Sujet Précédent Sujet Suivant

Win32 TRojan gen Other

Résolu/Fermé
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015 - 5 mai 2009 à 12:12
 Utilisateur anonyme - 12 mai 2009 à 23:17
Bonjour,

apres avoir visité different forum , je fait appel a vous car j ai un probleme avec le trojan win 32 trojan gen , et notament une erreur de chargement de rundll32 au demarrage (je suppose que c est en rapport), Pouvez vous m aider ? voici mon log avec hijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:02:50, on 05/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
I:\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [FlashIcon] C:\Program Files\Generic\USB Card Reader Driver v2.3\FlashIcon.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"
O4 - HKLM\..\Run: [SmartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe
O4 - HKLM\..\Run: [BePCSC] C:\Program Files\EmvSmartCardReader\BePCSC.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunServices: [Windows Internet Player] wmplayer.exe
O4 - HKLM\..\RunServices: [Wind0ws Ser7ice Agent] colwindos.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [dll] rundll32 dll32,sm
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Wind0ws Ser7ice Agent] colwindos.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
O4 - Global Startup: Pinnacle Scheduler.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://myalbum.com/fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_3_1.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Maxtor Network Analysis Tool - Unknown owner - C:\WINDOWS\System32\dllcache\winsshr.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe

83 réponses

Précédent
Réponse 41 / 83
Utilisateur anonyme
7 mai 2009 à 22:20
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.



Télécharges :
Malwarebytes ou :
Malwarebytes

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

* Potasses le Tuto pour te familiariser avec le prg :


( cela dit, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0
Réponse 42 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
8 mai 2009 à 00:49
je fait supprimé selection ??

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1945
Windows 5.1.2600 Service Pack 3

08/05/2009 00:47:17
mbam-log-2009-05-08 (00-47-05).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 312738
Temps écoulé: 2 hour(s), 20 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.Antivirus2008) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 43 / 83
Utilisateur anonyme
8 mai 2009 à 00:56
Télécharger RemoveIT Pro

Fais un scan et poste le full rapport log.

A la fin du 1er scan, s'il demande de faire un scan complet dite oui

A la fin du 2ème scan, si virus trouvé cliquez sur "fix" pour nettoyer des virus trouvés.
0
Réponse 44 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
8 mai 2009 à 01:41
RemoveIT Pro v4 - SE (Build date: 6.6.2008) full information log file.
Generated at: 08/05/2009 on 01:27:45
Microsoft Windows XP Home Edition Service Pack 3 (Build 2600)
Author: Damjan Irgolic
https://www.incodesolutions.com/
support@incodesolutions.com


Running processes: (55)
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\Scardsvr.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\EmvSmartCardReader\SmartMON.exe
C:\Program Files\EmvSmartCardReader\BePCSC.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe

Startup files:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\H/PC Connection Agent
["C:\Program Files\Microsoft ActiveSync\wcescomm.exe"]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE
[C:\WINDOWS\system32\ctfmon.exe]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
["C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\VTTrayp
[VTtrayp.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\VTTimer
[VTTimer.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RaidTool
[C:\Program Files\VIA\RAID\raid_tool.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\PCSuiteTrayApplication
[C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NBKeyScan
["C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Works Update Detection
[C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\lxdimon.exe
["C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\lxdiamon
["C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\LogitechVideoTray
[C:\Program Files\Logitech\Video\LogiTray.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\LogitechVideoRepair
[C:\Program Files\Logitech\Video\ISStart.exe ]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\IntelliPoint
["c:\Program Files\Microsoft IntelliPoint\ipoint.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\FlashIcon
[C:\Program Files\Generic\USB Card Reader Driver v2.3\FlashIcon.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\D-Link AirPlus G
[C:\Program Files\D-Link\AirPlus G\AirGCFG.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ANIWZCS2Service
[C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Photo Downloader
["C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Belgacom
["C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\EverioService
["C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SmartMon
[C:\Program Files\EmvSmartCardReader\SmartMON.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\BePCSC
[C:\Program Files\EmvSmartCardReader\BePCSC.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\beid
["C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ISTray
["C:\Program Files\Spyware Doctor\pctsTray.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\avgnt
["C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\Malwarebytes' Anti-Malware
[C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent]

