Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Samedi 30 août 2008 - 13:21:51
- inscrits : 945480
- connectés : 33895
- questions/jour : 4657
- Taux de réponse : 81.14%
Comment supprimer tr/vundo.gen trojan Comment supprimer trojan.vundo How to remove tr/vundo.gen Impossible de supprimer trojan win32/vundo gen r avec windows defender? Infected trojan.generic.64484 Limpiar el tr/vundo.gen Soluution contre le virus tr/vundo.gen Tr vundo gen Tr/vundo.gen Tr/vundo.gen - trojan Tr/vundo.gen spyware doctor Trojan Trojan horse generic11.adc Trojan skintrim.gen!d Trojan vundo Trojan vundo.ay Trojan win32 vundo.gen Trojan win32/vundo.gen!p Trojan.dropper/gen Trojan.peed.gen Trojan.vundo.fhv Trojan:vundo.gen!p Trojan:win32/vundo.gen!h Trojan:win32/vundo.gen!h sur votre ordinateur. Trojan:win32/vundo.gen!x Vacina antivirus tr\vundo.gen.trojanPlus
Options Ils ont besoin de votre aide
- 13:21 clé wep (Jeux vidéos)
- 13:20 intenet ram et je sait pas pk que... (Internet)
- 13:20 Firefox et internet explorer... (Internet)
- 13:20 demande de reparation (Matériel/Hardware)
- 13:19 Zlob.P0rn.ad et Blaster/Sasser.variant (Windows)
- 13:19 plus de barre de son sur l'écran ... (Windows)
Liste des forumsAidez-lesStatistiquesRechercherCharte
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
bonjour
novice en la matiere,je n'arrive pas à me debarasser de ce "trojan"
au secours
merci d'avance
novice en la matiere,je n'arrive pas à me debarasser de ce "trojan"
au secours
merci d'avance
Salut
Télécharge ceci : Lien : hijackthis Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum. @+ **tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...** |
voici le rapport
Logfile of HijackThis v1.99.1 Scan saved at 22:52:00, on 23/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\MICROS~4\wcescomm.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10MT2.EXE C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE C:\DOCUME~1\LUDOLP~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Mémento.lnk = C:\quickenw\billmind.exe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - a840.g.akamai.net O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Gestion d'AcPreview) - file://C:\Program Files\AutoCAD LT 2000i Fra\AcPreview.ocx O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe |
re
ok, Télécharge VirtumundoBegone sur le bureau: http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe Double clique ensuite sur VirtumundoBeGone.exe et suis les instructions. Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le bureau dans ta prochaine réponse . Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale", c'est normal et attendu ensuite fais le 1/ et 2/ de ce lien stp : virus methode preliminaire de desinfection version fr @+ **tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...** |
rapport vbg.txt
[09/23/2006, 23:12:07] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\ludolph eric\Mes documents\internet\VirtumundoBeGone.exe" ) [09/23/2006, 23:12:12] - Detected System Information: [09/23/2006, 23:12:12] - Windows Version: 5.1.2600, Service Pack 2 [09/23/2006, 23:12:12] - Current Username: ludolph eric (Admin) [09/23/2006, 23:12:12] - Windows is in NORMAL mode. [09/23/2006, 23:12:12] - Searching for Browser Helper Objects: [09/23/2006, 23:12:12] - BHO 1: AutorunsDisabled () [09/23/2006, 23:12:12] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2006, 23:12:12] - No filename found. Continuing. [09/23/2006, 23:12:12] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2006, 23:12:12] - BHO 3: {375D9FE8-A7B2-4BFF-9B43-F5363202A34E} () [09/23/2006, 23:12:12] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2006, 23:12:12] - Checking for HKLM\...\Winlogon\Notify\awvvs [09/23/2006, 23:12:12] - Found: HKLM\...\Winlogon\Notify\awvvs - This is probably Virtumundo. [09/23/2006, 23:12:12] - Assigning {375D9FE8-A7B2-4BFF-9B43-F5363202A34E} MSEvents Object [09/23/2006, 23:12:12] - BHO list has been changed! Starting over... [09/23/2006, 23:12:12] - BHO 1: AutorunsDisabled () [09/23/2006, 23:12:12] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2006, 23:12:12] - No filename found. Continuing. [09/23/2006, 23:12:12] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2006, 23:12:13] - BHO 3: {375D9FE8-A7B2-4BFF-9B43-F5363202A34E} (MSEvents Object) [09/23/2006, 23:12:13] - ALERT: Found MSEvents Object! [09/23/2006, 23:12:13] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} () [09/23/2006, 23:12:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2006, 23:12:13] - Checking for HKLM\...\Winlogon\Notify\SDHelper [09/23/2006, 23:12:13] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing. [09/23/2006, 23:12:13] - BHO 5: {9ECB9560-04F9-4bbc-943D-298DDF1699E1} (CNisExtBho Class) [09/23/2006, 23:12:13] - BHO 6: {BDF3E430-B101-42AD-A544-FADC6B084872} (CNavExtBho Class) [09/23/2006, 23:12:13] - Finished Searching Browser Helper Objects [09/23/2006, 23:12:13] - *** Detected MSEvents Object [09/23/2006, 23:12:13] - Trying to remove MSEvents Object... [09/23/2006, 23:12:14] - Terminating Process: IEXPLORE.EXE [09/23/2006, 23:12:14] - Terminating Process: RUNDLL32.EXE [09/23/2006, 23:12:14] - Disabling Automatic Shell Restart [09/23/2006, 23:12:14] - Terminating Process: EXPLORER.EXE [09/23/2006, 23:12:15] - Suspending the NT Session Manager System Service [09/23/2006, 23:12:15] - Terminating Windows NT Logon/Logoff Manager [09/23/2006, 23:12:15] - Re-enabling Automatic Shell Restart [09/23/2006, 23:12:15] - File to disable: C:\WINDOWS\system32\awvvs.dll [09/23/2006, 23:12:15] - Renaming C:\WINDOWS\system32\awvvs.dll -> C:\WINDOWS\system32\awvvs.dll.vir [09/23/2006, 23:12:15] - File successfully renamed! [09/23/2006, 23:12:15] - Removing HKLM\...