Analyse de mon raport de HijackThis
HARLLEY
Messages postés
4
Statut
Membre
-
harlley -
harlley -
Bonjour,mon pc ram un peu sur internet, pouriez vous m analyser mon raport de HijackThis svp et me signaller si il y a du virus , trojan ,etc......merci d avance ;bien a vous.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:31, on 02/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\mes protections\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ManualRun] "D:\AUTORUN\AutoRun"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\mes logicies\clone cd\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B11F4495-6412-4CB6-8EB3-6D3D9F18C4D9}: NameServer = 195.238.2.21 195.238.2.22
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe
O24 - Desktop Component 0: (no name) - http://shared.live.com/VyHxICJl!39uFVYVTvxLmA/Web/images/white_trans_0.gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:31, on 02/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\mes protections\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ManualRun] "D:\AUTORUN\AutoRun"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\mes logicies\clone cd\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B11F4495-6412-4CB6-8EB3-6D3D9F18C4D9}: NameServer = 195.238.2.21 195.238.2.22
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe
O24 - Desktop Component 0: (no name) - http://shared.live.com/VyHxICJl!39uFVYVTvxLmA/Web/images/white_trans_0.gif
A voir également:
- Analyse de mon raport de HijackThis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
- Nouveau tag analysé - Forum Huawei
6 réponses
en efait 2 spyware
télécharger Spyware Terminator
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/41933.html
puis lancer une analyse puis poster le rapport
télécharger Spyware Terminator
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/41933.html
puis lancer une analyse puis poster le rapport
merci pour votre reponce tres rapide;voici mon raport de spywar terminator:
Logfile of Spyware Terminator v2.5.9.223 (db:3.007.031.000)
Scan Time: 02/08/2009 19:04:33 length: 815 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 60424 (Critical:2)
Filter: No System items, No Safe items, No Invalid items
Running Processes
jqs.exe [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
nvsvc32.exe [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
sprtsvc.exe [SupportSoft, Inc.] : C:\Program Files\Belgacom\bin\sprtsvc.exe
Dragdiag.exe [THOMSON Telecom Belgium] : C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
sprtcmd.exe [SupportSoft, Inc.] : C:\Program Files\Belgacom\bin\sprtcmd.exe
UnlockerAssistant.exe : C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe
jusched.exe [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe
AnyDVDtray.exe [SlySoft, Inc.] : C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
hpqtra08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
hpqSTE08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
HPZipm12.exe [HP] : C:\WINDOWS\system32\HPZipm12.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
02 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jp2ssv.dll
02 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\lib\deploy\jqs\ie\jqs_plugin.dll
Toolbars
03 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AnyDVD : [SlySoft, Inc.] : C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SpeedTouch USB Diagnostics : [THOMSON Telecom Belgium] : C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Belgacom : [SupportSoft, Inc.] : C:\Program Files\Belgacom\bin\sprtcmd.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Google Quick Search Box : [Google Inc.] : C:\Program Files\GOOGLE\QUICK SEARCH BOX\GOOGLEQUICKSEARCHBOX.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CloneCDTray : [SlySoft, Inc.] : C:\Program Files\MES LOGICIES\CLONE CD\CLONECD\CLONECDTRAY.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UnlockerAssistant : : C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SunJavaUpdateSched : [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe
04 - Startup: %STARTUPALL%\HP Digital Imaging Monitor.lnk [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - [Alexander Roshal] : C:\Program Files\mes logicies\winrar\rarext.dll
Services
23 - [THOMSON] : C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
23 - [THOMSON] : C:\WINDOWS\system32\DRIVERS\alcaudsl.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [SlySoft, Inc.] : C:\WINDOWS\system32\Drivers\AnyDVD.sys
23 - [SlySoft, Inc.] : C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
23 - [Elaborate Bytes AG] : C:\WINDOWS\system32\Drivers\ElbyDelay.sys
23 - [HP] : C:\WINDOWS\system32\DRIVERS\HPZid412.sys
23 - [HP] : C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
23 - [HP] : C:\WINDOWS\system32\DRIVERS\HPZius12.sys
23 - [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
23 - [HP] : C:\WINDOWS\system32\HPZipm12.exe
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfdrv01.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfhlp02.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfsync02.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Crawler.com] : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
Threat Files
<SPR/AniSYS.A> : C:\WINDOWS\system32\autorun.exe
Advanced Files Report
%SYSDIR%\hpzjrd01.dll [Hewlett Packard] [Hewlett Packard Rediscovery Library] MD5=16FC2C309998C6D55C182652D6A1C5B1 SIZE=139264
%SYSDIR%\hpzlnt12.dll [HP] [HP DeskJet] MD5=52417880AC75AC4B7F4E5C3B54CA6621 SIZE=139345
%SYSDIR%\spool\DRIVERS\W32X86\3\hpzpm312.dll [HP] [Printer Property UI dll] MD5=6554A72F3F6BAA3EC4960BD0BADE773C SIZE=507904
%SYSDIR%\spool\DRIVERS\W32X86\3\hpz2ku12.dll [HP] [HP DeskJet] MD5=19FFBFAC1D57B543ADDEDDC653BA4CB3 SIZE=212992
%SYSDIR%\spool\DRIVERS\W32X86\3\HPZR3212.dll [HP] [Driver UI dlll] MD5=FF3FBC8026CCF42B062506B4D586FEBF SIZE=3219456
%PROGRAMFILES%\Belgacom\bin\sprthook.dll [SupportSoft, Inc.] [SupportSoft, Inc. sprthook] MD5=6B8877B2B9B44E2F3E7C769CCF7D6FA5 SIZE=116000
%PROGRAMFILES%\mes protections\unlocker\UnlockerHook.dll MD5=78D62115F51B641A9F12AFDF50A352FC SIZE=4608
%PROGRAMFILES%\mes logicies\anydvd\ADvdDiscHlp.dll [SlySoft, Inc.] [AnyDVD] MD5=B868EE7B0AF57F9E1C1B1FFE98D4BD4A SIZE=117696
%PROGRAMFILES%\mes logicies\winrar\rarext.dll [Alexander Roshal] [WinRAR] MD5=F11FE030158F8EF14A56A3EA9E9BD47D SIZE=132608
%PROGRAMFILES%\mes protections\Trojan Remover\Trshlex.dll [Simply Super Software] [Trojan Remover] MD5=B76FDC3CDB2580405FE8100D248B4821 SIZE=467552
%SYSDIR%\NVRSFR.DLL [NVIDIA Corporation] [NVIDIA Compatible Windows 2000 Display driver, Version 71.90] MD5=A3107CDD793AD9B8415C88CC139750C6 SIZE=262144
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 100.31] MD5=7FEE3369B45FEF88949C696E1BCD2BA6 SIZE=466944
%APPDATA%\Sun\Java\jre1.6.0_14\bin\jqs.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U14] MD5=44FFBA62F0F426B581759C49AAFEC2E2 SIZE=152984
%SYSDIR%\nvsvc32.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 71.90] MD5=F7A02F0806EC38C4C12E462B9BEABC94 SIZE=127042
%PROGRAMFILES%\Belgacom\bin\sprtsvc.exe [SupportSoft, Inc.] [SupportSoft sprtsvc] MD5=5F87F129EC8BFAE7C5EF456619047F22 SIZE=202016
%PROGRAMFILES%\Belgacom\bin\sprtsched.dll [SupportSoft, Inc.] [SupportSoft sprtsched] MD5=788C4CA41F28F5E5E6479F35983940B0 SIZE=881952
%PROGRAMFILES%\Belgacom\bin\sprtfod.dll [SupportSoft, Inc.] [SupportSoft sprtfod] MD5=0AB6629467D8F073B762FCA1D416BF2D SIZE=398624
%PROGRAMFILES%\Belgacom\bin\LIBEAY32.dll [SupportSoft, Inc.] [SSL Module based on 0.9.8b] MD5=5C5209B04B1942A534259C2AB7BB1EEA SIZE=1069056
