Pc lent
x_cite2
Messages postés
84
Statut
Membre
-
x_cite2 Messages postés 84 Statut Membre -
x_cite2 Messages postés 84 Statut Membre -
Bonjour,
depuis quelque temps mon pc est devenu très très lent je voudrais savoir si j'ai des virus ou pas comment il faudrait que je procède? sachant que j'ai avira anti virus et asquared free qui n'ont rien trouvé.
j'ai aussi le rapport hijackthis que voici :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:18:09, on 07/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\AskBarDis\bar\bin\AskService.exe
E:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\WINDOWS\system32\taskmgr.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Ad-Watch] E:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - E:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - E:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - E:\WINDOWS\system32\ZoneLabs\vsmon.exe
depuis quelque temps mon pc est devenu très très lent je voudrais savoir si j'ai des virus ou pas comment il faudrait que je procède? sachant que j'ai avira anti virus et asquared free qui n'ont rien trouvé.
j'ai aussi le rapport hijackthis que voici :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:18:09, on 07/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\AskBarDis\bar\bin\AskService.exe
E:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\WINDOWS\system32\taskmgr.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Ad-Watch] E:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - E:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - E:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - E:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- Pc lent
- Pc lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
18 réponses
Salut,
Fait ceci :
(!) Pour les utilisateurs de Vista veuillez desactiver l'UAC (!)
► Voici la marche à suivre afin de désactiver l’UAC
● Double-clique sur l’icône “Comptes d’utilisateurs”
● Clique ensuite sur “Activer ou désactiver le contrôle des comptes d’utilisateurs”
● Windows (l’UAC) vous demande alors une confirmation, cliquez sur le bouton “Continuer“
● Dans la fenêtre qui vient de s’ouvrir, décoche la case “Utiliser le contrôle des comptes d’utilisateurs pour vous aider à protéger votre ordinateur” puis clique sur “OK”
► Redémarre ensuite ton ordinateur pour que les changements prennent effet. Dorénavant Windows Vista ne te demandera plus l’autorisation afin de procéder à l’installation d’un logiciel ou lors de l’accès à certains fichiers.
► Télécharge sur ton bureaux Toolbar S&D ( par Eric_71 )
<<< Pour installer Toolbar S&D clique ici >>>
► Clique sur l'icone ToolbarS&D.exe
► Installe le sur ton bureaux
► Une nouvelle icone (avec écrit Toolbar S&D noir) est alors crée sur le bureau qui permet de démarrer le programme clique deçus
► Le programme se lance... tu dois choisir la langue.
► Pour choisir en français, tape sur la touche F et valide .
# T'arrive alors sur le menu principal de ToolBar S&D :
● L'option 1 : Recherche permet de rechercher l'infection
● L'option 2 : Supprimes les infections détectées
Tu va d'abord choisirs l'option 1 ( Recherche )
(Le menu Démarrer et les icônes vont disparaitrent, c'est normal.)
La recherche s'effectue, cela peut prendre plusieurs minutes, ne touche à rien.
► Une fois l'analyse terminé, le rapport de recherche s'ouvre sur le Bloc-Note. (Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\TB.txt)
Séléctionne tout, copie sont contenue et colle le dans ta prochaine réponse sur le Topic.
(!) Avant de démarrer le programme, désactive les antispywares (!)
P.S : Un peu de lecture sur les barres d'outils
Fait ceci :
(!) Pour les utilisateurs de Vista veuillez desactiver l'UAC (!)
► Voici la marche à suivre afin de désactiver l’UAC
● Double-clique sur l’icône “Comptes d’utilisateurs”
● Clique ensuite sur “Activer ou désactiver le contrôle des comptes d’utilisateurs”
● Windows (l’UAC) vous demande alors une confirmation, cliquez sur le bouton “Continuer“
● Dans la fenêtre qui vient de s’ouvrir, décoche la case “Utiliser le contrôle des comptes d’utilisateurs pour vous aider à protéger votre ordinateur” puis clique sur “OK”
► Redémarre ensuite ton ordinateur pour que les changements prennent effet. Dorénavant Windows Vista ne te demandera plus l’autorisation afin de procéder à l’installation d’un logiciel ou lors de l’accès à certains fichiers.
► Télécharge sur ton bureaux Toolbar S&D ( par Eric_71 )
<<< Pour installer Toolbar S&D clique ici >>>
► Clique sur l'icone ToolbarS&D.exe
► Installe le sur ton bureaux
► Une nouvelle icone (avec écrit Toolbar S&D noir) est alors crée sur le bureau qui permet de démarrer le programme clique deçus
► Le programme se lance... tu dois choisir la langue.