\Browser Helper Objects\{375D9FE8-A7B2-4BFF-9B43-F5363202A34E} [09/23/2006, 23:12:15] - Removing HKCR\CLSID\{375D9FE8-A7B2-4BFF-9B43-F5363202A34E} [09/23/2006, 23:12:15] - Adding Kill Bit for ActiveX for GUID: {375D9FE8-A7B2-4BFF-9B43-F5363202A34E} [09/23/2006, 23:12:15] - Deleting ATLEvents/MSEvents Registry entries [09/23/2006, 23:12:15] - Removing HKLM\...\Winlogon\Notify\awvvs [09/23/2006, 23:12:15] - Searching for Browser Helper Objects: [09/23/2006, 23:12:15] - BHO 1: AutorunsDisabled () [09/23/2006, 23:12:15] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2006, 23:12:15] - No filename found. Continuing. [09/23/2006, 23:12:15] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2006, 23:12:15] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} () [09/23/2006, 23:12:15] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2006, 23:12:15] - Checking for HKLM\...\Winlogon\Notify\SDHelper [09/23/2006, 23:12:15] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing. [09/23/2006, 23:12:15] - BHO 4: {9ECB9560-04F9-4bbc-943D-298DDF1699E1} (CNisExtBho Class) [09/23/2006, 23:12:15] - BHO 5: {BDF3E430-B101-42AD-A544-FADC6B084872} (CNavExtBho Class) [09/23/2006, 23:12:15] - Finished Searching Browser Helper Objects [09/23/2006, 23:12:15] - Finishing up... [09/23/2006, 23:12:15] - A restart is needed. [09/23/2006, 23:12:18] - Attempting to Restart via STOP error (Blue Screen!) je n'est pas eu "erreur fatale" |
voici le nouveau rapport de hijackthis
Logfile of HijackThis v1.99.1 Scan saved at 23:19:50, on 23/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\MICROS~4\wcescomm.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe C:\DOCUME~1\LUDOLP~1\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Mémento.lnk = C:\quickenw\billmind.exe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - a840.g.akamai.net O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Gestion d'AcPreview) - file://C:\Program Files\AutoCAD LT 2000i Fra\AcPreview.ocx O20 - Winlogon Notify: AutorunsDisabled - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O20 - Winlogon Notify: wineak32 - wineak32.dll (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe |
re
fais le suite ( cf poste 2 ) ++ **tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...** |
dejas fait ? (cf poste 5) |
lol
fais le 1/ et 2/ de ce lien stp : virus methode preliminaire de desinfection version fr et postes les rapports @+ **tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...** |
excuse moi, j'ai raté un bout
je procede et fait suivre desole |
rapport de ewido
+ Created at: 00:48:09 24/09/2006 + Scan result: C:\WINDOWS\system32\ismini.exe -> Downloader.Zlob.xy : No action taken. D:\tranfert vieux pc\INTERNET\ptitsex.zip/ptitsex.exe -> Not-A-Virus.BadJoke.Win32.Baton.a : No action taken. C:\Documents and Settings\ludolph eric\Mes documents\internet\SystemDoctor2006FreeInstall_fr.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@2o7[2].txt -> TrackingCookie.2o7 : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@adtech[2].txt -> TrackingCookie.Adtech : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@estat[1].txt -> TrackingCookie.Estat : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken. C:\Documents and Settings\ludolph eric\Cookies\ludolph eric@weborama[2].txt -> TrackingCookie.Weborama : No action taken. ::Report end j'ai fait delete ? |
oui : il faut refaire le scan et regler ewido sur deleted !
++ **tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...** |
probleme bitdefender n'a pas donner de rapport |
nouveau scan de ewido
ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 09:07:22 24/09/2006 + Scan result: D:\tranfert vieux pc\INTERNET\ptitsex.zip/ptitsex.exe -> Not-A-Virus.BadJoke.Win32.Baton.a : No action taken. ::Report end |
scan bitdefender
BitDefender Online Scanner - Real Time Virus Report Generated at: Sun, Sep 24, 2006 - 11:15:48 -------------------------------------------------------------------------------- Scan Info Scanned Files 260841 Infected Files 4 Virus Detected Trojan.Starter.V 2 Trojan.Downloader.Istbar.NN 1 Adware.CyDoor 1 |
Salut
ok, # Télécharge ceci: (merci a S!RI pour ce petit programme). http://siri.urz.free.fr/Fix/SmitfraudFix.zip Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php il va générer un rapport : copie/colle le sur le poste stp. @+ **tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...** |
salut
SmitFraudFix v2.99 Rapport fait à 17:55:25,26, 24/09/2006 Executé à partir de C:\Documents and Settings\ludolph eric\Mes documents\internet\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ludolph eric\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LUDOLP~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin |
re
ok, poste un nouveau hijackthis stp @+ **tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...** |
Logfile of HijackThis v1.99.1
Scan saved at 18:54:04, on 24/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\MICROS~4\wcescomm.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\ludolph eric\Local Settings\Temp\wz1ab2\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Mémento.lnk = C:\quickenw\billmind.exe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a |