Detail report: (137)
Clsid C:\WINDOWS\system32\crypt32.dll[39976dad9564b336b153184268db032f][606208]
Clsid C:\WINDOWS\system32\cryptnet.dll[938488d25648d26e6bfe3e47dc2ec5e8][64512]
Clsid C:\WINDOWS\system32\cscdll.dll[6b646a601aec823032af4dc19273cfda][102912]
Clsid C:\WINDOWS\system32\sclgntfy.dll[c01c7266e73b199101651a7508364df7][22016]
Clsid c:\windows\system32\webcheck.dll[b16ceb2ef61fb07f26d56ccd5720196b][233472]
Clsid C:\WINDOWS\system32\wgalogon.dll[36c8352203898eca8d59faf14412a628][236928]
Clsid C:\WINDOWS\system32\wlnotify.dll[c664757f8243499ba6e45102af459de6][94208]
Proc C:\PROGRA~1\MI3AA1~1\rapimgr.exe[421729ced68440b48c9b15f97f29b239][187176]
Proc C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe[c7344244be22ad0bb7e5146bb23abc5b][49152]
Proc C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[6e812818306d460d62b4abea9fdc6679][266497]
Proc C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe[335a142923fe7f97e8c8388acd067568][151297]
Proc C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe[d6c8942bea3698a2e7559bd423bfa5d7][68865]
Proc C:\Program Files\Belgacom\bin\sprtcmd.exe[e51925ce5017808ee8cb66beaf25363f][202016]
Proc C:\Program Files\Belgacom\bin\sprtsvc.exe[5f87f129ec8bfae7c5ef456619047f22][202016]
Proc C:\Program Files\Belgium Identity Card\beid35gui.exe[3cfdd43c1e41366cfa63c2d1ddfd3712][2035712]
Proc C:\Program Files\CyberLink\PCM4Everio\EverioService.exe[2c466370efe9cc9115eddff4b0848307][151552]
Proc C:\Program Files\D-Link\AirPlus G\AirGCFG.exe[e08d2c466bda83495a679c6aa38ef2a7][1552384]
Proc C:\Program Files\EmvSmartCardReader\BePCSC.exe[6766223b011ac68bd354b6d51629c72f][27136]
Proc C:\Program Files\EmvSmartCardReader\SmartMON.exe[f1e5c94f3503a6d16fd791a4a69b36ae][73826]
Proc C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[367592efca7ff8b4ce11ab6b0744e1e2][132424]
Proc C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe[7ebfae0a6d73d2d9c9a970a80935fd8f][28672]
Proc C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe[1bef5464c06f4af0c704378824c52adb][382248]
Proc C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe[c12ef776375161398861d819139d84c5][479232]
Proc C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe[b2bf3a935b301fe84be4c9b768b4c61a][551424]
Proc C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe[1749c16db564d24b7bc13b1bcb1c9cfe][184320]
Proc C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe[c6906a5a581d3bb58f8556de0856f894][25264]
Proc C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe[ae8f87000f191f06d47077ee68f1c63b][434864]
Proc C:\Program Files\Logitech\Video\FxSvr2.exe[70b68620c41c40580886b808fd7265da][192512]
Proc C:\Program Files\Logitech\Video\LogiTray.exe[fe6e15cc578c3278755cddff70c2787d][217088]
Proc C:\Program Files\Microsoft ActiveSync\wcescomm.exe[573bcf05cd317533bbadc0b60d729bcb][1211176]
Proc c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[3065bbba85e30284a77643745c57c8db][357800]
Proc C:\Program Files\Microsoft IntelliPoint\ipoint.exe[7a7d4000c9443350383f0fdfb7a1c12e][1037736]
Proc C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[6d4028d458eaaa1782099750790dc8c9][853288]
Proc C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe[fd92f6f55f825a2f30905f2050e7e10a][223232]
