Soucis avec seekservice
Richard
-
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
Bonjour,
J'ai un soucis avec seekservice également,
>XP Pro 2002 SP3 Amd 1800 + Ram 1 Gb<
Je vous envoie le log du scan de RSIT/
Logfile of random's system information tool 1.06 (written by random/random)
Run by AlainR at 2009-10-17 14:53:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 2 GB (19%) free of 12 GB
Total RAM: 1023 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:53:29, on 17/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\D-Link\PC Agent\NICA.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Secunia\PSI (RC3)\psi.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Application Data\SeekService\seekservice129.exe
C:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Logiciels\AntiMalware\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\AlainR.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [D-Link PC Agent] C:\Program Files\D-Link\PC Agent\NICA.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20New%20York%20Fortune/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Yahtzee/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SeekService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekService\seekservice129.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7656 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Calculatrice.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1563985344-1343024091-1002.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-09 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"D-Link PC Agent"=C:\Program Files\D-Link\PC Agent\NICA.exe [2006-08-24 327680]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-09 149280]
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-11 20992]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-04-05 518144]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-10-10 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\WINDOWS\system32\sti_ci.dll [2008-04-14 138240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LClock"=C:\Windows\LSD\LClock\lclock.exe [2004-09-19 65536]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Documents and Settings\AlainR\Menu Démarrer\Programmes\Démarrage
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMBalloonTip"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\D-Link\PC Agent\NICA.exe"="C:\Program Files\D-Link\PC Agent\NICA.exe:*:Enabled:NICA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-10-17 14:53:05 ----D---- C:\rsit
2009-10-17 13:27:49 ----D---- C:\Documents and Settings\AlainR\Application Data\Avira
2009-10-17 11:58:44 ----D---- C:\Documents and Settings\AlainR\Application Data\Malwarebytes
2009-10-17 11:58:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-17 11:58:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-17 11:52:01 ----A---- C:\TB.txt
2009-10-17 11:50:50 ----D---- C:\ToolBar SD
2009-10-17 11:48:48 ----D---- C:\Program Files\Trend Micro
2009-10-14 17:56:08 ----D---- C:\Documents and Settings\AlainR\Application Data\vlc
2009-10-14 16:25:13 ----D---- C:\Program Files\Common Files
2009-10-14 11:49:14 ----A---- C:\WINDOWS\ModemLog_Modem Bluetooth.txt
2009-10-14 10:38:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-14 10:38:09 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-12 03:57:20 ----D---- C:\Documents and Settings\AlainR\Application Data\SpinTop Games
2009-10-10 15:16:34 ----A---- C:\WINDOWS\unvise32qt.exe
2009-10-10 15:14:32 ----D---- C:\WINDOWS\system32\QuickTime
2009-10-10 15:14:32 ----D---- C:\Program Files\QuickTime
2009-10-10 15:06:20 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2009-10-10 14:55:00 ----D---- C:\Program Files\Microids
2009-10-10 14:51:29 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-08 22:20:08 ----D---- C:\Program Files\Great Secrets Da Vinci
2009-10-07 21:58:49 ----D---- C:\Program Files\DOSBox-0.72
2009-10-07 17:41:06 ----D---- C:\Documents and Settings\AlainR\Application Data\Big Fish Games
2009-10-01 20:28:57 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2009-09-30 00:16:20 ----D---- C:\Program Files\Patriot Games
2009-09-28 00:29:16 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt
2009-09-25 20:48:10 ----D---- C:\Program Files\Winamp
2009-09-25 20:48:10 ----D---- C:\Documents and Settings\AlainR\Application Data\Winamp
2009-09-25 20:15:26 ----RHD---- C:\Documents and Settings\AlainR\Application Data\SecuROM
2009-09-22 17:56:59 ----D---- C:\Program Files\BoontyGames
2009-09-22 17:56:49 ----D---- C:\Program Files\Boonty
2009-09-19 14:06:37 ----D---- C:\Program Files\Avira
2009-09-19 14:06:37 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-09-18 11:39:08 ----D---- C:\Documents and Settings\AlainR\Application Data\Help
======List of files/folders modified in the last 1 months======
2009-10-17 12:54:46 ----D---- C:\Program Files\Mozilla Firefox