%PROGRAMFILES%\Belgacom\bin\sprtsync.dll [SupportSoft, Inc.] [SupportSoft SyncManager Sprocket] MD5=E8B876BE73B87242E1ABE519E1816E29 SIZE=861472
%SYSDIR%\hpgwiamd.dll [Hewlett-Packard] [hpgwiamd.dll] MD5=187B944F719C5915BF5C615F56C0395A SIZE=278528
%PROGRAMFILES%\Belgacom\bin\sprtevent.dll [SupportSoft, Inc.] [SupportSoft sprtevent] MD5=0547AF400AE6B4F8646148739E0F24FA SIZE=382240
%PROGRAMFILES%\Belgacom\bin\sprtui.dll [SupportSoft, Inc.] [SupportSoft sprtui] MD5=D73405418E6F702E426C6DDF7091D00B SIZE=374048
%PROGRAMFILES%\Belgacom\bin\sprttrigger.dll [SupportSoft, Inc.] [SupportSoft SupportTriggers Sprocket] MD5=734CB17FBE664F87788F1A2210B40A3F SIZE=341280
%PROGRAMFILES%\Google\GoogleToolbarNotifier\5.2.4204.1700\gtn.dll [Google Inc.] [GoogleToolbarNotifier] MD5=022A7057B55856D4504CF9A04F449373 SIZE=141808
%PROGRAMFILES%\mes logicies\anydvd\AnyDialog.dll [SlySoft, Inc.] [AnyDVD] MD5=1502ED0F6C94171453ABA2651644DFA1 SIZE=1045440
%SYSDIR%\ElbyCDIO.dll [Elaborate Bytes AG] [Elaborate Bytes CDRTools] MD5=6C2E447D25827F5518CCBB1AE7083EF4 SIZE=93128
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=5597D0075861CB0A6E6087752D205C0D SIZE=282624
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcxm08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=EA99B12613E5909526123EEC64D6ABDC SIZE=143360
%PROGRAMFILES%\HP\Digital Imaging\bin\hpquio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=82E047AC9DCFA908F169EBB20C157198 SIZE=102400
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2E47A385EF1FCD593CA569B8078F5E45 SIZE=65536
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtao08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=621D873625B55315D248204E6588BA2D SIZE=65536
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=4C7CE6459461B61EAD294EAF50AF3160 SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CA76F94394D6C838342ADF41CC51D5D9 SIZE=28672
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=FC99DC360CFA2E32276151EB7B1D899D SIZE=696320
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcob08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=B245E6716CF85BDC55D17030CA609A73 SIZE=86016
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotradd.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=AEA0B0AA26E4EA377D6A12B3B5D6F90F SIZE=53248
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodvd09.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=A490EDE46A746E14AE6876021B6D4269 SIZE=70656
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoddcomm09.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=6BDA568A2AED0F84C717B5649F70C91C SIZE=93696
%SYSDIR%\hpzidr12.dll [HP] [HP Dot4Rtl] MD5=3A2030BBD08924970DCDB7ABBA4C4D92 SIZE=278584
%SYSDIR%\hpzipr12.dll [HP] [HP PmlRtl] MD5=D6D559B94671573A026ED47C5E75964B SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodev08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=986637284D3CB5B44A8848A13B6F1BC3 SIZE=73728
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodeb08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2E98BB08DBABF2E433FBE420DB836526 SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hposcn08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=E6AAD0234BEBE83EC6F66507DA204F83 SIZE=114688
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSCN08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2440A0CD99FD76B68F92E98D17B70F17 SIZE=24576
%PROGRAMFILES%\HP\Digital Imaging\bin\hpocxi08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=891736C55CEF9D265F915BCC0737D8A8 SIZE=274432
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqSTE08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2DB4D4386AC0F8CC367E1AA8AB1004EF SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqmfc09.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=7BC9BBC3C0C756B69E3F152ABAD0B44F SIZE=143360