► Pour choisir en français, tape sur la touche F et valide .
# T'arrive alors sur le menu principal de ToolBar S&D :
● L'option 1 : Recherche permet de rechercher l'infection
● L'option 2 : Supprimes les infections détectées
Tu va d'abord choisirs l'option 1 ( Recherche )
(Le menu Démarrer et les icônes vont disparaitrent, c'est normal.)
La recherche s'effectue, cela peut prendre plusieurs minutes, ne touche à rien.
► Une fois l'analyse terminé, le rapport de recherche s'ouvre sur le Bloc-Note. (Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\TB.txt)
Séléctionne tout, copie sont contenue et colle le dans ta prochaine réponse sur le Topic.
(!) Avant de démarrer le programme, désactive les antispywares (!)
P.S : Un peu de lecture sur les barres d'outils
voila le rapport :
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : BIOS Date: 07/14/06 16:31:37 Ver: 08.00.12
USER : pro ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:17 Go)
D:\ (Local Disk) - NTFS - Total:249 Go (Free:90 Go)
E:\ (Local Disk) - NTFS - Total:24 Go (Free:2 Go)
F:\ (Local Disk) - NTFS - Total:465 Go (Free:350 Go)
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
S:\ (Local Disk) - NTFS - Total:931 Go (Free:77 Go)
"E:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 07/09/2009| 8:38 )
-----------\\ Recherche de Fichiers / Dossiers ...
[Service] ASKService
[Service] ASKUpgrade
E:\Program Files\AskBarDis
E:\Program Files\AskBarDis\bar
E:\Program Files\AskBarDis\unins000.dat
E:\Program Files\AskBarDis\unins000.exe
E:\Program Files\AskBarDis\bar\bin
E:\Program Files\AskBarDis\bar\Cache
E:\Program Files\AskBarDis\bar\History
E:\Program Files\AskBarDis\bar\Settings
E:\Program Files\AskBarDis\bar\bin\askBar.dll
E:\Program Files\AskBarDis\bar\bin\askPopStp.dll
E:\Program Files\AskBarDis\bar\bin\AskService.exe
E:\Program Files\AskBarDis\bar\bin\AskSplash.exe
E:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
E:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
E:\Program Files\AskBarDis\bar\bin\psvince.dll
E:\Program Files\AskBarDis\bar\Cache\08B1297A
E:\Program Files\AskBarDis\bar\Cache\0A5D15C2
E:\Program Files\AskBarDis\bar\Cache\0F7A7596
E:\Program Files\AskBarDis\bar\Cache\0F7A77F7
E:\Program Files\AskBarDis\bar\Cache\10FC86D6.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8967.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8ADE.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8CF1.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8EB6.bin
E:\Program Files\AskBarDis\bar\Cache\10FC906C.bin
E:\Program Files\AskBarDis\bar\Cache\10FC9250.bin
E:\Program Files\AskBarDis\bar\Cache\files.ini
E:\Program Files\AskBarDis\bar\History\search
E:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
E:\Program Files\AskBarDis\bar\Settings\config.dat
E:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
E:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
-----------\\ Extensions
(pro) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(pro) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs
(pro) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(pro) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot
(pro) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(pro) - {2f17f610-5e97-4fed-828f-9940b7b577a4} => tv-fox
(pro) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(pro) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(pro) - {62760FD6-B943-48C9-AB09-F99C6FE96088} => ebaycompanion
(pro) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pro) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(pro) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot
(pro) - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} => fireftp
(pro) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(pro) - {c07d1a49-9894-49ff-a594-38960ede8fb9} => updatescan
(pro) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(pro) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(pro) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome
(pro) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(pro) - {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} => foxtab
(pro) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview
(pro) - {F807FACD-E46A-4793-B345-D58CB177673C} => scribefire
(pro) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Local Page"="E:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="E:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "E:\ToolBar SD\TB_1.txt" - 07/09/2009| 7:51 - Option : [1]
2 - "E:\ToolBar SD\TB_2.txt" - 07/09/2009| 8:38 - Option : [1]
-----------\\ Fin du rapport a 8:38:47,67
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : BIOS Date: 07/14/06 16:31:37 Ver: 08.00.12
USER : pro ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:17 Go)
D:\ (Local Disk) - NTFS - Total:249 Go (Free:90 Go)
E:\ (Local Disk) - NTFS - Total:24 Go (Free:2 Go)
F:\ (Local Disk) - NTFS - Total:465 Go (Free:350 Go)
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
S:\ (Local Disk) - NTFS - Total:931 Go (Free:77 Go)
"E:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 07/09/2009| 8:38 )
-----------\\ Recherche de Fichiers / Dossiers ...
