DRIVERS\ini910u.sys
16000 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: LIVESRV
ImagePath: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
1130496 bytes
Created: 08/02/2008
Modified: 08/02/2008
Company: BitDefender SRL
----------
Key: LiveUpdate
ImagePath: "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
2119360 bytes
Created: 06/05/2008
Modified: 03/08/2006
Company: Symantec Corporation
----------
Key: mraid35x
ImagePath: system32\DRIVERS\mraid35x.sys
C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17280 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: American Megatrends Inc.
----------
Key: navapsvc
ImagePath: "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
139888 bytes
Created: 07/10/2005
Modified: 28/05/2007
Company: Symantec Corporation
----------
Key: NAVENG
ImagePath: \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20080522.003\NAVENG.Sys
C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20080522.003\NAVENG.Sys
82256 bytes
Created: 22/05/2008
Modified: 17/04/2008
Company: Symantec Corporation
----------
Key: NAVEX15
ImagePath: \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20080522.003\NavEx15.Sys
C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20080522.003\NavEx15.Sys
895408 bytes
Created: 22/05/2008
Modified: 17/04/2008
Company: Symantec Corporation
----------
Key: NSCService
ImagePath: "C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE"
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
750720 bytes
Created: 24/09/2005
Modified: 15/12/2006
Company: Symantec Corporation
----------
Key: ose
ImagePath: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
89136 bytes
Created: 28/07/2003
Modified: 28/07/2003
Company: Microsoft Corporation
----------
Key: PCAMPR5
ImagePath: \??\C:\WINDOWS\system32\PCAMPR5.SYS
C:\WINDOWS\system32\PCAMPR5.SYS
34688 bytes
Created: 06/05/2008
Modified: 23/09/2003
Company: Printing Communications Assoc., Inc. (PCAUSA)
----------
Key: PCANDIS5
ImagePath: \??\C:\WINDOWS\system32\PCANDIS5.SYS
C:\WINDOWS\system32\PCANDIS5.SYS
32128 bytes
Created: 06/05/2008
Modified: 01/03/2006
Company: Printing Communications Assoc., Inc. (PCAUSA)
----------
Key: perc2
ImagePath: system32\DRIVERS\perc2.sys
C:\WINDOWS\system32\DRIVERS\perc2.sys
27296 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: perc2hib
ImagePath: system32\DRIVERS\perc2hib.sys
C:\WINDOWS\system32\DRIVERS\perc2hib.sys
5504 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: Planificateur LiveUpdate automatique
ImagePath: "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
100032 bytes
Created: 06/05/2008
Modified: 03/08/2006
Company: Symantec Corporation
----------
Key: Profos
ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys
C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys
12800 bytes
Created: 12/07/2007
Modified: 12/07/2007
Company:
----------
Key: ql1080
ImagePath: system32\DRIVERS\ql1080.sys
C:\WINDOWS\system32\DRIVERS\ql1080.sys
40320 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: QLogic Corporation
----------
Key: Ql10wnt
ImagePath: system32\DRIVERS\ql10wnt.sys
C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
33152 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: ql12160
ImagePath: system32\DRIVERS\ql12160.sys
C:\WINDOWS\system32\DRIVERS\ql12160.sys
45312 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: QLogic Corporation