2009-10-17 12:38:12 ----D---- C:\WINDOWS\Temp
2009-10-17 12:38:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-17 11:58:39 ----D---- C:\WINDOWS\system32\drivers
2009-10-17 11:58:34 ----D---- C:\Program Files
2009-10-17 11:54:41 ----D---- C:\WINDOWS
2009-10-14 16:26:21 ----D---- C:\Program Files\Motorola Phone Tools
2009-10-14 16:25:56 ----SHD---- C:\WINDOWS\Installer
2009-10-14 16:25:56 ----HD---- C:\WINDOWS\inf
2009-10-14 16:25:56 ----D---- C:\Config.Msi
2009-10-14 16:25:55 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-14 10:38:09 ----D---- C:\Program Files\Fichiers communs
2009-10-14 10:38:08 ----D---- C:\Program Files\Adobe
2009-10-14 10:37:54 ----D---- C:\WINDOWS\system32
2009-10-12 19:27:29 ----A---- C:\WINDOWS\DLnetcp.INI
2009-10-12 18:33:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-10-12 03:57:14 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-11 16:35:48 ----D---- C:\Documents and Settings\AlainR\Application Data\dvdcss
2009-10-10 15:16:29 ----D---- C:\Program Files\Internet Explorer
2009-10-07 20:57:04 ----D---- C:\Documents and Settings\AlainR\Application Data\Ahead
2009-10-07 17:25:49 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-10-07 00:37:05 ----D---- C:\Program Files\Freecell Collection 7.0
2009-10-07 00:36:05 ----N---- C:\WINDOWS\Setup1.exe
2009-10-07 00:36:03 ----A---- C:\WINDOWS\ST6UNST.EXE
2009-10-02 23:23:31 ----D---- C:\Documents and Settings\AlainR\Application Data\uTorrent
2009-10-02 22:17:40 ----D---- C:\Program Files\FairUse Wizard 2
2009-09-24 20:21:15 ----D---- C:\Program Files\SeekService
2009-09-24 20:21:14 ----D---- C:\Documents and Settings\All Users\Application Data\SeekService
2009-09-19 14:02:13 ----D---- C:\WINDOWS\WinSxS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-06-15 41856]
R1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2009-09-19 97608]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 HMFAxCore8ca4fd17866cac11805503e882557762;HMFAxCore8ca4fd17866cac11805503e882557762; \??\C:\WINDOWS\system32\drivers\HMFAxCore8ca4fd17866cac11805503e882557762.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-04-05 29568]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-04-05 33792]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-09-19 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-09-19 55656]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2005-08-24 401152]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-08-24 30363]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-08-24 1341466]
R3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-08-24 30189]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-24 56648]
R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-11 51582]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-11 70894]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys [2007-02-15 250752]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2002-07-24 59264]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-04-05 102016]
S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-08-24 148040]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 JL2005C;Dual Mode Camera; C:\WINDOWS\System32\Drivers\jl2005c.sys [2006-06-18 62106]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support; C:\WINDOWS\system32\DRIVERS\yk51lagg.sys []
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support; C:\WINDOWS\system32\DRIVERS\skvlan.sys [2006-05-17 19328]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SQTECH905C;DualCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2007-04-11 35328]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirFirewallService;Avira Pare-feu; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2009-09-19 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-09-19 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-19 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-19 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-09-19 434945]
R2 btwdins;Bluetooth Service; C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe [2005-08-24 258103]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-04-05 791040]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-09 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 SeekService Service;SeekService Service; C:\Documents and Settings\All Users\Application Data\SeekService\seekservice129.exe [2009-09-22 54784]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
J'ai un soucis avec seekservice également,
>XP Pro 2002 SP3 Amd 1800 + Ram 1 Gb<
Je vous envoie le log du scan de RSIT/
Logfile of random's system information tool 1.06 (written by random/random)
Run by AlainR at 2009-10-17 14:53:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 2 GB (19%) free of 12 GB