[Service] ASKService
[Service] ASKUpgrade
E:\Program Files\AskBarDis
E:\Program Files\AskBarDis\bar
E:\Program Files\AskBarDis\unins000.dat
E:\Program Files\AskBarDis\unins000.exe
E:\Program Files\AskBarDis\bar\bin
E:\Program Files\AskBarDis\bar\Cache
E:\Program Files\AskBarDis\bar\History
E:\Program Files\AskBarDis\bar\Settings
E:\Program Files\AskBarDis\bar\bin\askBar.dll
E:\Program Files\AskBarDis\bar\bin\askPopStp.dll
E:\Program Files\AskBarDis\bar\bin\AskService.exe
E:\Program Files\AskBarDis\bar\bin\AskSplash.exe
E:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
E:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
E:\Program Files\AskBarDis\bar\bin\psvince.dll
E:\Program Files\AskBarDis\bar\Cache\08B1297A
E:\Program Files\AskBarDis\bar\Cache\0A5D15C2
E:\Program Files\AskBarDis\bar\Cache\0F7A7596
E:\Program Files\AskBarDis\bar\Cache\0F7A77F7
E:\Program Files\AskBarDis\bar\Cache\10FC86D6.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8967.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8ADE.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8CF1.bin
E:\Program Files\AskBarDis\bar\Cache\10FC8EB6.bin
E:\Program Files\AskBarDis\bar\Cache\10FC906C.bin
E:\Program Files\AskBarDis\bar\Cache\10FC9250.bin
E:\Program Files\AskBarDis\bar\Cache\files.ini
E:\Program Files\AskBarDis\bar\History\search
E:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
E:\Program Files\AskBarDis\bar\Settings\config.dat
E:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
E:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
-----------\\ Extensions
(pro) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(pro) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs
(pro) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(pro) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot
(pro) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(pro) - {2f17f610-5e97-4fed-828f-9940b7b577a4} => tv-fox
(pro) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(pro) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(pro) - {62760FD6-B943-48C9-AB09-F99C6FE96088} => ebaycompanion
(pro) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pro) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(pro) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot
(pro) - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} => fireftp
(pro) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(pro) - {c07d1a49-9894-49ff-a594-38960ede8fb9} => updatescan
(pro) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(pro) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(pro) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome
(pro) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(pro) - {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} => foxtab
(pro) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview
(pro) - {F807FACD-E46A-4793-B345-D58CB177673C} => scribefire
(pro) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Local Page"="E:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="E:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "E:\ToolBar SD\TB_1.txt" - 07/09/2009| 7:51 - Option : [1]
2 - "E:\ToolBar SD\TB_2.txt" - 07/09/2009| 8:38 - Option : [1]
-----------\\ Fin du rapport a 8:38:47,67
Salut,
► Pour lancer le nettoyage via ToolBar S&D, relance le programme.
► Dans le menu principal, tape 2 et valide
Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.
Le nettoyage va prendre quelques minutes...
(!) Ne ferme pas la fenètre pendant la suppression (!)
Une fois le nettoyage terminée, le rapport de nettoyage s'ouvre, sélectionne tout copie son intégralité et colle le dans ta prochaine réponse...
► Pour lancer le nettoyage via ToolBar S&D, relance le programme.
► Dans le menu principal, tape 2 et valide
Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.
Le nettoyage va prendre quelques minutes...
(!) Ne ferme pas la fenètre pendant la suppression (!)
Une fois le nettoyage terminée, le rapport de nettoyage s'ouvre, sélectionne tout copie son intégralité et colle le dans ta prochaine réponse...