----------
Key: ql1240
ImagePath: system32\DRIVERS\ql1240.sys
C:\WINDOWS\system32\DRIVERS\ql1240.sys
40448 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Microsoft Corporation
----------
Key: ql1280
ImagePath: system32\DRIVERS\ql1280.sys
C:\WINDOWS\system32\DRIVERS\ql1280.sys
49024 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: QLogic Corporation
----------
Key: RTL8023xp
ImagePath: system32\DRIVERS\Rtlnicxp.sys
C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
70912 bytes
Created: 02/12/2004
Modified: 02/12/2004
Company: Realtek Semiconductor Corporation
----------
Key: SAVRT
ImagePath: \??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS
334984 bytes
Created: 26/08/2005
Modified: 26/08/2005
Company: Symantec Corporation
----------
Key: SAVRTPEL
ImagePath: \??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS
53896 bytes
Created: 26/08/2005
Modified: 26/08/2005
Company: Symantec Corporation
----------
Key: SAVScan
ImagePath: "C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe"
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
198368 bytes
Created: 26/08/2005
Modified: 26/08/2005
Company: Symantec Corporation
----------
Key: SNDSrvc
ImagePath: "C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe"
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
214408 bytes
Created: 01/10/2007
Modified: 01/10/2007
Company: Symantec Corporation
----------
Key: Sparrow
ImagePath: system32\DRIVERS\sparrow.sys
C:\WINDOWS\system32\DRIVERS\sparrow.sys
19072 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Adaptec, Inc.
----------
Key: SPBBCDrv
ImagePath: \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys
389728 bytes
Created: 15/09/2005
Modified: 15/09/2005
Company: Symantec Corporation
----------
Key: SPBBCSvc
ImagePath: "C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe"
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
1160800 bytes
Created: 15/09/2005
Modified: 15/09/2005
Company: Symantec Corporation
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{4F20079B-9003-46EB-AFC3-0037ECFBBC7A}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 16/08/2004
Modified: 05/08/2004
Company: Microsoft Corporation
----------
Key: Symantec Core LC
ImagePath: "C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe"
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
1251720 bytes
Created: 26/05/2006
Modified: 06/05/2008
Company:
----------
Key: symc810
ImagePath: system32\DRIVERS\symc810.sys
C:\WINDOWS\system32\DRIVERS\symc810.sys
16256 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Symbios Logic Inc.
----------
Key: symc8xx
ImagePath: system32\DRIVERS\symc8xx.sys
C:\WINDOWS\system32\DRIVERS\symc8xx.sys
32640 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: LSI Logic
----------
Key: SYMDNS
ImagePath: \SystemRoot\System32\Drivers\SYMDNS.SYS
C:\WINDOWS\System32\Drivers\SYMDNS.SYS
12680 bytes
Created: 01/10/2007
Modified: 01/10/2007
Company: Symantec Corporation
----------
Key: SymEvent
ImagePath: \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
123952 bytes
Created: 26/05/2006
Modified: 06/05/2008
Company: Symantec Corporation
----------
Key: SYMFW
ImagePath: \SystemRoot\System32\Drivers\SYMFW.SYS
C:\WINDOWS\System32\Drivers\SYMFW.SYS
98184 bytes
Created: 01/10/2007
Modified: 01/10/2007
Company: Symantec Corporation
----------
Key: SYMIDS