Proc C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN[0d601c7c65af904254c45a0faa37f3c5][2510848]
Proc C:\Program Files\OpenOffice.org 2.2\program\soffice.exe[92972b746849766ddb3af2d1f12fc676][2359296]
Proc C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[aac24421fc74d612a7169c4d4a61b48c][210432]
Proc C:\Program Files\Spyware Doctor\pctsAuxs.exe[2881d5c135d076bcf52b0f5ad3d8dc0b][348752]
Proc C:\Program Files\Spyware Doctor\pctsSvc.exe[9caca3fad05c4b0d7967592e65b338f1][1095560]
Proc C:\Program Files\Spyware Doctor\pctsTray.exe[ea93088391ae6cba7b9fd545dded7df6][1173384]
Proc C:\Program Files\VIA\RAID\raid_tool.exe[1cf881aae046fa887e684b5b8d5d3156][589824]
Proc C:\Program Files\WinZip\WZQKPICK.EXE[6d23b8cb307e455428a778535be6e6d9][394856]
Proc C:\WINDOWS\explorer.exe[f2317622d29f9ff0f88aeecd5f60f0dd][1037824]
Proc C:\WINDOWS\System32\alg.exe[5e9a6658a2a69ae7eb195113b7a2e7a9][44544]
Proc C:\WINDOWS\system32\ctfmon.exe[59dc5bb82e4c8e0b3eadcfdbc44ba6e4][15360]
Proc C:\WINDOWS\system32\lsass.exe[91e6024d6d4dcdecdb36c43ecf9bbecb][13312]
Proc C:\WINDOWS\system32\LVComsX.exe[f0431c490f124a8cc874163e6a38dd28][221184]
Proc C:\WINDOWS\system32\lxdicoms.exe[7b09187a3611480ba6632f4e3c86ddc0][517040]
Proc C:\WINDOWS\system32\Scardsvr.exe[67949cc8a865296c1333c96a4e1a2d66][100352]
Proc C:\WINDOWS\system32\services.exe[c3fb1d70cb88722267949694ba51759e][111104]
Proc C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe[da4f31909e1fd4ab342813867b801582][99248]
Proc C:\WINDOWS\system32\spoolsv.exe[460e4ce148bd07218da0b6a3d31885a9][57856]
Proc C:\WINDOWS\system32\svchost.exe[e4bdf223cd75478bf44567b4d5c2634d][14336]
Proc C:\WINDOWS\system32\VTTimer.exe[1d31970daaaf91f580f14bb5be4cb735][53248]
Proc C:\WINDOWS\system32\VTtrayp.exe[b7401a1c424e0836d7846e42548946b4][143360]
Proc C:\WINDOWS\system32\wdfmgr.exe[ab0a7ca90d9e3d6a193905dc1715ded0][38912]
RegRun c:\program files\adobe\photoshop album edition découverte\3.2\apps\apdproxy.exe[831fb892a5a5f28bb69de0ab77fa7281][63712]
RegRun c:\program files\ani\aniwzcs2 service\wzcsldr2.exe[c7344244be22ad0bb7e5146bb23abc5b][49152]
RegRun c:\program files\avira\antivir personaledition classic\avgnt.exe [6e812818306d460d62b4abea9fdc6679][266497]
RegRun c:\program files\belgacom\bin\sprtcmd.exe [e51925ce5017808ee8cb66beaf25363f][202016]
RegRun c:\program files\belgium identity card\beid35gui.exe [3cfdd43c1e41366cfa63c2d1ddfd3712][2035712]
RegRun c:\program files\cyberlink\pcm4everio\everioservice.exe[2c466370efe9cc9115eddff4b0848307][151552]
RegRun c:\program files\d-link\airplus g\airgcfg.exe[e08d2c466bda83495a679c6aa38ef2a7][1552384]
RegRun c:\program files\emvsmartcardreader\bepcsc.exe[6766223b011ac68bd354b6d51629c72f][27136]
RegRun c:\program files\emvsmartcardreader\smartmon.exe[f1e5c94f3503a6d16fd791a4a69b36ae][73826]
RegRun c:\program files\fichiers communs\microsoft shared\works shared\wkufind.exe[7ebfae0a6d73d2d9c9a970a80935fd8f][28672]
RegRun c:\program files\fichiers communs\nero\lib\nmbgmonitor.exe[1e40ef882a2afc3a715969ad7bf531b1][202024]
RegRun c:\program files\generic\usb card reader driver v2.3\flashicon.exe[db1fbcc0f7470b62128d37f1465e6731][40960]
RegRun c:\program files\lexmark 3500-4500 series\lxdiamon.exe[c6906a5a581d3bb58f8556de0856f894][25264]