Total RAM: 1023 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:53:29, on 17/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\D-Link\PC Agent\NICA.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Secunia\PSI (RC3)\psi.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Application Data\SeekService\seekservice129.exe
C:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Logiciels\AntiMalware\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\AlainR.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [D-Link PC Agent] C:\Program Files\D-Link\PC Agent\NICA.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20New%20York%20Fortune/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Yahtzee/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SeekService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekService\seekservice129.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7656 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Calculatrice.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1563985344-1343024091-1002.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-09 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"D-Link PC Agent"=C:\Program Files\D-Link\PC Agent\NICA.exe [2006-08-24 327680]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-09 149280]
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-11 20992]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-04-05 518144]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-10-10 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\WINDOWS\system32\sti_ci.dll [2008-04-14 138240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LClock"=C:\Windows\LSD\LClock\lclock.exe [2004-09-19 65536]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Documents and Settings\AlainR\Menu Démarrer\Programmes\Démarrage
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMBalloonTip"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\D-Link\PC Agent\NICA.exe"="C:\Program Files\D-Link\PC Agent\NICA.exe:*:Enabled:NICA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-10-17 14:53:05 ----D---- C:\rsit
2009-10-17 13:27:49 ----D---- C:\Documents and Settings\AlainR\Application Data\Avira
2009-10-17 11:58:44 ----D---- C:\Documents and Settings\AlainR\Application Data\Malwarebytes
2009-10-17 11:58:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-17 11:58:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-17 11:52:01 ----A---- C:\TB.txt
2009-10-17 11:50:50 ----D---- C:\ToolBar SD
2009-10-17 11:48:48 ----D---- C:\Program Files\Trend Micro
2009-10-14 17:56:08 ----D---- C:\Documents and Settings\AlainR\Application Data\vlc
2009-10-14 16:25:13 ----D---- C:\Program Files\Common Files
2009-10-14 11:49:14 ----A---- C:\WINDOWS\ModemLog_Modem Bluetooth.txt
2009-10-14 10:38:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-14 10:38:09 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-12 03:57:20 ----D---- C:\Documents and Settings\AlainR\Application Data\SpinTop Games
2009-10-10 15:16:34 ----A---- C:\WINDOWS\unvise32qt.exe
2009-10-10 15:14:32 ----D---- C:\WINDOWS\system32\QuickTime
2009-10-10 15:14:32 ----D---- C:\Program Files\QuickTime
2009-10-10 15:06:20 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2009-10-10 14:55:00 ----D---- C:\Program Files\Microids
2009-10-10 14:51:29 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-08 22:20:08 ----D---- C:\Program Files\Great Secrets Da Vinci
2009-10-07 21:58:49 ----D---- C:\Program Files\DOSBox-0.72
2009-10-07 17:41:06 ----D---- C:\Documents and Settings\AlainR\Application Data\Big Fish Games
2009-10-01 20:28:57 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2009-09-30 00:16:20 ----D---- C:\Program Files\Patriot Games
2009-09-28 00:29:16 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt
2009-09-25 20:48:10 ----D---- C:\Program Files\Winamp
2009-09-25 20:48:10 ----D---- C:\Documents and Settings\AlainR\Application Data\Winamp
2009-09-25 20:15:26 ----RHD---- C:\Documents and Settings\AlainR\Application Data\SecuROM
2009-09-22 17:56:59 ----D---- C:\Program Files\BoontyGames
2009-09-22 17:56:49 ----D---- C:\Program Files\Boonty
2009-09-19 14:06:37 ----D---- C:\Program Files\Avira
2009-09-19 14:06:37 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-09-18 11:39:08 ----D---- C:\Documents and Settings\AlainR\Application Data\Help
======List of files/folders modified in the last 1 months======
2009-10-17 12:54:46 ----D---- C:\Program Files\Mozilla Firefox
2009-10-17 12:38:12 ----D---- C:\WINDOWS\Temp
2009-10-17 12:38:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-17 11:58:39 ----D---- C:\WINDOWS\system32\drivers
2009-10-17 11:58:34 ----D---- C:\Program Files
2009-10-17 11:54:41 ----D---- C:\WINDOWS
2009-10-14 16:26:21 ----D---- C:\Program Files\Motorola Phone Tools
2009-10-14 16:25:56 ----SHD---- C:\WINDOWS\Installer
2009-10-14 16:25:56 ----HD---- C:\WINDOWS\inf
2009-10-14 16:25:56 ----D---- C:\Config.Msi