ImagePath: \SystemRoot\System32\Drivers\SYMIDS.SYS
C:\WINDOWS\System32\Drivers\SYMIDS.SYS
31624 bytes
Created: 01/10/2007
Modified: 01/10/2007
Company: Symantec Corporation
----------
Key: SYMIDSCO
ImagePath: \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20080521.001\symidsco.sys
C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20080521.001\symidsco.sys
240496 bytes
Created: 22/05/2008
Modified: 04/04/2008
Company: Symantec Corporation
----------
Key: symlcbrd
ImagePath: \??\C:\WINDOWS\system32\drivers\symlcbrd.sys
C:\WINDOWS\system32\drivers\symlcbrd.sys
10344 bytes
Created: 26/05/2006
Modified: 26/05/2006
Company: Symantec Corporation
----------
Key: SYMNDIS
ImagePath: \SystemRoot\System32\Drivers\SYMNDIS.SYS
C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
28040 bytes
Created: 01/10/2007
Modified: 01/10/2007
Company: Symantec Corporation
----------
Key: SYMREDRV
ImagePath: \SystemRoot\System32\Drivers\SYMREDRV.SYS
C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
23944 bytes
Created: 01/10/2007
Modified: 01/10/2007
Company: Symantec Corporation
----------
Key: SYMTDI
ImagePath: \SystemRoot\System32\Drivers\SYMTDI.SYS
C:\WINDOWS\System32\Drivers\SYMTDI.SYS
189320 bytes
Created: 01/10/2007
Modified: 01/10/2007
Company: Symantec Corporation
----------
Key: sym_hi
ImagePath: system32\DRIVERS\sym_hi.sys
C:\WINDOWS\system32\DRIVERS\sym_hi.sys
28384 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: LSI Logic
----------
Key: sym_u3
ImagePath: system32\DRIVERS\sym_u3.sys
C:\WINDOWS\system32\DRIVERS\sym_u3.sys
30688 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: LSI Logic
----------
Key: TosIde
ImagePath: system32\DRIVERS\toside.sys
C:\WINDOWS\system32\DRIVERS\toside.sys
4992 bytes
Created: 16/08/2004
Modified: 23/08/2001
Company: Microsoft Corporation
----------
Key: Trufos
ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys
C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys
36736 bytes
Created: 10/07/2007
Modified: 10/07/2007
Company:
----------
Key: ultra
ImagePath: system32\DRIVERS\ultra.sys
C:\WINDOWS\system32\DRIVERS\ultra.sys
36736 bytes
Created: 16/08/2004
Modified: 17/08/2001
Company: Promise Technology, Inc.
----------
Key: usnjsvc
ImagePath: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
C:\Program Files\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18/10/2007
Modified: 18/10/2007
Company: Microsoft Corporation
----------
Key: Via4in1
ImagePath: \??\C:\Via4in1.sys
C:\Via4in1.sys [file not found to scan]
----------
Key: viaagp
ImagePath: system32\DRIVERS\viaagp.sys
C:\WINDOWS\system32\DRIVERS\viaagp.sys
42240 bytes
Created: 16/08/2004
Modified: 03/08/2004
Company: Microsoft Corporation
----------
Key: viaagp1
ImagePath: system32\DRIVERS\viaagp1.sys
C:\WINDOWS\system32\DRIVERS\viaagp1.sys
27904 bytes
Created: 26/05/2006
Modified: 02/07/2003
Company: VIA Technologies, Inc.
----------
Key: VSSERV
ImagePath: "C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
1216512 bytes
Created: 25/02/2008
Modified: 25/02/2008
Company: BitDefender S.R.L.
----------
Key: WLSetupSvc
ImagePath: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25/10/2007
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: XCOMM
ImagePath: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
86016 bytes
Created: 27/11/2007
Modified: 27/11/2007
Company: BitDefender
----------