RegRun c:\program files\lexmark 3500-4500 series\lxdimon.exe[ae8f87000f191f06d47077ee68f1c63b][434864]
RegRun c:\program files\logitech\video\isstart.exe [b5652e4b805e404a0d5d8177b401802a][458752]
RegRun c:\program files\logitech\video\logitray.exe[fe6e15cc578c3278755cddff70c2787d][217088]
RegRun c:\program files\malwarebytes' anti-malware\mbamgui.exe [fbef18063f7d837529e2d45016bc992b][401040]
RegRun c:\program files\microsoft activesync\wcescomm.exe[573bcf05cd317533bbadc0b60d729bcb][1211176]
RegRun c:\program files\microsoft intellipoint\ipoint.exe[7a7d4000c9443350383f0fdfb7a1c12e][1037736]
RegRun c:\program files\nero\nero8\nero backitup\nbkeyscan.exe[60e91d2bcc467842b478e8f3a5bf7c16][1836328]
RegRun c:\program files\nokia\nokia pc suite 6\launchapplication.exe [fd92f6f55f825a2f30905f2050e7e10a][223232]
RegRun c:\program files\spyware doctor\pctstray.exe[ea93088391ae6cba7b9fd545dded7df6][1173384]
RegRun c:\program files\via\raid\raid_tool.exe[1cf881aae046fa887e684b5b8d5d3156][589824]
RegRun c:\windows\system32\ctfmon.exe[59dc5bb82e4c8e0b3eadcfdbc44ba6e4][15360]
RegRun C:\WINDOWS\system32\vttimer.exe[1d31970daaaf91f580f14bb5be4cb735][53248]
RegRun C:\WINDOWS\system32\vttrayp.exe[b7401a1c424e0836d7846e42548946b4][143360]
Service c:\program files\ani\aniwzcs2 service\aniwzcsds.exe[1d5bd430e6873f3415639209903740de][49152]
Service c:\program files\avira\antivir personaledition classic\avguard.exe[335a142923fe7f97e8c8388acd067568][151297]
Service c:\program files\avira\antivir personaledition classic\sched.exe[d6c8942bea3698a2e7559bd423bfa5d7][68865]
Service c:\program files\belgacom\bin\sprtsvc.exe [5f87f129ec8bfae7c5ef456619047f22][202016]
Service c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe[367592efca7ff8b4ce11ab6b0744e1e2][132424]
Service c:\program files\fichiers communs\installshield\driver\11\intel 32\idrivert.exe[1cf03c69b49acb70c722df92755c0c8c][69632]
Service c:\program files\fichiers communs\logishrd\srvlnch\srvlnch.exe[da4372152c68641c032dfeb4773562e8][142112]
Service c:\program files\fichiers communs\macrovision shared\flexnet publisher\fnplicensingservice.exe[1f63900e2eb00101b9aca2b7a870704e][655624]
Service c:\program files\fichiers communs\microsoft shared\office12\odserv.exe[e54aa592a65f317390eee386a8821692][443776]
Service c:\program files\fichiers communs\microsoft shared\source engine\ose.exe[5a432a042dae460abe7199b758e8606c][145184]
Service c:\program files\fichiers communs\nero\lib\nmindexingservice.exe[1bef5464c06f4af0c704378824c52adb][382248]
Service c:\program files\fichiers communs\supportsoft\bin\ssrc.exe[9a97b7024e2ca4d42046bf272997e14c][382320]
Service c:\program files\ipod\bin\ipodservice.exe[5c7538b244e439df39388da28e0a18d1][656168]
Service c:\program files\ma-config.com\maconfservice.exe[78df948a523a38191d0591daa1cd3bd7][191656]
Service c:\program files\nero\nero8\nero backitup\nbservice.exe[6d4028d458eaaa1782099750790dc8c9][853288]
Service c:\program files\pc connectivity solution\servicelayer.exe[aac24421fc74d612a7169c4d4a61b48c][210432]
Service c:\program files\spyware doctor\pctsauxs.exe[2881d5c135d076bcf52b0f5ad3d8dc0b][348752]
Service c:\program files\spyware doctor\pctssvc.exe[9caca3fad05c4b0d7967592e65b338f1][1095560]
Service c:\program files\windows live\family safety\fsssvc.exe[9b1622ebeb31b3411b13382ffcb8737d][533360]