voila :
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : BIOS Date: 07/14/06 16:31:37 Ver: 08.00.12
USER : pro ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:17 Go)
D:\ (Local Disk) - NTFS - Total:249 Go (Free:90 Go)
E:\ (Local Disk) - NTFS - Total:24 Go (Free:3 Go)
F:\ (Local Disk) - NTFS - Total:465 Go (Free:350 Go)
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
S:\ (Local Disk) - NTFS - Total:931 Go (Free:77 Go)
"E:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 07/09/2009|16:39 )
-----------\\ SUPPRESSION
Supprime! - [Service] ASKService
Supprime! - [Service] ASKUpgrade
Supprime! - E:\Program Files\AskBarDis\bar
Supprime! - E:\Program Files\AskBarDis\unins000.dat
Supprime! - E:\Program Files\AskBarDis\unins000.exe
Supprime! - E:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(pro) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(pro) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs
(pro) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(pro) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot
(pro) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(pro) - {2f17f610-5e97-4fed-828f-9940b7b577a4} => tv-fox
(pro) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(pro) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(pro) - {62760FD6-B943-48C9-AB09-F99C6FE96088} => ebaycompanion
(pro) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pro) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(pro) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot
(pro) - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} => fireftp
(pro) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(pro) - {c07d1a49-9894-49ff-a594-38960ede8fb9} => updatescan
(pro) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(pro) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(pro) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome
(pro) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(pro) - {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} => foxtab
(pro) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview
(pro) - {F807FACD-E46A-4793-B345-D58CB177673C} => scribefire
(pro) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Local Page"="E:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="E:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "E:\ToolBar SD\TB_1.txt" - 07/09/2009| 7:51 - Option : [1]
2 - "E:\ToolBar SD\TB_2.txt" - 07/09/2009| 8:38 - Option : [1]
3 - "E:\ToolBar SD\TB_3.txt" - 07/09/2009|16:40 - Option : [2]
-----------\\ Fin du rapport a 16:40:15,07
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : BIOS Date: 07/14/06 16:31:37 Ver: 08.00.12
USER : pro ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:17 Go)
D:\ (Local Disk) - NTFS - Total:249 Go (Free:90 Go)
E:\ (Local Disk) - NTFS - Total:24 Go (Free:3 Go)
F:\ (Local Disk) - NTFS - Total:465 Go (Free:350 Go)
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
S:\ (Local Disk) - NTFS - Total:931 Go (Free:77 Go)
"E:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 07/09/2009|16:39 )
-----------\\ SUPPRESSION
Supprime! - [Service] ASKService
Supprime! - [Service] ASKUpgrade
Supprime! - E:\Program Files\AskBarDis\bar
Supprime! - E:\Program Files\AskBarDis\unins000.dat
Supprime! - E:\Program Files\AskBarDis\unins000.exe
Supprime! - E:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(pro) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(pro) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs
(pro) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(pro) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot
(pro) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(pro) - {2f17f610-5e97-4fed-828f-9940b7b577a4} => tv-fox
(pro) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(pro) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(pro) - {62760FD6-B943-48C9-AB09-F99C6FE96088} => ebaycompanion
(pro) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pro) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(pro) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot
(pro) - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} => fireftp
(pro) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(pro) - {c07d1a49-9894-49ff-a594-38960ede8fb9} => updatescan
(pro) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(pro) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(pro) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome
(pro) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(pro) - {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} => foxtab
(pro) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview
(pro) - {F807FACD-E46A-4793-B345-D58CB177673C} => scribefire
(pro) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Local Page"="E:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="E:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "E:\ToolBar SD\TB_1.txt" - 07/09/2009| 7:51 - Option : [1]
2 - "E:\ToolBar SD\TB_2.txt" - 07/09/2009| 8:38 - Option : [1]
3 - "E:\ToolBar SD\TB_3.txt" - 07/09/2009|16:40 - Option : [2]
-----------\\ Fin du rapport a 16:40:15,07
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voila :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:05, on 07/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Windows Live\Contacts\wlcomm.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - E:\WINDOWS\system32\ZoneLabs\vsmon.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:05, on 07/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Windows Live\Contacts\wlcomm.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - E:\WINDOWS\system32\ZoneLabs\vsmon.exe
Fait une analyse avec MBAM et envoie le rapport
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
♦ Sélectionne Exécuter un examen complet puis clique sur le bouton Rechercher pour lancer le scan.
♦ Clique sur le bouton Lancer l'examen pour démarrer le scan.
♦ Clique sur le bouton Supprimer la sélection en bas à gauche.
♦ Un rapport de scan s'ouvre, sélectionne tout copie le et colle le dans ta prochaine réponse.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
♦ Sélectionne Exécuter un examen complet puis clique sur le bouton Rechercher pour lancer le scan.
♦ Clique sur le bouton Lancer l'examen pour démarrer le scan.
♦ Clique sur le bouton Supprimer la sélection en bas à gauche.