**************************************************
17:14:37: Scanning -----VXD ENTRIES-----

**************************************************
17:14:37: Scanning ----- WINLOGON\NOTIFY DLLS -----

**************************************************
17:14:37: Scanning ----- CONTEXTMENUHANDLERS -----
Key: Symantec.Norton.Antivirus.IEContextMenu
CLSID: {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
Path: C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
140912 bytes
Created: 11/10/2005
Modified: 07/06/2007
Company: Symantec Corporation
----------
Key: {D653647D-D607-4df6-A5B8-48D2BA195F7B}
Path: C:\Program Files\BitDefender\BitDefender 2008\bdshelxt.dll
C:\Program Files\BitDefender\BitDefender 2008\bdshelxt.dll
155648 bytes
Created: 14/12/2007
Modified: 14/12/2007
Company: BitDefender S.R.L
----------

**************************************************
17:14:37: Scanning ----- FOLDER\COLUMNHANDLERS -----

**************************************************
17:14:37: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {1FFF1119-E11A-42D4-8669-E6D9CD383AC7}
BHO: C:\WINDOWS\system32\pmnkHApM.dll
C:\WINDOWS\system32\pmnkHApM.dll [file not found to scan]
----------
Key: {6A87B991-A31F-4130-AE72-6D0C294BF082}
BHO: C:\Program Files\Dealio\kb127\Dealio.dll
C:\Program Files\Dealio\kb127\Dealio.dll
3167584 bytes
Created: 16/04/2008
Modified: 16/04/2008
Company: Vendio Services, Inc.
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
328752 bytes
Created: 20/09/2007
Modified: 20/09/2007
Company: Microsoft Corporation
----------
Key: {9ECB9560-04F9-4bbc-943D-298DDF1699E1}
BHO: C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
94336 bytes
Created: 22/10/2005
Modified: 22/10/2005
Company: Symantec Corporation
----------
Key: {A8F38D8D-E480-4D52-B7A2-731BB6995FDD}
BHO: C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
140912 bytes
Created: 11/10/2005
Modified: 07/06/2007
Company: Symantec Corporation
----------

**************************************************
17:14:53: Scanning ----- SHELLSERVICEOBJECTS -----
Key: WPDShServiceObj
CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Path: C:\WINDOWS\system32\WPDShServiceObj.dll
C:\WINDOWS\system32\WPDShServiceObj.dll
133632 bytes
Created: 18/10/2006
Modified: 18/10/2006
Company: Microsoft Corporation
----------

**************************************************
17:15:01: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

**************************************************
17:15:02: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

**************************************************
17:15:02: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank

**************************************************
17:15:05: Scanning ----- SECURITY PROVIDER DLLS -----

**************************************************
17:15:12: Scanning ------ COMMON STARTUP GROUP ------
[D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
The Common Startup Group attempts to load the following file(s) at boot time:
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
-HS- 84 bytes
Created: 11/07/2006
Modified: 17/08/2004
Company:
--------------------
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
29696 bytes
Created: 23/04/2008
Modified: 23/04/2008
Company: Adobe Systems Incorporated
Lancement rapide d'Adobe Reader.lnk - links to C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
--------------------

**************************************************
No User Startup Groups were located to check

**************************************************
17:15:12: Scanning ----- SCHEDULED TASKS -----
Taskname: Configurer mon PC.job
File: C:\Apps\SMP\PCSETUP.EXE
C:\Apps\SMP\PCSETUP.EXE
1422848 bytes
Created: 17/11/2005
Modified: 17/11/2005
Company: Packard Bell BV
Parameters: /REM
Next Run Time: 25/05/2008 17:30:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: math
Comments: [blank]
----------
Taskname: Extension de garantie.job
File: C:\APPS\SMP\PBCARNOT.EXE
C:\APPS\SMP\PBCARNOT.EXE
421888 bytes
Created: 09/11/2005
Modified: 09/11/2005
Company: Packard Bell BV
Parameters: [blank]
Next Run Time: 25/05/2008 17:30:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: huby
Comments: [blank]
----------
Taskname: Master CD_DVD Creator.job
File: C:\Apps\SMP\MCDCHECK.EXE
C:\Apps\SMP\MCDCHECK.EXE
422912 bytes
Created: 08/11/2005
Modified: 08/11/2005
Company: Packard Bell BV
Parameters: [blank]
Next Run Time: 25/05/2008 17:30:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: huby
Comments: [blank]
----------
Taskname: Norton AntiVirus - Effectuer une analyse complète du système - huby.job
File: C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
173680 bytes
Created: 07/10/2005
Modified: 28/05/2007
Company: Symantec Corporation
Parameters: /TASK:"D:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"
Next Run Time: 30/05/2008 20:00:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: huby
Comments: Il s'agit d'une tâche de programmation d'analyse de Norton AntiVirus.
----------