Service c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe[4eabf511b1af176a971c3271e48fa3a8][33800]
Service c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe[234b1bc2796483e1f5c3f26649fb3388][70144]
Service c:\windows\system32\alg.exe[5e9a6658a2a69ae7eb195113b7a2e7a9][44544]
Service c:\windows\system32\cisvc.exe[793ef38a5fd086c3c8e48a8a861562ed][5632]
Service c:\windows\system32\clipsrv.exe[8b30cbb0c07d49b2658fb190946b0e7e][33280]
Service c:\windows\system32\dllhost.exe [0dad93bb0fecf5016ae3c06cbb0a873b][5120]
Service c:\windows\system32\dmadmin.exe [ead2b8aaeb16e538106d295cd7bd7a48][225280]
Service c:\windows\system32\imapi.exe[c4221678bbaa55239c23632875759961][150528]
Service c:\windows\system32\locator.exe[499c59a2584f6d4ea41e944da571d993][75264]
Service c:\windows\system32\lsass.exe[91e6024d6d4dcdecdb36c43ecf9bbecb][13312]
Service c:\windows\system32\lxdicoms.exe [7b09187a3611480ba6632f4e3c86ddc0][517040]
Service c:\windows\system32\mnmsrvc.exe[d3a2870cd96cda7bcff3dc54f64087ad][32768]
Service c:\windows\system32\msdtc.exe[8648d670ae0d95c95e7bbb5b80661796][6144]
Service c:\windows\system32\msiexec.exe [0411f7ee63ae48d2918ab4f2c79ab6c4][78848]
Service c:\windows\system32\netdde.exe[5c9b1d83755b36237b70f95df3d46a52][114176]
Service c:\windows\system32\rsvp.exe[414964844f4793acb868d057e8ed997e][132608]
Service c:\windows\system32\scardsvr.exe[67949cc8a865296c1333c96a4e1a2d66][100352]
Service c:\windows\system32\services.exe[c3fb1d70cb88722267949694ba51759e][111104]
Service c:\windows\system32\sessmgr.exe[9f63d9c5b238ed1c375d417eff3d5be7][142848]
Service c:\windows\system32\smlogsvc.exe[0899061318a6b1d9596aabfc77f45e44][93184]
Service c:\windows\system32\spool\drivers\w32x86\3\\lxdiserv.exe[da4f31909e1fd4ab342813867b801582][99248]
Service c:\windows\system32\spoolsv.exe[460e4ce148bd07218da0b6a3d31885a9][57856]
Service c:\windows\system32\svchost.exe [e4bdf223cd75478bf44567b4d5c2634d][14336]
Service c:\windows\system32\ups.exe[1edc93d7bd731b5ca6248ae245099b60][18432]
Service c:\windows\system32\vssvc.exe[5a4da252b2c0550ab83d129c02cf6c19][295424]
Service c:\windows\system32\wbem\wmiapsrv.exe[4e8e8a58f56b25d0795f484e5eb7f898][126464]
Service c:\windows\system32\wdfmgr.exe[ab0a7ca90d9e3d6a193905dc1715ded0][38912]
Startup c:\documents and settings\all users\menu démarrer\programmes\démarrage\desktop.ini[d6a6856702e3f0953e7246a9b4a9fe35][84]
Startup c:\documents and settings\kris\menu démarrer\programmes\démarrage\desktop.ini[d6a6856702e3f0953e7246a9b4a9fe35][84]
Startup c:\program files\fichiers communs\nikon\monitor\nkmonitor.exe[c12ef776375161398861d819139d84c5][479232]
Startup c:\program files\intervideo\common\bin\wincinemamgr.exe[1749c16db564d24b7bc13b1bcb1c9cfe][184320]
Startup c:\program files\msi\pc alert 4\pcalert4.exe[a189f64fae24a8a749f5f6ac23979298][552960]
Startup c:\program files\openoffice.org 2.2\program\quickstart.exe[7636c40413bb9ac278bd2c8ae24e3e0c][393216]
Startup c:\program files\pinnacle\shared files\programs\scheduler\pclescheduler.exe[f04c453b706c8bd8afb6f13e75ffbe79][245760]
Startup c:\program files\winzip\wzqkpick.exe[6d23b8cb307e455428a778535be6e6d9][394856]
System.ini c:\windows\system32\wdfmgr.exe[ab0a7ca90d9e3d6a193905dc1715ded0][38912]

