Probleme e configuration Bitdefender
Fermé
antoine.momo
Messages postés
2
Date d'inscription
vendredi 8 janvier 2010
Statut
Membre
Dernière intervention
8 janvier 2010
-
8 janv. 2010 à 10:58
antoine.momo Messages postés 2 Date d'inscription vendredi 8 janvier 2010 Statut Membre Dernière intervention 8 janvier 2010 - 8 janv. 2010 à 16:20
antoine.momo Messages postés 2 Date d'inscription vendredi 8 janvier 2010 Statut Membre Dernière intervention 8 janvier 2010 - 8 janv. 2010 à 16:20
A voir également:
- Probleme e configuration Bitdefender
- Ethernet n'a pas de configuration ip valide - Guide
- É - Guide
- Configuration astra 19.2 e - Forum Satellite
- Bitdefender gratuit - Télécharger - Antivirus & Antimalwares
- Configuration chromecast - Guide
1 réponse
antoine.momo
Messages postés
2
Date d'inscription
vendredi 8 janvier 2010
Statut
Membre
Dernière intervention
8 janvier 2010
8 janv. 2010 à 16:20
8 janv. 2010 à 16:20
Donc je prend un peut d'avance j'ai trouver un topic, maintenant c'est mon pc entierement qui RAM:
1/
Télécharge CWShredder
https://www.trendmicro.com/fr_fr/business.html[...]dder/index.html
- Clique sur Remove Coolwebsearch
Enregistre sur le bureau
- Clique sur Scan Only
Si le scan détecte quelque-chose, clique sur Fix
Une boite de dialogue va s'ouvrir, clique sur ok
- A la fin du scan, clique sur next, puis sur créate report
- Copie colle le contenu de créate report dans ta prochaine réponse
- Referme CWShredder en cliquant sur close puis exit
Mon rapport:
**** Run Keys ****
RUN: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
RUN: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
RUN: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
RUN: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
RUN: [Adobe Reader Speed Launcher] "E:\Logicels\Adobe\Reader 9.0\Reader\Reader_sl.exe"
RUN: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
RUN: [BitDefender Antiphishing Helper] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEShow.exe"
RUN: [BDAgent] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\bdagent.exe"
RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
RUN: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
RUN: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
RUN: [DAEMON Tools Lite] "E:\Logiciels\Flash player\Daemon Tools\DAEMON Tools Lite\daemon.exe" -autorun
RUN: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
RUN: [chmzntim] "c:\documents and settings\antoine\local settings\application data\chmzntim.exe" chmzntim
**** Browser Helper Objects ****
BHO: [Adobe PDF Link Helper] C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: [Adobe PDF Link Helper] C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: [Search Helper] C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: [Programme d'aide de l'Assistant de connexion Windows Live] C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: [Windows Live Toolbar Helper] C:\Program Files\Windows Live\Toolbar\wltcore.dll
**** IE Toolbars ****
TOOLBAR: [BitDefender Toolbar] E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEToolbar.dll
**** IE Extensions ****
IEExt: [Ajout Direct]
IEExt: [Ajout Direct]
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
Default Page: https://www.msn.com/fr-fr/?ocid=iehp
Default Search: https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
**** IE Context Menu (Right click) ****
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{42510F88-8B88-4CA5-AAC2-BDF95852F2AE}] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{42510F88-8B88-4CA5-AAC2-BDF95852F2AE}] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FD06AAF6-0130-44B2-903C-463789140EC4}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FD06AAF6-0130-44B2-903C-463789140EC4}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1358FF97-8278-407D-822B-0721FC405983}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1358FF97-8278-407D-822B-0721FC405983}] DATAGRAM 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{63465794-315A-4D2E-94A6-0C077E8A45AA}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{63465794-315A-4D2E-94A6-0C077E8A45AA}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE56641F-71B9-4C8A-BAFD-7B966647FA1B}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE56641F-71B9-4C8A-BAFD-7B966647FA1B}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5B5AF104-0110-4AAE-8606-FB5E8E9EE262}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5B5AF104-0110-4AAE-8606-FB5E8E9EE262}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C6BAB5C3-8713-4C57-8E5E-D72B138460E8}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C6BAB5C3-8713-4C57-8E5E-D72B138460E8}] DATAGRAM 2
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
Microsoft XML Parser for Java [file:///C:/WINDOWS/Java/classes/xmldso.cab]
{215B8138-A3CF-44C5-803F-8226143CFC0A} http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
**** Windows Services ****
[Alerter] %SystemRoot%\system32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\system32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[Dot3svc] %SystemRoot%\System32\svchost.exe -k dot3svc
[EapHost] %SystemRoot%\System32\svchost.exe -k eapsvcs
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[hkmsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\system32\imapi.exe
[LanmanServer] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService
[Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\system32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[napagent] %SystemRoot%\System32\svchost.exe -k netsvcs
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\system32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\system32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\system32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\system32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\system32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{76407806-5D67-4643-8354-74263CF0306D}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