**************************************************
17:15:13: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
==============================
Restrictive Windows Explorer Policies found in force on this computer:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value: SHOWALL\"CheckedValue"
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value: ForceActiveDesktopOn
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
Value: NoEditingComponents
All Policy Values listed have been removed
==============================
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: D:\Documents and Settings\huby\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
D:\Documents and Settings\huby\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
14745654 bytes
Created: 06/05/2008
Modified: 10/05/2008
Company:
----------
Web Desktop Wallpaper: %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
D:\Documents and Settings\huby\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
14745654 bytes
Created: 06/05/2008
Modified: 10/05/2008
Company:
----------
Checking autorun.inf in D:\
D:\autorun.inf open entry: [pa39xth.cmd]
----------
--------------------
Additional file checks completed

**************************************************
17:16:11: Scanning ----- RUNNING PROCESSES -----

C:\WINDOWS\System32\smss.exe
--------------------
C:\WINDOWS\system32\csrss.exe
--------------------
C:\WINDOWS\system32\winlogon.exe
--------------------
C:\WINDOWS\system32\services.exe
--------------------
C:\WINDOWS\system32\lsass.exe
--------------------
C:\WINDOWS\system32\svchost.exe
--------------------
C:\WINDOWS\system32\svchost.exe
--------------------
C:\WINDOWS\System32\svchost.exe
--------------------
C:\WINDOWS\system32\svchost.exe
--------------------
C:\WINDOWS\system32\svchost.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
--------------------
C:\WINDOWS\system32\spoolsv.exe
--------------------
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
--------------------
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
--------------------
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
--------------------
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
--------------------
c:\APPS\HIDSERVICE\HIDSERVICE.exe
--------------------
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
--------------------
C:\WINDOWS\system32\nvsvc32.exe
--------------------
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
--------------------
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
--------------------
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
--------------------
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
--------------------
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
--------------------
C:\WINDOWS\System32\svchost.exe
--------------------
C:\WINDOWS\System32\alg.exe
--------------------
C:\WINDOWS\Explorer.EXE
--------------------
C:\WINDOWS\system32\ctfmon.exe
--------------------
C:\WINDOWS\system32\VTTimer.exe
--------------------
C:\WINDOWS\SOUNDMAN.EXE
--------------------
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
--------------------
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
--------------------
C:\APPS\Powercinema\PCMService.exe
--------------------
C:\WINDOWS\system32\RUNDLL32.EXE
--------------------
C:\Program Files\Orange\Systray\SystrayApp.exe
--------------------
C:\Program Files\Search Settings\SearchSettings.exe
--------------------
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
--------------------
C:\Program Files\QuickTime\qttask.exe
--------------------
C:\Program Files\Orange\Launcher\Launcher.exe
--------------------
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
--------------------
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
--------------------
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
--------------------
C:\Program Files\Orange\connectivity\connectivitymanager.exe
--------------------
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
--------------------
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
--------------------
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
--------------------
C:\WINDOWS\system32\wbem\wmiprvse.exe
--------------------
D:\Documents and Settings\huby\Local Settings\Temporary Internet Files\Content.IE5\7YMRR6V3\VundoFix[1].exe
--------------------
D:\Documents and Settings\huby\Application Data\Simply Super Software\Trojan Remover\jpb3A0D.exe
FileSize: 2482752
[This is a Trojan Remover component]
--------------------
--------------------

**************************************************
17:16:31: Checking AUTOEXEC.NT file
AUTOEXEC.NT found in C:\WINDOWS\system32
No malicious entries were found in the AUTOEXEC.NT file

**************************************************
17:16:41: Checking HOSTS file
No malicious entries were found in the HOSTS file

**************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.google.fr/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

**************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 17:16:41 25 mai 2008
************************************************************
Répondre
lomex- 10 juin 2009 à 21:05
Logfile of HijackThis v1.99.1
Scan saved at 21:02:15, on 10/06/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\documents and settings\lio\local settings\application data\aiiqe.exe
C:\WINDOWS\memngr.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Data Serivce] memngr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [aiiqe] "c:\documents and settings\lio\local settings\application data\aiiqe.exe" aiiqe
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Répondre
kevinteka- 10 oct. 2009 à 19:04
salut!