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtap08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=1BF96F094044E1A6DEBEFC6FC7E1025F SIZE=53248
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqSTE08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=D9AE570BDF1B5EC9AC54837EAAFE0E36 SIZE=159744
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqsti08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=BCBEC1B5FDE429B2839410D22B5A0D15 SIZE=147456
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqstp08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=ADB83EDD735EB87F4030E5A9E9BA3D5C SIZE=135168
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqsem08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2F7E074D9950D1966E493153CA13360D SIZE=446464
%SYSDIR%\HPZipm12.exe [HP] [HP PML] MD5=9D84376931440F3679BEEF2A414FA493 SIZE=69632
%PROGRAMFILES%\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] [Google Toolbar for Internet Explorer] MD5=783AD24A77CD964B9888F27535FCC56E SIZE=256112
%PROGRAMFILES%\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_D5B8545F3CFB02D4.dll [Google Inc.] [Google Toolbar for Internet Explorer] MD5=277B3B6DC03A68739E8186120FA91F79 SIZE=2568304
%PROGRAMFILES%\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_9655453EC427A513.dll [Google Inc.] [Google Toolbar for Internet Explorer] MD5=AEBB7536DA92A8A0417AF89E63E973B3 SIZE=600576
%SYSDIR%\Macromed\Flash\Flash10b.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=8AFC17155ED5AB60B7C52D7F553D579C SIZE=3866528
D:\AUTORUN\AUTORUN
deskpan.dll
%SYSDIR%\DRIVERS\alcan5wn.sys [THOMSON] [SpeedTouch USB] MD5=0940030D5A5869067CCC03E3B0B8DEC7 SIZE=53600
%SYSDIR%\DRIVERS\alcaudsl.sys [THOMSON] [SpeedTouch USB] MD5=4C9577888C53243E2991456F510488A1 SIZE=70688
%SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)] MD5=8D6C30E515717248E0E52B85FD7AC466 SIZE=2279424
%SYSDIR%\Drivers\AnyDVD.sys [SlySoft, Inc.] [AnyDVD] MD5=F39D005F6509B17A88CEAFEAB210BFB2 SIZE=99648
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\Drivers\ElbyCDFL.sys [SlySoft, Inc.] [CloneCD] MD5=CE37E3D51912E59C80C6D84337C0B4CD SIZE=34760
%SYSDIR%\Drivers\ElbyDelay.sys [Elaborate Bytes AG] [CDRTools] MD5=E205C313417DA6FA7AFE85912A310A65 SIZE=11984
%SYSDIR%\DRIVERS\HPZid412.sys [HP] [HP Dot4 Windows 2000] MD5=9F1D80908658EB7F1BF70809E0B51470 SIZE=51120
%SYSDIR%\DRIVERS\HPZipr12.sys [HP] [HP Dot4Print] MD5=F7E3E9D50F9CD3DE28085A8FDAA0A1C3 SIZE=16496
%SYSDIR%\DRIVERS\HPZius12.sys [HP] [HP Dot4Usb Windows 2000] MD5=CF1B7951B4EC8D13F3C93B74BB2B461B SIZE=21744
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost -k rpcss
%SYSDIR%\drivers\sfdrv01.sys [Protection Technology] [StarForce Protection System] MD5=4C0D673281178CB496011A2E28571FC8 SIZE=50688
%SYSDIR%\drivers\sfhlp02.sys [Protection Technology] [StarForce Protection System] MD5=15BE2B5E4DC5B8623CF167720682ABC9 SIZE=6656
%SYSDIR%\drivers\sfsync02.sys [Protection Technology] [StarForce Protection System] MD5=EFEBBC1D13FDB77A6AF4EDDFC7232EDF SIZE=19968
%PROGRAMFILES%\Belgacom\bin\sprtsvc.exe \service \p belgacom
%SYSDIR%\Drivers\sptd.sys SIZE=721904
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
End of Report
Logfile of Spyware Terminator v2.5.9.223 (db:3.007.031.000)
Scan Time: 02/08/2009 19:04:33 length: 815 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 60424 (Critical:2)
Filter: No System items, No Safe items, No Invalid items
Running Processes
jqs.exe [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
nvsvc32.exe [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
sprtsvc.exe [SupportSoft, Inc.] : C:\Program Files\Belgacom\bin\sprtsvc.exe
Dragdiag.exe [THOMSON Telecom Belgium] : C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