2009-10-14 16:25:55 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-14 10:38:09 ----D---- C:\Program Files\Fichiers communs
2009-10-14 10:38:08 ----D---- C:\Program Files\Adobe
2009-10-14 10:37:54 ----D---- C:\WINDOWS\system32
2009-10-12 19:27:29 ----A---- C:\WINDOWS\DLnetcp.INI
2009-10-12 18:33:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-10-12 03:57:14 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-11 16:35:48 ----D---- C:\Documents and Settings\AlainR\Application Data\dvdcss
2009-10-10 15:16:29 ----D---- C:\Program Files\Internet Explorer
2009-10-07 20:57:04 ----D---- C:\Documents and Settings\AlainR\Application Data\Ahead
2009-10-07 17:25:49 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-10-07 00:37:05 ----D---- C:\Program Files\Freecell Collection 7.0
2009-10-07 00:36:05 ----N---- C:\WINDOWS\Setup1.exe
2009-10-07 00:36:03 ----A---- C:\WINDOWS\ST6UNST.EXE
2009-10-02 23:23:31 ----D---- C:\Documents and Settings\AlainR\Application Data\uTorrent
2009-10-02 22:17:40 ----D---- C:\Program Files\FairUse Wizard 2
2009-09-24 20:21:15 ----D---- C:\Program Files\SeekService
2009-09-24 20:21:14 ----D---- C:\Documents and Settings\All Users\Application Data\SeekService
2009-09-19 14:02:13 ----D---- C:\WINDOWS\WinSxS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-06-15 41856]
R1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2009-09-19 97608]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 HMFAxCore8ca4fd17866cac11805503e882557762;HMFAxCore8ca4fd17866cac11805503e882557762; \??\C:\WINDOWS\system32\drivers\HMFAxCore8ca4fd17866cac11805503e882557762.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-04-05 29568]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-04-05 33792]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-09-19 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-09-19 55656]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2005-08-24 401152]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-08-24 30363]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-08-24 1341466]
R3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-08-24 30189]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-24 56648]
R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-11 51582]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-11 70894]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys [2007-02-15 250752]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2002-07-24 59264]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-04-05 102016]
S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-08-24 148040]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 JL2005C;Dual Mode Camera; C:\WINDOWS\System32\Drivers\jl2005c.sys [2006-06-18 62106]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support; C:\WINDOWS\system32\DRIVERS\yk51lagg.sys []
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support; C:\WINDOWS\system32\DRIVERS\skvlan.sys [2006-05-17 19328]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SQTECH905C;DualCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2007-04-11 35328]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirFirewallService;Avira Pare-feu; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2009-09-19 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-09-19 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-19 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-19 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-09-19 434945]
R2 btwdins;Bluetooth Service; C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe [2005-08-24 258103]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-04-05 791040]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-09 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 SeekService Service;SeekService Service; C:\Documents and Settings\All Users\Application Data\SeekService\seekservice129.exe [2009-09-22 54784]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Configuration: Windows XP Firefox 3.5.3
2 réponses
Bonjour,
Ce programme va le supprimer :
● Désactive ton antivirus, car il risque de faire de fausses alertes sur le programme suivant.
● Télécharge Ad-Remover (de C_XX) sur ton Bureau.
● /!\ Déconnecte toi et ferme toutes les applications en cours /!\
● Clique sur AD-R.exe pour le lancer
● Au menu principal choisis l'option "L" (lancer le nettoyage)
● Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report.log)
Aide en images : Nettoyage
Ce programme va le supprimer :
● Désactive ton antivirus, car il risque de faire de fausses alertes sur le programme suivant.
● Télécharge Ad-Remover (de C_XX) sur ton Bureau.
● /!\ Déconnecte toi et ferme toutes les applications en cours /!\
● Clique sur AD-R.exe pour le lancer
● Au menu principal choisis l'option "L" (lancer le nettoyage)
● Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report.log)
Aide en images : Nettoyage
