Infecté coolwebsearch
Fermé
chatbus
Messages postés
23
Date d'inscription
samedi 17 mars 2007
Statut
Membre
Dernière intervention
21 avril 2007
-
21 avril 2007 à 21:41
chatbus Messages postés 23 Date d'inscription samedi 17 mars 2007 Statut Membre Dernière intervention 21 avril 2007 - 21 avril 2007 à 21:58
chatbus Messages postés 23 Date d'inscription samedi 17 mars 2007 Statut Membre Dernière intervention 21 avril 2007 - 21 avril 2007 à 21:58
A voir également:
- Infecté coolwebsearch
- L'ordinateur de simon a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? - Forum Jeux vidéo
- L'ordinateur de samantha a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? - Forum Antivirus
- Infecte par un virus - Forum Virus
- Simon - Forum Cinéma / Télé
- L'ordinateur d'arthur a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? ✓ - Forum Virus
2 réponses
papyber
Messages postés
6406
Date d'inscription
samedi 24 mars 2007
Statut
Contributeur sécurité
Dernière intervention
3 octobre 2010
257
21 avril 2007 à 21:58
21 avril 2007 à 21:58
poste un rapport hijack this
chatbus
Messages postés
23
Date d'inscription
samedi 17 mars 2007
Statut
Membre
Dernière intervention
21 avril 2007
21 avril 2007 à 21:58
21 avril 2007 à 21:58
re, j'ai passé cwshredder qui ne trouve rien:
**** Run Keys ****
RUN: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
RUN: [SkyTel] SkyTel.EXE
RUN: [RTHDCPL] RTHDCPL.EXE
RUN: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
RUN: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
RUN: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
RUN: [LaunchApp] Alaunch
RUN: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
RUN: [ehTray] C:\WINDOWS\ehome\ehtray.exe
RUN: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
RUN: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
RUN: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
RUN: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
RUN: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
RUN: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
RUN: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
RUN: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
RUN: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
**** Browser Helper Objects ****
BHO: [Yahoo! Toolbar Helper] C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: [Adobe PDF Reader Link Helper] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [] C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: [SSVHelper Class] C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
BHO: [Windows Live Sign-in Helper] C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: [Google Toolbar Helper] c:\program files\google\googletoolbar3.dll
BHO: [Windows Live Toolbar Helper] C:\Program Files\Windows Live Toolbar\msntb.dll
**** IE Toolbars ****
TOOLBAR: [Acer eDataSecurity Management] C:\WINDOWS\system32\eDStoolbar.dll
TOOLBAR: [Acer eDataSecurity Management] C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
TOOLBAR: [&Google] c:\program files\google\googletoolbar3.dll
TOOLBAR: [Windows Live Toolbar] C:\Program Files\Windows Live Toolbar\msntb.dll
**** IE Extensions ****
IEExt: [Web Browser Applet Control] C:\WINDOWS\system32\msjava.dll
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
IEBypass: 127.0.0.1
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
**** IE Context Menu (Right click) ****
IEContext: [&Windows Live Search] res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
IEContext: [Add to Windows &Live Favorites] https://onedrive.live.com/?id=favorites
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E512708-7B85-4350-8A4D-B0D450642C8E}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E512708-7B85-4350-8A4D-B0D450642C8E}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{091EF976-1DD5-49B0-AD04-4FB6843A84C9}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{091EF976-1DD5-49B0-AD04-4FB6843A84C9}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA950E1C-050D-4669-8FAC-20498700CB20}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA950E1C-050D-4669-8FAC-20498700CB20}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F043D149-2C9B-451C-8B7A-A3B7FDA97AA0}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F043D149-2C9B-451C-8B7A-A3B7FDA97AA0}] DATAGRAM 2
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
Microsoft XML Parser for Java [file://C:\WINDOWS\Java\classes\xmldso.cab]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab C:\WINDOWS\Downloaded Program Files\oscan81.ocx_x C:\WINDOWS\bdoscandellang.ini C:\WINDOWS\bdoscandel.exe C:\WINDOWS\Downloaded Program Files\live.ini C:\WINDOWS\Downloaded Program Files\scanoptions.tsi C:\WINDOWS\Downloaded Program Files\lang.ini C:\WINDOWS\Downloaded Program Files\ipsupd.dll C:\WINDOWS\Downloaded Program Files\bdupd.dll C:\WINDOWS\Downloaded Program Files\libfn.dll C:\WINDOWS\Downloaded Program Files\bdcore.dll C:\WINDOWS\Downloaded Program Files\oscan8.ocx
{8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
**** Windows Services ****
[AcerMemUsageCheckService] C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
[Alerter] %SystemRoot%\system32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[aswUpdSv] "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[avast! Antivirus] "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
[avast! Mail Scanner] "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
[avast! Web Scanner] "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
[BITS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\system32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[ehRecvr] C:\WINDOWS\eHome\ehRecvr.exe
[ehSched] C:\WINDOWS\eHome\ehSched.exe
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[Fax] %systemroot%\system32\fxssvc.exe
[gusvc] "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[IDriverT] "C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe"