sprtcmd.exe [SupportSoft, Inc.] : C:\Program Files\Belgacom\bin\sprtcmd.exe
UnlockerAssistant.exe : C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe
jusched.exe [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe
AnyDVDtray.exe [SlySoft, Inc.] : C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
hpqtra08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
hpqSTE08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
HPZipm12.exe [HP] : C:\WINDOWS\system32\HPZipm12.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
02 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jp2ssv.dll
02 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\lib\deploy\jqs\ie\jqs_plugin.dll
Toolbars
03 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AnyDVD : [SlySoft, Inc.] : C:\Program Files\mes logicies\anydvd\AnyDVDtray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SpeedTouch USB Diagnostics : [THOMSON Telecom Belgium] : C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Belgacom : [SupportSoft, Inc.] : C:\Program Files\Belgacom\bin\sprtcmd.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Google Quick Search Box : [Google Inc.] : C:\Program Files\GOOGLE\QUICK SEARCH BOX\GOOGLEQUICKSEARCHBOX.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CloneCDTray : [SlySoft, Inc.] : C:\Program Files\MES LOGICIES\CLONE CD\CLONECD\CLONECDTRAY.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UnlockerAssistant : : C:\Program Files\mes protections\unlocker\UnlockerAssistant.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SunJavaUpdateSched : [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jusched.exe
04 - Startup: %STARTUPALL%\HP Digital Imaging Monitor.lnk [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - [Alexander Roshal] : C:\Program Files\mes logicies\winrar\rarext.dll
Services
23 - [THOMSON] : C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
23 - [THOMSON] : C:\WINDOWS\system32\DRIVERS\alcaudsl.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [SlySoft, Inc.] : C:\WINDOWS\system32\Drivers\AnyDVD.sys
23 - [SlySoft, Inc.] : C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
23 - [Elaborate Bytes AG] : C:\WINDOWS\system32\Drivers\ElbyDelay.sys
23 - [HP] : C:\WINDOWS\system32\DRIVERS\HPZid412.sys
23 - [HP] : C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
23 - [HP] : C:\WINDOWS\system32\DRIVERS\HPZius12.sys
23 - [Sun Microsystems, Inc.] : C:\Documents and Settings\seba\Application Data\Sun\Java\jre1.6.0_14\bin\jqs.exe
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
23 - [HP] : C:\WINDOWS\system32\HPZipm12.exe
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfdrv01.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfhlp02.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfsync02.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Crawler.com] : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
Threat Files
<SPR/AniSYS.A> : C:\WINDOWS\system32\autorun.exe
Advanced Files Report
%SYSDIR%\hpzjrd01.dll [Hewlett Packard] [Hewlett Packard Rediscovery Library] MD5=16FC2C309998C6D55C182652D6A1C5B1 SIZE=139264
%SYSDIR%\hpzlnt12.dll [HP] [HP DeskJet] MD5=52417880AC75AC4B7F4E5C3B54CA6621 SIZE=139345
%SYSDIR%\spool\DRIVERS\W32X86\3\hpzpm312.dll [HP] [Printer Property UI dll] MD5=6554A72F3F6BAA3EC4960BD0BADE773C SIZE=507904
%SYSDIR%\spool\DRIVERS\W32X86\3\hpz2ku12.dll [HP] [HP DeskJet] MD5=19FFBFAC1D57B543ADDEDDC653BA4CB3 SIZE=212992
%SYSDIR%\spool\DRIVERS\W32X86\3\HPZR3212.dll [HP] [Driver UI dlll] MD5=FF3FBC8026CCF42B062506B4D586FEBF SIZE=3219456
%PROGRAMFILES%\Belgacom\bin\sprthook.dll [SupportSoft, Inc.] [SupportSoft, Inc. sprthook] MD5=6B8877B2B9B44E2F3E7C769CCF7D6FA5 SIZE=116000
%PROGRAMFILES%\mes protections\unlocker\UnlockerHook.dll MD5=78D62115F51B641A9F12AFDF50A352FC SIZE=4608