Mes amis est ce possible que vous m'aident a trouvé la solution sur la désactivation du code de bios, ma machine n'affiche plu est il y a même pas moyen d'installer un nouveau système d'exploitation
Répondre
KHAIRO- 24 juin 2013 à 17:46
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:54:09, on 24/06/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\WinMover\WinMover.exe
C:\Skype11\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\adblock.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,,C:\Program Files\PKXTJRte\qhfoymta.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QT Lite\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [WinMover] "C:\Program Files\WinMover\WinMover.exe" /q
O4 - HKCU\..\Run: [Skype] "C:\Skype11\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Viber] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [0bbfe31787274bc3] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\tstva\tstva.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED488F36-5226-4A57-8DA5-EE2682E268F7}: NameServer = 192.168.1.1
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: BannerBlocker2 - Unknown owner - C:\WINDOWS\system32\adblock.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: VirtualManager - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1363431731.exe (file missing)
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
Répondre
Quelqu'un- 24 avril 2014 à 02:56
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:55:52, on 24/04/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)

FIREFOX: 29.0 (en-US)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\HP\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.1startpage.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.1startpage.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.1startpage.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion au compte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [nProtect GameGuard Personal 3.0] C:\Program Files (x86)\INCAInternet\nProtect GameGuard Personal 3.0\nspmain.exe -tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\HP\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe"/autoRun (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe"/autoRun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AdvancedSystemCareAntivirus (ASCAntivirusSrv) - IOBit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: nProtect GameGuard Personal 3.0 Service (NSPService) - INCA Internet Co., Ltd. - C:\Windows\SysWOW64\INCAinternet\nProtect GameGuard Personal 3.0\nspsvc.exe
O23 - Service: nProtect GameGuard Personal 3.0 Update Service (NSPUpdateService) - INCA Internet Co.,Ltd. - C:\Windows\SysWOW64\INCAinternet\nProtect GameGuard Personal 3.0\nspupsvc.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
Répondre
Ajouter un commentaire
Réponse
+5
moins plus
Merci JFKPrésident , je vais me mettre au travail et te tiens au courant. Bon dimanche!
Ajouter un commentaire
Réponse
+0
moins plus
ceci est le post de céline !!

pour leonor et les autres : créé ton propre message afin qu'on puisse t'aider STP MERCI !
procede comme suit:http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm
Ajouter un commentaire
Réponse
+0
moins plus
++++ ta les yeuxxxxxxxxx qui suivent ^^ bonne suite !!! galere mais entre de bonnes mains donc oualaaaaaaa

biz a vous
Ajouter un commentaire
Réponse
+0
moins plus
salut je me permet de "m'incruster" car j'ais exactement le meme probleme ... et j'ai fais l'analyse HijackThis et voila le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:32:00, on 26/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\PSCS\data\sysmon32.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\PSCS\data\symserv.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\pestpatrol5.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsavgui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\Annick\LOCALS~1\Temp\Rar$EX22.532\HijackThis.exe
C:\Documents and Settings\Annick\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Sotfone Tracker Class - {10C52A42-DB8B-4ade-AA4A-CED6A8282B85} - C:\Program Files\Sotfone\1201626519.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - C:\Program Files\Video Add-on\isfmdl.dll (file missing)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8685CC} - C:\Program Files\Helper\1201626514.dll
O3 - Toolbar: IE Custom Tools - {8113B5DE-F7EB-4154-A311-497FB80D8BD0} - C:\Program Files\Video Add-on\ictmdl.dll (file missing)
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [symreg] C:\WINDOWS\system32\symreg.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\RunOnce: [eISS_licreg] "C:\Program Files\CA\eTrust Internet Security Suite\licreg.exe" /s
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\msagent" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU')
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.freeietool.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.freeietool.com/redirect.php (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Ajouter un commentaire
Réponse
+0
moins plus
salut tu devrait poster ton propre sujet !!! ca aide vu que l'on demande pas a tous les meme choses et les rapports a plusieurs ca devient 1 vri brodel