SEARCH: [CustomizeSearch] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
**** Complete IE Options ****
IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] https://www.google.fr/?gws_rd=ssl
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Use FormSuggest] no
IEOPT: [FullScreen] no
IEOPT: [NotifyDownloadComplete] no
IEOPT: [Window_Placement] ,
IEOPT: [XMLHTTP]
IEOPT: [UseClearType] yes
IEOPT: [Enable Browser Extensions] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Play_Animations] yes
IEOPT: [CompatibilityFlags]
IEOPT: [IE8RunOnceLastShown]
IEOPT: [IE8RunOnceLastShown_TIMESTAMP] @ôj@Ê
IEOPT: [IE8RunOncePerInstallCompleted]
IEOPT: [IE8RunOnceCompletionTime]
IEOPT: [IE8TourShown]
IEOPT: [IE8TourShownTime]
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Default_Page_URL] https://www.dailymotion.com/fr
IEOPT: [SearchDefaultBranded]
IEOPT: [IE8TourNoShow]
IEOPT: [FormSuggest PW Ask] no
IEOPT: [AlwaysShowMenus]
IEOPT: [Default_Page_URL] https://www.msn.com/fr-fr/?ocid=iehp
IEOPT: [Default_Search_URL] https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IEOPT: [Search Page] https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] https://www.msn.com/fr-fr/?ocid=iehp
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Default_Secondary_Page_URL]
IEOPT: [Extensions Off Page] about:NoAdd-ons
IEOPT: [Security Risk Page] about:SecurityRisk
IEOPT: [Check_Associations] yes
Voici l'autre étape:
2/
- Ouvre le dossier C:\Hijackthis
- Clic droit sur hijackthis.exe
- Choisis Renommer dans le menu contextuel et renomme hijackthis.exe en sosordi.exe
- Double clic sur sosordi.exe clique sur Do a scan system and save log
Notepad s'ouvrira fais un copier coller de tout son contenu ici dans ta prochaine réponse.
Note : sosordi.exe doit être dans ce dossier C:\Hijackthis Il ne doit pas se trouver dans un dossier temp
Mon rapport d'Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:43:31, on 08/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\bdagent.exe
C:\WINDOWS\Explorer.exe
E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\seccenter.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Logiciels\Flash player\Daemon Tools\DAEMON Tools Lite\daemon.exe
E:\Jeux\Steam\GameOverlayUI.exe
E:\Jeux\Steam\Steam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
E:\Logiciels\hijack\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dailymotion.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Logicels\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\bdagent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Logiciels\Flash player\Daemon Tools\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [chmzntim] "c:\documents and settings\antoine\local settings\application data\chmzntim.exe" chmzntim
O4 - HKLM\..\Policies\Explorer\Run: [DirectX For Microsoft® Windows] C:\WINDOWS\system32\fservice.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: La Solution Ciel.lnk = E:\Logiciels\Logiciels Ferme\Installation\Starter.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63465794-315A-4D2E-94A6-0C077E8A45AA}: NameServer = 80.10.246.2,80.10.246.129
O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: Service Google Update (gupdate1ca36c6ab8f52d0) (gupdate1ca36c6ab8f52d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\vsserv.exe
1/
Télécharge CWShredder
https://www.trendmicro.com/fr_fr/business.html[...]dder/index.html
- Clique sur Remove Coolwebsearch
Enregistre sur le bureau
- Clique sur Scan Only
Si le scan détecte quelque-chose, clique sur Fix
Une boite de dialogue va s'ouvrir, clique sur ok
- A la fin du scan, clique sur next, puis sur créate report
- Copie colle le contenu de créate report dans ta prochaine réponse
- Referme CWShredder en cliquant sur close puis exit
Mon rapport:
**** Run Keys ****
RUN: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
RUN: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
RUN: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
RUN: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
RUN: [Adobe Reader Speed Launcher] "E:\Logicels\Adobe\Reader 9.0\Reader\Reader_sl.exe"
RUN: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
RUN: [BitDefender Antiphishing Helper] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEShow.exe"
RUN: [BDAgent] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\bdagent.exe"
RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
RUN: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
RUN: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
RUN: [DAEMON Tools Lite] "E:\Logiciels\Flash player\Daemon Tools\DAEMON Tools Lite\daemon.exe" -autorun
RUN: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
RUN: [chmzntim] "c:\documents and settings\antoine\local settings\application data\chmzntim.exe" chmzntim
**** Browser Helper Objects ****
BHO: [Adobe PDF Link Helper] C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: [Adobe PDF Link Helper] C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: [Search Helper] C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: [Programme d'aide de l'Assistant de connexion Windows Live] C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: [Windows Live Toolbar Helper] C:\Program Files\Windows Live\Toolbar\wltcore.dll
**** IE Toolbars ****
TOOLBAR: [BitDefender Toolbar] E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEToolbar.dll
**** IE Extensions ****
IEExt: [Ajout Direct]
IEExt: [Ajout Direct]
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
Default Page: https://www.msn.com/fr-fr/?ocid=iehp
Default Search: https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