♦ Un rapport de scan s'ouvre, sélectionne tout copie le et colle le dans ta prochaine réponse.
voila :
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2749
Windows 5.1.2600 Service Pack 2
08/09/2009 08:06:49
mbam-log-2009-09-08 (08-06-49).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|S:\|)
Eléments examinés: 380299
Temps écoulé: 2 hour(s), 44 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 20
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
E:\Documents and Settings\pro\Application Data\Microsoft\dtsc (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\vntiho06 (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
E:\Documents and Settings\pro\Application Data\Microsoft\dtsc\s (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\ctfmon32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\directx32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\dnsrelay.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\Explorer32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\funniest.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\funny.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\gfmnaaa.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\helpcvs.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\inetinf.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\internet.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\msspi.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\mswsc10.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\mswsc20.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\rundll32.vbe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\searchword.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\svchost32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\svcinit.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\time.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\Explorer.sav (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2749
Windows 5.1.2600 Service Pack 2
08/09/2009 08:06:49
mbam-log-2009-09-08 (08-06-49).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|S:\|)
Eléments examinés: 380299
Temps écoulé: 2 hour(s), 44 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 20
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
E:\Documents and Settings\pro\Application Data\Microsoft\dtsc (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\vntiho06 (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
E:\Documents and Settings\pro\Application Data\Microsoft\dtsc\s (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\ctfmon32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\directx32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\dnsrelay.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\Explorer32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\funniest.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\funny.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\gfmnaaa.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\helpcvs.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\inetinf.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\internet.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\msspi.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\mswsc10.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\mswsc20.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\rundll32.vbe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\searchword.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\svchost32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\svcinit.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\time.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
E:\WINDOWS\Explorer.sav (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:17:18, on 08/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\ZoneLabs\vsmon.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Windows Live\Contacts\wlcomm.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - E:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 17:17:18, on 08/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\ZoneLabs\vsmon.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Windows Live\Contacts\wlcomm.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - E:\WINDOWS\system32\ZoneLabs\vsmon.exe
voila je vous remet le rapport de toolbar SD avec la deuxième option :
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : BIOS Date: 07/14/06 16:31:37 Ver: 08.00.12
USER : pro ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 9.0.0.463 (Activated)
Firewall : Kaspersky Internet Security 9.0.0.463 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:17 Go)
D:\ (Local Disk) - NTFS - Total:249 Go (Free:90 Go)
E:\ (Local Disk) - NTFS - Total:24 Go (Free:3 Go)
F:\ (Local Disk) - NTFS - Total:465 Go (Free:350 Go)
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
S:\ (Local Disk) - NTFS - Total:931 Go (Free:77 Go)
"E:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 08/09/2009|23:29 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(pro) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(pro) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs
(pro) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(pro) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot
(pro) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(pro) - {2f17f610-5e97-4fed-828f-9940b7b577a4} => tv-fox
(pro) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(pro) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(pro) - {62760FD6-B943-48C9-AB09-F99C6FE96088} => ebaycompanion
(pro) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pro) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(pro) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot
(pro) - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} => fireftp
(pro) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(pro) - {c07d1a49-9894-49ff-a594-38960ede8fb9} => updatescan
(pro) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(pro) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(pro) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome
(pro) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(pro) - {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} => foxtab
(pro) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview
(pro) - {F807FACD-E46A-4793-B345-D58CB177673C} => scribefire
(pro) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Local Page"="E:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="E:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "E:\ToolBar SD\TB_1.txt" - 07/09/2009| 7:51 - Option : [1]
2 - "E:\ToolBar SD\TB_2.txt" - 07/09/2009| 8:38 - Option : [1]
3 - "E:\ToolBar SD\TB_3.txt" - 07/09/2009|16:40 - Option : [2]