%PROGRAMFILES%\mes logicies\anydvd\ADvdDiscHlp.dll [SlySoft, Inc.] [AnyDVD] MD5=B868EE7B0AF57F9E1C1B1FFE98D4BD4A SIZE=117696
%PROGRAMFILES%\mes logicies\winrar\rarext.dll [Alexander Roshal] [WinRAR] MD5=F11FE030158F8EF14A56A3EA9E9BD47D SIZE=132608
%PROGRAMFILES%\mes protections\Trojan Remover\Trshlex.dll [Simply Super Software] [Trojan Remover] MD5=B76FDC3CDB2580405FE8100D248B4821 SIZE=467552
%SYSDIR%\NVRSFR.DLL [NVIDIA Corporation] [NVIDIA Compatible Windows 2000 Display driver, Version 71.90] MD5=A3107CDD793AD9B8415C88CC139750C6 SIZE=262144
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 100.31] MD5=7FEE3369B45FEF88949C696E1BCD2BA6 SIZE=466944
%APPDATA%\Sun\Java\jre1.6.0_14\bin\jqs.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U14] MD5=44FFBA62F0F426B581759C49AAFEC2E2 SIZE=152984
%SYSDIR%\nvsvc32.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 71.90] MD5=F7A02F0806EC38C4C12E462B9BEABC94 SIZE=127042
%PROGRAMFILES%\Belgacom\bin\sprtsvc.exe [SupportSoft, Inc.] [SupportSoft sprtsvc] MD5=5F87F129EC8BFAE7C5EF456619047F22 SIZE=202016
%PROGRAMFILES%\Belgacom\bin\sprtsched.dll [SupportSoft, Inc.] [SupportSoft sprtsched] MD5=788C4CA41F28F5E5E6479F35983940B0 SIZE=881952
%PROGRAMFILES%\Belgacom\bin\sprtfod.dll [SupportSoft, Inc.] [SupportSoft sprtfod] MD5=0AB6629467D8F073B762FCA1D416BF2D SIZE=398624
%PROGRAMFILES%\Belgacom\bin\LIBEAY32.dll [SupportSoft, Inc.] [SSL Module based on 0.9.8b] MD5=5C5209B04B1942A534259C2AB7BB1EEA SIZE=1069056
%PROGRAMFILES%\Belgacom\bin\sprtsync.dll [SupportSoft, Inc.] [SupportSoft SyncManager Sprocket] MD5=E8B876BE73B87242E1ABE519E1816E29 SIZE=861472
%SYSDIR%\hpgwiamd.dll [Hewlett-Packard] [hpgwiamd.dll] MD5=187B944F719C5915BF5C615F56C0395A SIZE=278528
%PROGRAMFILES%\Belgacom\bin\sprtevent.dll [SupportSoft, Inc.] [SupportSoft sprtevent] MD5=0547AF400AE6B4F8646148739E0F24FA SIZE=382240
%PROGRAMFILES%\Belgacom\bin\sprtui.dll [SupportSoft, Inc.] [SupportSoft sprtui] MD5=D73405418E6F702E426C6DDF7091D00B SIZE=374048
%PROGRAMFILES%\Belgacom\bin\sprttrigger.dll [SupportSoft, Inc.] [SupportSoft SupportTriggers Sprocket] MD5=734CB17FBE664F87788F1A2210B40A3F SIZE=341280
%PROGRAMFILES%\Google\GoogleToolbarNotifier\5.2.4204.1700\gtn.dll [Google Inc.] [GoogleToolbarNotifier] MD5=022A7057B55856D4504CF9A04F449373 SIZE=141808
%PROGRAMFILES%\mes logicies\anydvd\AnyDialog.dll [SlySoft, Inc.] [AnyDVD] MD5=1502ED0F6C94171453ABA2651644DFA1 SIZE=1045440
%SYSDIR%\ElbyCDIO.dll [Elaborate Bytes AG] [Elaborate Bytes CDRTools] MD5=6C2E447D25827F5518CCBB1AE7083EF4 SIZE=93128
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=5597D0075861CB0A6E6087752D205C0D SIZE=282624
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcxm08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=EA99B12613E5909526123EEC64D6ABDC SIZE=143360
%PROGRAMFILES%\HP\Digital Imaging\bin\hpquio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=82E047AC9DCFA908F169EBB20C157198 SIZE=102400
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2E47A385EF1FCD593CA569B8078F5E45 SIZE=65536
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtao08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=621D873625B55315D248204E6588BA2D SIZE=65536
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=4C7CE6459461B61EAD294EAF50AF3160 SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CA76F94394D6C838342ADF41CC51D5D9 SIZE=28672
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=FC99DC360CFA2E32276151EB7B1D899D SIZE=696320
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcob08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=B245E6716CF85BDC55D17030CA609A73 SIZE=86016
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotradd.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=AEA0B0AA26E4EA377D6A12B3B5D6F90F SIZE=53248