**** IE Context Menu (Right click) ****
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{42510F88-8B88-4CA5-AAC2-BDF95852F2AE}] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{42510F88-8B88-4CA5-AAC2-BDF95852F2AE}] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FD06AAF6-0130-44B2-903C-463789140EC4}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FD06AAF6-0130-44B2-903C-463789140EC4}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1358FF97-8278-407D-822B-0721FC405983}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1358FF97-8278-407D-822B-0721FC405983}] DATAGRAM 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{63465794-315A-4D2E-94A6-0C077E8A45AA}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{63465794-315A-4D2E-94A6-0C077E8A45AA}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE56641F-71B9-4C8A-BAFD-7B966647FA1B}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE56641F-71B9-4C8A-BAFD-7B966647FA1B}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5B5AF104-0110-4AAE-8606-FB5E8E9EE262}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5B5AF104-0110-4AAE-8606-FB5E8E9EE262}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C6BAB5C3-8713-4C57-8E5E-D72B138460E8}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C6BAB5C3-8713-4C57-8E5E-D72B138460E8}] DATAGRAM 2
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
Microsoft XML Parser for Java [file:///C:/WINDOWS/Java/classes/xmldso.cab]
{215B8138-A3CF-44C5-803F-8226143CFC0A} http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
**** Windows Services ****
[Alerter] %SystemRoot%\system32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\system32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[Dot3svc] %SystemRoot%\System32\svchost.exe -k dot3svc
[EapHost] %SystemRoot%\System32\svchost.exe -k eapsvcs
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[hkmsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\system32\imapi.exe
[LanmanServer] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService
[Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\system32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[napagent] %SystemRoot%\System32\svchost.exe -k netsvcs
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\system32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\system32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\system32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\system32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\system32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{76407806-5D67-4643-8354-74263CF0306D}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
SEARCH: [CustomizeSearch] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
**** Complete IE Options ****
IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] https://www.google.fr/?gws_rd=ssl
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Use FormSuggest] no
IEOPT: [FullScreen] no
IEOPT: [NotifyDownloadComplete] no
IEOPT: [Window_Placement] ,
IEOPT: [XMLHTTP]
IEOPT: [UseClearType] yes
IEOPT: [Enable Browser Extensions] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Play_Animations] yes
IEOPT: [CompatibilityFlags]
IEOPT: [IE8RunOnceLastShown]
IEOPT: [IE8RunOnceLastShown_TIMESTAMP] @ôj@Ê
IEOPT: [IE8RunOncePerInstallCompleted]
IEOPT: [IE8RunOnceCompletionTime]
IEOPT: [IE8TourShown]
IEOPT: [IE8TourShownTime]
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Default_Page_URL] https://www.dailymotion.com/fr
IEOPT: [SearchDefaultBranded]
IEOPT: [IE8TourNoShow]
IEOPT: [FormSuggest PW Ask] no
IEOPT: [AlwaysShowMenus]
IEOPT: [Default_Page_URL] https://www.msn.com/fr-fr/?ocid=iehp
IEOPT: [Default_Search_URL] https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IEOPT: [Search Page] https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] https://www.msn.com/fr-fr/?ocid=iehp
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Default_Secondary_Page_URL]
IEOPT: [Extensions Off Page] about:NoAdd-ons
IEOPT: [Security Risk Page] about:SecurityRisk
IEOPT: [Check_Associations] yes
Voici l'autre étape:
2/
- Ouvre le dossier C:\Hijackthis
- Clic droit sur hijackthis.exe
- Choisis Renommer dans le menu contextuel et renomme hijackthis.exe en sosordi.exe
- Double clic sur sosordi.exe clique sur Do a scan system and save log
Notepad s'ouvrira fais un copier coller de tout son contenu ici dans ta prochaine réponse.
Note : sosordi.exe doit être dans ce dossier C:\Hijackthis Il ne doit pas se trouver dans un dossier temp
Mon rapport d'Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:43:31, on 08/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\bdagent.exe
C:\WINDOWS\Explorer.exe
E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\seccenter.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Logiciels\Flash player\Daemon Tools\DAEMON Tools Lite\daemon.exe
E:\Jeux\Steam\GameOverlayUI.exe
E:\Jeux\Steam\Steam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
E:\Logiciels\hijack\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dailymotion.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Logicels\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\bdagent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Logiciels\Flash player\Daemon Tools\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [chmzntim] "c:\documents and settings\antoine\local settings\application data\chmzntim.exe" chmzntim
O4 - HKLM\..\Policies\Explorer\Run: [DirectX For Microsoft® Windows] C:\WINDOWS\system32\fservice.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: La Solution Ciel.lnk = E:\Logiciels\Logiciels Ferme\Installation\Starter.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63465794-315A-4D2E-94A6-0C077E8A45AA}: NameServer = 80.10.246.2,80.10.246.129
O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: Service Google Update (gupdate1ca36c6ab8f52d0) (gupdate1ca36c6ab8f52d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - E:\Logiciels\BITDEFENDER+PATCH\Bitdefender_Tsecurity_2010_Fr\Installation exec du programme\BitDefender 2010\vsserv.exe