[ImapiService] C:\WINDOWS\system32\imapi.exe
[iPod Service] "C:\Program Files\iPod\bin\iPodService.exe"
[KPF4] "C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"
[lanmanserver] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs
[LightScribeService] "c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"
[LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService
[McrdSvc] C:\WINDOWS\ehome\mcrdsvc.exe
[Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs
[MHN] %SystemRoot%\System32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\system32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\system32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\system32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[NVSvc] %SystemRoot%\system32\nvsvc32.exe
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\system32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\system32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\system32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{37E16036-57B1-4DB1-B7DA-D0E751BA0E0A}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TlntSvr] C:\WINDOWS\system32\tlntsvr.exe
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[usnjsvc] "C:\Program Files\MSN Messenger\usnsvc.exe"
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[WMPNetworkSvc] "C:\Program Files\Windows Media Player\WMPNetwk.exe"
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WudfSvc] %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
SEARCH: [CustomizeSearch] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
**** Complete IE Options ****
IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] https://actus.sfr.fr
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
IEOPT: [Use Custom Search URL]
IEOPT: [AutoSearch]
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Window Title] Internet Explorer avec Club-Internet
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [Move System Caret] no
IEOPT: [Expand Alt Text] no
IEOPT: [Print_Background] no
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Show image placeholders]
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Display Inline Videos] yes
IEOPT: [FavIntelliMenus] no
IEOPT: [Enable Browser Extensions] no
IEOPT: [UseThemes]
IEOPT: [NoWebJITSetup]
IEOPT: [Friendly http errors] yes
IEOPT: [ShowGoButton] yes
IEOPT: [Page_Transitions]
IEOPT: [DisableScriptDebuggerIE] yes
IEOPT: [NscSingleExpand]
IEOPT: [Force Offscreen Composition]
IEOPT: [AllowWindowReuse]
IEOPT: [SmoothScroll]
IEOPT: [LastCheckedHi] ^HÇs
IEOPT: [Use FormSuggest] no
IEOPT: [AddToFavoritesExpanded]
IEOPT: [XMLHTTP]
IEOPT: [UseClearType] yes
IEOPT: [CompatibilityFlags]
IEOPT: [SearchMigrated]
IEOPT: [SearchMigratedDefaultName] Yahoo! Search
IEOPT: [SearchMigratedDefaultURL] https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7
IEOPT: [SearchMigratedInstalled]
IEOPT: [RunOnceHasShown]
IEOPT: [RunOnceComplete]
IEOPT: [AutoHide] yes
IEOPT: [AlwaysShowMenus]
IEOPT: [Check_Associations] no
IEOPT: [EnableSearchPane]
IEOPT: [HistoryViewType]
IEOPT: [Save Directory] C:\Documents and Settings\claude ayrault\Mes documents\
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] https://www.msn.com/fr-fr/?ocid=iehp
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Default_Secondary_Page_URL]
IEOPT: [Extensions Off Page] about:NoAdd-ons
IEOPT: [Security Risk Page] about:SecurityRisk
IEOPT: [Check_Associations] yes
IEOPT: [Window Title]
avast ne trouve rien mais kério avait bloqué un code suspect
peut-être une fausse alerte
a +
**** Run Keys ****
RUN: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
RUN: [SkyTel] SkyTel.EXE
RUN: [RTHDCPL] RTHDCPL.EXE
RUN: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
RUN: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
RUN: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
RUN: [LaunchApp] Alaunch
RUN: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
RUN: [ehTray] C:\WINDOWS\ehome\ehtray.exe
RUN: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
RUN: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
RUN: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
RUN: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
RUN: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
RUN: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
RUN: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
RUN: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
RUN: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
**** Browser Helper Objects ****
BHO: [Yahoo! Toolbar Helper] C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: [Adobe PDF Reader Link Helper] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [] C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: [SSVHelper Class] C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
BHO: [Windows Live Sign-in Helper] C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: [Google Toolbar Helper] c:\program files\google\googletoolbar3.dll
BHO: [Windows Live Toolbar Helper] C:\Program Files\Windows Live Toolbar\msntb.dll
**** IE Toolbars ****
TOOLBAR: [Acer eDataSecurity Management] C:\WINDOWS\system32\eDStoolbar.dll
TOOLBAR: [Acer eDataSecurity Management] C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
TOOLBAR: [&Google] c:\program files\google\googletoolbar3.dll
TOOLBAR: [Windows Live Toolbar] C:\Program Files\Windows Live Toolbar\msntb.dll
**** IE Extensions ****
IEExt: [Web Browser Applet Control] C:\WINDOWS\system32\msjava.dll
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
IEBypass: 127.0.0.1
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
**** IE Context Menu (Right click) ****
IEContext: [&Windows Live Search] res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
IEContext: [Add to Windows &Live Favorites] https://onedrive.live.com/?id=favorites