4 - "E:\ToolBar SD\TB_4.txt" - 08/09/2009|23:28 - Option : [1]
5 - "E:\ToolBar SD\TB_5.txt" - 08/09/2009|23:30 - Option : [2]
-----------\\ Fin du rapport a 23:30:23,04
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz )
BIOS : BIOS Date: 07/14/06 16:31:37 Ver: 08.00.12
USER : pro ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 9.0.0.463 (Activated)
Firewall : Kaspersky Internet Security 9.0.0.463 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:17 Go)
D:\ (Local Disk) - NTFS - Total:249 Go (Free:90 Go)
E:\ (Local Disk) - NTFS - Total:24 Go (Free:3 Go)
F:\ (Local Disk) - NTFS - Total:465 Go (Free:350 Go)
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
S:\ (Local Disk) - NTFS - Total:931 Go (Free:77 Go)
"E:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 08/09/2009|23:29 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(pro) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(pro) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs
(pro) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(pro) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot
(pro) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(pro) - {2f17f610-5e97-4fed-828f-9940b7b577a4} => tv-fox
(pro) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(pro) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(pro) - {62760FD6-B943-48C9-AB09-F99C6FE96088} => ebaycompanion
(pro) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(pro) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(pro) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot
(pro) - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} => fireftp
(pro) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(pro) - {c07d1a49-9894-49ff-a594-38960ede8fb9} => updatescan
(pro) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(pro) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(pro) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome
(pro) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(pro) - {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} => foxtab
(pro) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview
(pro) - {F807FACD-E46A-4793-B345-D58CB177673C} => scribefire
(pro) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Local Page"="E:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="E:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "E:\ToolBar SD\TB_1.txt" - 07/09/2009| 7:51 - Option : [1]
2 - "E:\ToolBar SD\TB_2.txt" - 07/09/2009| 8:38 - Option : [1]
3 - "E:\ToolBar SD\TB_3.txt" - 07/09/2009|16:40 - Option : [2]
4 - "E:\ToolBar SD\TB_4.txt" - 08/09/2009|23:28 - Option : [1]
5 - "E:\ToolBar SD\TB_5.txt" - 08/09/2009|23:30 - Option : [2]
-----------\\ Fin du rapport a 23:30:23,04
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:42:36, on 09/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter à l'Anti-bannière - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
Scan saved at 00:42:36, on 09/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\pro\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter à l'Anti-bannière - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
Rien de méchant =)
Fait ceci:
~~~~~~~~ToolsCleaner~~~~~~~~~~
◆ Installe sur ton bureaux Toolscleaner depuis le lien du haut
◆ Double-clique dessus, puis clique sur Recherche --> Le programme va chercher les utilitaires installés
((!)) Il se peut que la fenêtre devienne blanche pendant le scan, c'est normal ! ((!))
Copie-colle le contenu du rapport qui apparait dans la fenêtre blanche.
* Lorsque la recherche est terminée ToolsCleaner affiche une liste des différents outils trouvés, clique sur "Suppression" afin de les supprimer.
==> Vide ta corbeille
==> Quitte le programme
Et enfin postes le rapport qui se trouve ici >>> C:\TCleaner.txt
Fait ceci:
~~~~~~~~ToolsCleaner~~~~~~~~~~
◆ Installe sur ton bureaux Toolscleaner depuis le lien du haut
◆ Double-clique dessus, puis clique sur Recherche --> Le programme va chercher les utilitaires installés
((!)) Il se peut que la fenêtre devienne blanche pendant le scan, c'est normal ! ((!))
Copie-colle le contenu du rapport qui apparait dans la fenêtre blanche.
* Lorsque la recherche est terminée ToolsCleaner affiche une liste des différents outils trouvés, clique sur "Suppression" afin de les supprimer.
==> Vide ta corbeille
==> Quitte le programme
Et enfin postes le rapport qui se trouve ici >>> C:\TCleaner.txt
euh donc j'ai fait comme tu la dit par contre j'ai oublier d'enregistrer le rapport donc je peut pas te le montrer mais je sais qu'il a supprimer un truc msnfix, le raccourcie de hijackthis et le toolbarSD
je te remet nouveau le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:15:25, on 09/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Winamp\winamp.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter à l'Anti-bannière - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
je te remet nouveau le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:15:25, on 09/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Winamp\winamp.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter à l'Anti-bannière - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
Ok,
Maintenant rend toi dans tes programmes et désinstalle toute les Toolbar que tu vois en as tu besoin ?
Puis fait une analyse avec Avira et envoie le rapport
Maintenant rend toi dans tes programmes et désinstalle toute les Toolbar que tu vois en as tu besoin ?
Puis fait une analyse avec Avira et envoie le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:00:27, on 10/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter à l'Anti-bannière - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
Scan saved at 16:00:27, on 10/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\a-squared Free\a2service.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\system32\oodag.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
E:\Program Files\Stardock\CursorFX\CursorFX.exe
E:\Program Files\Vista Start Menu\VistaStartMenu.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\Program Files\NETGEAR GA511 Adapter\GA511.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [CursorFX] "E:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "E:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [STYLEXP] E:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter à l'Anti-bannière - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://E:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: Æô¶¯Ñ¸À×5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll,E:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TomTomHOMEService - TomTom - E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