poste ton propre sujet stp et on vient a ta rescousse

bizz
Ajouter un commentaire
Réponse
+0
moins plus
pour kiscool:créé ton propre message afin qu'on puisse t'aider STP MERCI !
procede comme suit:http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

salut raleboleu ;;))))
raleuboleu 5037Messages postés mercredi 13 décembre 2006Date d'inscription 14 mars 2012Dernière intervention - 26 févr. 2008 à 23:24
hello JFK

bien ou bien?
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
saluu tout le monde moi mon anti-virus avast ma detecte un trojan et des que jle met en quarentaine il me fait imposible de scanner se fichier ou chai pas koi merci de bien me vouloir m aidez
Ajouter un commentaire
Réponse
+0
moins plus
Ajouter un commentaire
Réponse
+0
moins plus
pour ibrahim:créé ton propre message afin qu'on puisse t'aider STP MERCI !
procede comme suit:http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm
Ajouter un commentaire
Réponse
+0
moins plus
gege 300 :créé ton propre message afin qu'on puisse t'aider STP MERCI !
procede comme suit:http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm
Ajouter un commentaire
Réponse
+0
moins plus
Logfile of HijackThis v1.99.1
Scan saved at 17:52:23, on 14/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\VMware\VMware Player\vmware-authd.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\VMware\VMware Player\hqtray.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\uTorrent\utorrent.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Erwin\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = XP Ultimate Edition 3.0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\LibreSystem\strpmon.exe" dm=http://libresystem.com ad=http://libresystem.com sd=http://repay.libresystem.com
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [Real Desktop] "C:\Program Files\Real Desktop\Real Desktop.exe"
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: µTorrent.lnk = C:\Program Files\uTorrent\utorrent.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
valentin- 12 janv. 2011 à 06:53
salut comment suprimmer trojan a chaque fois que je suprimme parfois il revien en quelque seconde
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:45, on 18/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\explorer.exe
C:\Users\camille\Desktop\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\camille\Desktop\HiJackThis(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
lila- 17 déc. 2011 à 02:02
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:59:08, on 16/12/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\BrowserCompanion\BCHelper.exe
C:\Users\COUCHY\AppData\Local\Linkury\Application\Linkury.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\COUCHY\AppData\Roaming\Microsoft\Windows\Templates\O17171Z\service.exe
C:\Users\COUCHY\AppData\Roaming\Microsoft\Windows\Templates\O17171Z\winlogon.exe
C:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\COUCHY\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=38cad55a0000000000000aeee6dc7c54&tlver=1.4.19.19&affID=17159
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Messenger Plus! Community SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbinte.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMess.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbinte.dll
O3 - Toolbar: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMess.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus! Community Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /S=7
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [jaihaeq] C:\Users\COUCHY\jaihaeq.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\COUCHY\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [T1702622TT4] C:\windows\system32\56273280417l.exe
O4 - HKCU\..\Run: [T1TT4] \l.exe
O4 - HKCU\..\Run: [Linkury Chrome Smartbar] C:\Users\COUCHY\AppData\Local\Linkury\Application\Linkury.exe startup
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\COUCHY\AppData\Local\Temp\cce98E2.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: traduire la page - C:\Users\COUCHY\AppData\Local\Temp\cce9892.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\COUCHY\AppData\Local\Temp\cce98C2.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
j'ai un problème de trojan je n'arrive aps a le supprimer
Ajouter un commentaire
Ce document intitulé «  comment supprimer win32 trojan  » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.

Vous n'êtes pas encore membre ?

inscrivez-vous, c'est gratuit et ça prend moins d'une minute !

Les membres obtiennent plus de réponses que les utilisateurs anonymes.

Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes.

Le fait d'être membre vous permet d'avoir des options supplémentaires.