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodvd09.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=A490EDE46A746E14AE6876021B6D4269 SIZE=70656
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoddcomm09.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=6BDA568A2AED0F84C717B5649F70C91C SIZE=93696
%SYSDIR%\hpzidr12.dll [HP] [HP Dot4Rtl] MD5=3A2030BBD08924970DCDB7ABBA4C4D92 SIZE=278584
%SYSDIR%\hpzipr12.dll [HP] [HP PmlRtl] MD5=D6D559B94671573A026ED47C5E75964B SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodev08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=986637284D3CB5B44A8848A13B6F1BC3 SIZE=73728
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodeb08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2E98BB08DBABF2E433FBE420DB836526 SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hposcn08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=E6AAD0234BEBE83EC6F66507DA204F83 SIZE=114688
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSCN08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2440A0CD99FD76B68F92E98D17B70F17 SIZE=24576
%PROGRAMFILES%\HP\Digital Imaging\bin\hpocxi08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=891736C55CEF9D265F915BCC0737D8A8 SIZE=274432
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqSTE08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2DB4D4386AC0F8CC367E1AA8AB1004EF SIZE=204800
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqmfc09.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=7BC9BBC3C0C756B69E3F152ABAD0B44F SIZE=143360
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtap08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=1BF96F094044E1A6DEBEFC6FC7E1025F SIZE=53248
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqSTE08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=D9AE570BDF1B5EC9AC54837EAAFE0E36 SIZE=159744
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqsti08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=BCBEC1B5FDE429B2839410D22B5A0D15 SIZE=147456
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqstp08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=ADB83EDD735EB87F4030E5A9E9BA3D5C SIZE=135168
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqsem08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2F7E074D9950D1966E493153CA13360D SIZE=446464
%SYSDIR%\HPZipm12.exe [HP] [HP PML] MD5=9D84376931440F3679BEEF2A414FA493 SIZE=69632
%PROGRAMFILES%\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] [Google Toolbar for Internet Explorer] MD5=783AD24A77CD964B9888F27535FCC56E SIZE=256112
%PROGRAMFILES%\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_D5B8545F3CFB02D4.dll [Google Inc.] [Google Toolbar for Internet Explorer] MD5=277B3B6DC03A68739E8186120FA91F79 SIZE=2568304
%PROGRAMFILES%\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_9655453EC427A513.dll [Google Inc.] [Google Toolbar for Internet Explorer] MD5=AEBB7536DA92A8A0417AF89E63E973B3 SIZE=600576
%SYSDIR%\Macromed\Flash\Flash10b.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=8AFC17155ED5AB60B7C52D7F553D579C SIZE=3866528
D:\AUTORUN\AUTORUN
deskpan.dll
%SYSDIR%\DRIVERS\alcan5wn.sys [THOMSON] [SpeedTouch USB] MD5=0940030D5A5869067CCC03E3B0B8DEC7 SIZE=53600
%SYSDIR%\DRIVERS\alcaudsl.sys [THOMSON] [SpeedTouch USB] MD5=4C9577888C53243E2991456F510488A1 SIZE=70688
%SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)] MD5=8D6C30E515717248E0E52B85FD7AC466 SIZE=2279424
%SYSDIR%\Drivers\AnyDVD.sys [SlySoft, Inc.] [AnyDVD] MD5=F39D005F6509B17A88CEAFEAB210BFB2 SIZE=99648
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\Drivers\ElbyCDFL.sys [SlySoft, Inc.] [CloneCD] MD5=CE37E3D51912E59C80C6D84337C0B4CD SIZE=34760
%SYSDIR%\Drivers\ElbyDelay.sys [Elaborate Bytes AG] [CDRTools] MD5=E205C313417DA6FA7AFE85912A310A65 SIZE=11984