Startup folder: (8)
Startup name: desktop.ini
Command: C:\Documents and Settings\kris\Menu Démarrer\Programmes\Démarrage\desktop.ini
Startup name: Nikon Monitor.lnk
Command: C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
Startup name: OpenOffice.org 2.2.lnk
Command: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
Startup name: desktop.ini
Command: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
Startup name: InterVideo WinCinema Manager.lnk
Command: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Startup name: PC Alert 4.lnk
Command: C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
Startup name: Pinnacle Scheduler.lnk
Command: C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
Startup name: WinZip Quick Pick.lnk
Command: C:\Program Files\WinZip\WZQKPICK.EXE

Win.ini Startup: (1)
Path: No additional driver found!

Win.ini Startup: (1)
Path: No additional driver found!

Keyboard drivers: (1)
Name: No Keyboard Filter driver found!

Services: (106)
Service Name: .NET Runtime Optimization Service v2.0.50727_X86 [Stopped],
Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Service Name: Accès du périphérique d'interface utilisateur [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Acquisition d'image Windows (WIA) [Running],
Path: C:\WINDOWS\System32\svchost.exe -k imgsvc
Service Name: Affichage des messages [Stopped],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: Agent de protection d'accès réseau [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Aide et support [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: ANIWZCSd Service [Stopped],
Path: C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
Service Name: Appel de procédure distante (RPC) [Running],
Path: C:\WINDOWS\system32\svchost -k rpcss
Service Name: Apple Mobile Device [Running],
Path: "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Service Name: Application système COM+ [Stopped],
Path: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Service Name: ASP.NET State Service [Stopped],
Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Service Name: Assistance TCP/IP NetBIOS [Running],
Path: C:\WINDOWS\system32\svchost.exe -k LocalService
Service Name: Audio Windows [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Avertissement [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k LocalService
Service Name: Avira AntiVir Personal - Free Antivirus Guard [Running],
Path: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"
Service Name: Carte à puce [Running],
Path: C:\WINDOWS\system32\Scardsvr.exe
Service Name: Carte de performance WMI [Stopped],
Path: C:\WINDOWS\System32\wbem\wmiapsrv.exe
Service Name: Centre de sécurité [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Cliché instantané de volume [Stopped],
Path: C:\WINDOWS\System32\vssvc.exe
Service Name: Client de suivi de lien distribué [Running],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: Client DHCP [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Client DNS [Running],
Path: C:\WINDOWS\System32\svchost.exe -k NetworkService
Service Name: Compatibilité avec le Changement rapide d'utilisateur [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Configuration automatique de réseau câblé [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k dot3svc
Service Name: Configuration automatique sans fil [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Connexion secondaire [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Connexions réseau [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: DDE réseau [Stopped],
Path: C:\WINDOWS\system32\netdde.exe
Service Name: Détection matériel noyau [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Distributed Transaction Coordinator [Stopped],
Path: C:\WINDOWS\System32\msdtc.exe
Service Name: DSDM DDE réseau [Stopped],
Path: C:\WINDOWS\system32\netdde.exe
Service Name: Emplacement protégé [Running],
Path: C:\WINDOWS\system32\lsass.exe
Service Name: Explorateur d'ordinateur [Stopped],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: FLEXnet Licensing Service [Stopped],
Path: "C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
Service Name: Fournisseur de la prise en charge de sécurité LM NT [Stopped],
Path: C:\WINDOWS\System32\lsass.exe
Service Name: Gestion d'applications [Stopped],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: Gestionnaire de comptes de sécurité [Running],
Path: C:\WINDOWS\system32\lsass.exe
Service Name: Gestionnaire de connexion automatique d'accès distant [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Gestionnaire de connexions d'accès distant [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Gestionnaire de disque logique [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Gestionnaire de l'Album [Stopped],
Path: C:\WINDOWS\system32\clipsrv.exe
Service Name: Gestionnaire de session d'aide sur le Bureau à distance [Stopped],
Path: C:\WINDOWS\system32\sessmgr.exe
Service Name: Horloge Windows [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Hôte de périphérique universel Plug-and-Play [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k LocalService
Service Name: HTTP SSL [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k HTTPFilter
Service Name: Infrastructure de gestion Windows [Running],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: InstallDriver Table Manager [Stopped],
Path: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Service Name: Journal des événements [Running],
Path: C:\WINDOWS\system32\services.exe
Service Name: Journaux et alertes de performance [Stopped],
Path: C:\WINDOWS\system32\smlogsvc.exe
Service Name: Lanceur de processus serveur DCOM [Running],