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E512708-7B85-4350-8A4D-B0D450642C8E}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E512708-7B85-4350-8A4D-B0D450642C8E}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{091EF976-1DD5-49B0-AD04-4FB6843A84C9}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{091EF976-1DD5-49B0-AD04-4FB6843A84C9}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA950E1C-050D-4669-8FAC-20498700CB20}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA950E1C-050D-4669-8FAC-20498700CB20}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F043D149-2C9B-451C-8B7A-A3B7FDA97AA0}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F043D149-2C9B-451C-8B7A-A3B7FDA97AA0}] DATAGRAM 2
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
Microsoft XML Parser for Java [file://C:\WINDOWS\Java\classes\xmldso.cab]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab C:\WINDOWS\Downloaded Program Files\oscan81.ocx_x C:\WINDOWS\bdoscandellang.ini C:\WINDOWS\bdoscandel.exe C:\WINDOWS\Downloaded Program Files\live.ini C:\WINDOWS\Downloaded Program Files\scanoptions.tsi C:\WINDOWS\Downloaded Program Files\lang.ini C:\WINDOWS\Downloaded Program Files\ipsupd.dll C:\WINDOWS\Downloaded Program Files\bdupd.dll C:\WINDOWS\Downloaded Program Files\libfn.dll C:\WINDOWS\Downloaded Program Files\bdcore.dll C:\WINDOWS\Downloaded Program Files\oscan8.ocx
{8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
**** Windows Services ****
[AcerMemUsageCheckService] C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
[Alerter] %SystemRoot%\system32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[aswUpdSv] "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[avast! Antivirus] "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
[avast! Mail Scanner] "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
[avast! Web Scanner] "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
[BITS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\system32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[ehRecvr] C:\WINDOWS\eHome\ehRecvr.exe
[ehSched] C:\WINDOWS\eHome\ehSched.exe
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[Fax] %systemroot%\system32\fxssvc.exe
[gusvc] "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[IDriverT] "C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe"
[ImapiService] C:\WINDOWS\system32\imapi.exe
[iPod Service] "C:\Program Files\iPod\bin\iPodService.exe"
[KPF4] "C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"
[lanmanserver] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs
[LightScribeService] "c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"
[LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService
[McrdSvc] C:\WINDOWS\ehome\mcrdsvc.exe
[Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs
[MHN] %SystemRoot%\System32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\system32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\system32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\system32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[NVSvc] %SystemRoot%\system32\nvsvc32.exe
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\system32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\system32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\system32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{37E16036-57B1-4DB1-B7DA-D0E751BA0E0A}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TlntSvr] C:\WINDOWS\system32\tlntsvr.exe
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[usnjsvc] "C:\Program Files\MSN Messenger\usnsvc.exe"
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[WMPNetworkSvc] "C:\Program Files\Windows Media Player\WMPNetwk.exe"
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WudfSvc] %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
SEARCH: [CustomizeSearch] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
**** Complete IE Options ****
IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] https://actus.sfr.fr
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
IEOPT: [Use Custom Search URL]
IEOPT: [AutoSearch]
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Window Title] Internet Explorer avec Club-Internet
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [Move System Caret] no
IEOPT: [Expand Alt Text] no
IEOPT: [Print_Background] no
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Show image placeholders]
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Display Inline Videos] yes
IEOPT: [FavIntelliMenus] no
IEOPT: [Enable Browser Extensions] no
IEOPT: [UseThemes]
IEOPT: [NoWebJITSetup]
IEOPT: [Friendly http errors] yes
IEOPT: [ShowGoButton] yes
IEOPT: [Page_Transitions]
IEOPT: [DisableScriptDebuggerIE] yes
IEOPT: [NscSingleExpand]
IEOPT: [Force Offscreen Composition]
IEOPT: [AllowWindowReuse]
IEOPT: [SmoothScroll]
IEOPT: [LastCheckedHi] ^HÇs
IEOPT: [Use FormSuggest] no
IEOPT: [AddToFavoritesExpanded]
IEOPT: [XMLHTTP]
IEOPT: [UseClearType] yes
IEOPT: [CompatibilityFlags]
IEOPT: [SearchMigrated]
IEOPT: [SearchMigratedDefaultName] Yahoo! Search
IEOPT: [SearchMigratedDefaultURL] https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7
IEOPT: [SearchMigratedInstalled]
IEOPT: [RunOnceHasShown]
IEOPT: [RunOnceComplete]
IEOPT: [AutoHide] yes
IEOPT: [AlwaysShowMenus]
IEOPT: [Check_Associations] no
IEOPT: [EnableSearchPane]
IEOPT: [HistoryViewType]
IEOPT: [Save Directory] C:\Documents and Settings\claude ayrault\Mes documents\
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] https://www.msn.com/fr-fr/?ocid=iehp
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Default_Secondary_Page_URL]
IEOPT: [Extensions Off Page] about:NoAdd-ons
IEOPT: [Security Risk Page] about:SecurityRisk
IEOPT: [Check_Associations] yes
IEOPT: [Window Title]
avast ne trouve rien mais kério avait bloqué un code suspect
peut-être une fausse alerte
a +