%SYSDIR%\DRIVERS\HPZid412.sys [HP] [HP Dot4 Windows 2000] MD5=9F1D80908658EB7F1BF70809E0B51470 SIZE=51120
%SYSDIR%\DRIVERS\HPZipr12.sys [HP] [HP Dot4Print] MD5=F7E3E9D50F9CD3DE28085A8FDAA0A1C3 SIZE=16496
%SYSDIR%\DRIVERS\HPZius12.sys [HP] [HP Dot4Usb Windows 2000] MD5=CF1B7951B4EC8D13F3C93B74BB2B461B SIZE=21744
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost -k rpcss
%SYSDIR%\drivers\sfdrv01.sys [Protection Technology] [StarForce Protection System] MD5=4C0D673281178CB496011A2E28571FC8 SIZE=50688
%SYSDIR%\drivers\sfhlp02.sys [Protection Technology] [StarForce Protection System] MD5=15BE2B5E4DC5B8623CF167720682ABC9 SIZE=6656
%SYSDIR%\drivers\sfsync02.sys [Protection Technology] [StarForce Protection System] MD5=EFEBBC1D13FDB77A6AF4EDDFC7232EDF SIZE=19968
%PROGRAMFILES%\Belgacom\bin\sprtsvc.exe \service \p belgacom
%SYSDIR%\Drivers\sptd.sys SIZE=721904
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
End of Report
le scan de spywar terminator est terminer,et il a detecter 3 menaces dont une du nivaut de danjerosite 1 et une du nivaut 2; je n ai encor rien supprimer et le programme est toujour ouvert et est ce que je doit supprimmer car je vous ai envoyer le raport avec les menaces detectees.merci.
Logfile of HijackThis v1.99.1
Scan saved at 21:56:22, on 02/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\FeedReader30\feedreader.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\regedit.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.dospop.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.dospop.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MyWiki toolbar - {e22e8d11-0f3e-4d46-8fc1-7264b4d5ea01} - C:\Program Files\MyWiki\tbMyWi.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe
O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Bore Heart Manager Dart] C:\Documents and Settings\All Users\Application Data\SAVE INTERNET BORE HEART\Okay mess.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\FeedReader30\feedreader.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AceClock] C:\Program Files\AceClockXP\aceclockxp.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [Vista Rainbar] C:\Program Files\Vista Rainbar\launcher.exe
O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
O4 - HKCU\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe
O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Update Service (gupdate1c98af06353f300) (gupdate1c98af06353f300) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Merki
Scan saved at 21:56:22, on 02/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\FeedReader30\feedreader.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\regedit.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.dospop.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.dospop.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MyWiki toolbar - {e22e8d11-0f3e-4d46-8fc1-7264b4d5ea01} - C:\Program Files\MyWiki\tbMyWi.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe
O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Bore Heart Manager Dart] C:\Documents and Settings\All Users\Application Data\SAVE INTERNET BORE HEART\Okay mess.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\FeedReader30\feedreader.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AceClock] C:\Program Files\AceClockXP\aceclockxp.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [Vista Rainbar] C:\Program Files\Vista Rainbar\launcher.exe
O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
O4 - HKCU\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe
O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Update Service (gupdate1c98af06353f300) (gupdate1c98af06353f300) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Merki
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