Path: C:\WINDOWS\system32\svchost -k DcomLaunch
Service Name: Localisateur d'appels de procédure distante (RPC) [Stopped],
Path: C:\WINDOWS\System32\locator.exe
Service Name: LVSrvLauncher [Stopped],
Path: C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
Service Name: lxdi_device [Running],
Path: C:\WINDOWS\system32\lxdicoms.exe -service
Service Name: lxdiCATSCustConnectService [Running],
Path: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
Service Name: Ma-Config Service [Stopped],
Path: "C:\Program Files\ma-config.com\maconfservice.exe"
Service Name: Maxtor Network Analysis Tool [Stopped],
Path: "C:\WINDOWS\System32\dllcache\winsshr.exe"
Service Name: Microsoft Office Diagnostics Service [Stopped],
Path: "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE"
Service Name: Mises à jour automatiques [Running],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: MS Software Shadow Copy Provider [Stopped],
Path: C:\WINDOWS\System32\dllhost.exe /Processid:{63BE335D-8632-4261-9A8B-6A956EB7ABC8}
Service Name: Nero BackItUp Scheduler 3 [Running],
Path: C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
Service Name: NLA (Network Location Awareness) [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: NMIndexingService [Running],
Path: "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe"
Service Name: Notification d'événement système [Running],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: Office Source Engine [Stopped],
Path: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
Service Name: Onduleur [Stopped],
Path: C:\WINDOWS\System32\ups.exe
Service Name: Ouverture de session réseau [Stopped],
Path: C:\WINDOWS\system32\lsass.exe
Service Name: Pare-feu Windows / Partage de connexion Internet [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Partage de Bureau à distance NetMeeting [Stopped],
Path: C:\WINDOWS\System32\mnmsrvc.exe
Service Name: PC Tools Auxiliary Service [Running],
Path: C:\Program Files\Spyware Doctor\pctsAuxs.exe
Service Name: PC Tools Security Service [Running],
Path: C:\Program Files\Spyware Doctor\pctsSvc.exe
Service Name: Planificateur Avira AntiVir Personal - Free Antivirus [Running],
Path: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"
Service Name: Planificateur de tâches [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Plug-and-Play [Running],
Path: C:\WINDOWS\system32\services.exe
Service Name: Prise en charge des cartes à puces [Stopped],
Path: C:\WINDOWS\system32\Scardsvr.exe
Service Name: QoS RSVP [Stopped],
Path: C:\WINDOWS\System32\rsvp.exe
Service Name: Routage et accès distant [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Serveur [Running],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: Service COM de gravage de CD IMAPI [Stopped],
Path: C:\WINDOWS\system32\imapi.exe
Service Name: Service d'administration du Gestionnaire de disque logique [Stopped],
Path: C:\WINDOWS\System32\dmadmin.exe /com
Service Name: Service d'approvisionnement réseau [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Service de découvertes SSDP [Running],
Path: C:\WINDOWS\System32\svchost.exe -k LocalService
Service Name: Service de l’iPod [Stopped],
Path: "C:\Program Files\iPod\bin\iPodService.exe"
Service Name: Service de la passerelle de la couche Application [Running],
Path: C:\WINDOWS\System32\alg.exe
Service Name: Service de numéro de série du lecteur multimédia portable [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Service de rapport d'erreurs [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Service de restauration système [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Service de transfert intelligent en arrière-plan [Running],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: Service d'indexation [Stopped],
Path: C:\WINDOWS\system32\cisvc.exe
Service Name: Service Gestion des clés et des certificats d'intégrité [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Service Protocole EAP (Extensible Authentication Protocol) [Stopped],
Path: C:\WINDOWS\System32\svchost.exe -k eapsvcs
Service Name: ServiceLayer [Running],
Path: "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
Service Name: Services de cryptographie [Running],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: Services IPSEC [Running],
Path: C:\WINDOWS\system32\lsass.exe
Service Name: Services Terminal Server [Stopped],
Path: C:\WINDOWS\System32\svchost -k DComLaunch
Service Name: Spouleur d'impression [Running],
Path: C:\WINDOWS\system32\spoolsv.exe
Service Name: Station de travail [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Stockage amovible [Stopped],
Path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Service Name: SupportSoft RemoteAssist [Stopped],
Path: C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe
Service Name: SupportSoft Sprocket Service (belgacom) [Running],
Path: C:\Program Files\Belgacom\bin\sprtsvc.exe /service /p belgacom
Service Name: Système d'événements de COM+ [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Téléphonie [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: Thèmes [Running],
Path: C:\WINDOWS\System32\svchost.exe -k netsvcs
Service Name: WebClient [Running],
Path: C:\WINDOWS\System32\svchost.exe -k LocalService
Service Name: Windows Installer [Stopped],
Path: C:\WINDOWS\system32\msiexec.exe /V
Service Name: Windows Live Contrôle parental [Stopped],
Path: "C:\Program Files\Windows Live\Family Safety\fsssvc.exe"
Service Name: Windows User Mode Driver Framework [Running],
Path: C:\WINDOWS\system32\wdfmgr.exe
Finished...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 83
Utilisateur anonyme
8 mai 2009 à 01:43
au faite pour malwarebytes oui il fallait supprimer

encore des soucis ?
0
Réponse 46 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
8 mai 2009 à 01:55
le pc va bien mieux, mais quand j ouvre internet explorer j ai toujours une page blanche
0
Réponse 47 / 83
Utilisateur anonyme
8 mai 2009 à 09:17
salut alors relances rsit stp
0
Réponse 48 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
8 mai 2009 à 15:48
salut

Logfile of random's system information tool 1.06 (written by random/random)
Run by kris at 2009-05-08 15:34:31
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 14 GB (18%) free of 79 GB
Total RAM: 959 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:47, on 08/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\Scardsvr.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\EmvSmartCardReader\SmartMON.exe
C:\Program Files\EmvSmartCardReader\BePCSC.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Documents and Settings\kris\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\kris.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [FlashIcon] C:\Program Files\Generic\USB Card Reader Driver v2.3\FlashIcon.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"
O4 - HKLM\..\Run: [SmartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe
O4 - HKLM\..\Run: [BePCSC] C:\Program Files\EmvSmartCardReader\BePCSC.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
O4 - Global Startup: Pinnacle Scheduler.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://myalbum.com/fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_3_1.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Maxtor Network Analysis Tool - Unknown owner - C:\WINDOWS\System32\dllcache\winsshr.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe
0
Réponse 49 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
8 mai 2009 à 18:09
J ouvre internet explorer , la page reste toute blanche et au bout bd un certain temps se ferme toute seule
0
Réponse 50 / 83
Utilisateur anonyme
10 mai 2009 à 12:21
salut sans aucun message d'eereur ?
0
Réponse 51 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
11 mai 2009 à 12:19
Salut

Aucun message , j'ouvre internet explorer , la page reste blanche et au bout d un certain temps se ferme....
0
Réponse 52 / 83
Utilisateur anonyme
11 mai 2009 à 12:47
Télécharge Zeb-Restore http://telechargement.zebulon.fr/zeb-restore.html enregistre ce fichier sur le bureau.

-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
- Coche la case devant : Réparation IE
- Ne coche aucune autre case
-Clique sur Restaurer
-Redémarre ton PC
0
Réponse 53 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
11 mai 2009 à 13:14
le probleme persiste :-(
0
Réponse 54 / 83
Utilisateur anonyme
11 mai 2009 à 13:39
juste un chose ca fait pareil avec mozilla aussi ?
0
Réponse 55 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
11 mai 2009 à 13:53
Connexion au serveur proxy refusée...
0
Réponse 56 / 83
Utilisateur anonyme
11 mai 2009 à 13:55
réouvre hijackthis
fais scan only
coches ces lignes sur leur gauche:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171


tu les coches et tu clic sur "fix checked"

et tu fermes le programme.


0
Réponse 57 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
11 mai 2009 à 14:03
c'est fait , mais pas de changement
0
Réponse 58 / 83
Utilisateur anonyme
11 mai 2009 à 14:06
redemarre ton ordi
0
Réponse 59 / 83
sroky Messages postés 104 Date d'inscription vendredi 2 novembre 2007 Statut Membre Dernière intervention 1 mars 2015
11 mai 2009 à 14:27
Toujours la meme chose :-(
0
Réponse 60 / 83
Utilisateur anonyme
11 mai 2009 à 14:30
ca ecrit quelque chose dans la barre d'adresse ?
0

Discussions similaires

Que fait le virus LPI Win32 Pup-Gen
Tristan Chrome -
Tristan Chrome -

2 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses