Pop-up explorer
Résolu
Lucioole
Messages postés
50
Statut
Membre
-
dédétraqué Messages postés 4522 Statut Contributeur sécurité -
dédétraqué Messages postés 4522 Statut Contributeur sécurité -
Bonjour,
j'ai un petit problème qui dure depuis un bout. Il y a des pop-up d'internet explorer (CID:) qui apparaissent et je ne comprend pas pourquoi ! De plus mon ordi est vraiment lent et je ne suis pas capable de faire un scan complet, mon ordi géle avant la fin.
Merci d'avance pour votre aide !
Lucioole
j'ai un petit problème qui dure depuis un bout. Il y a des pop-up d'internet explorer (CID:) qui apparaissent et je ne comprend pas pourquoi ! De plus mon ordi est vraiment lent et je ne suis pas capable de faire un scan complet, mon ordi géle avant la fin.
Merci d'avance pour votre aide !
Lucioole
A voir également:
- Pop-up explorer
- Pop up mcafee - Accueil - Piratage
- Explorer patcher - Télécharger - Personnalisation
- Internet explorer - Guide
- Internet explorer 11 - Télécharger - Navigateurs
- Process explorer - Télécharger - Informations & Diagnostic
34 réponses
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re-voici le nouveau rapport :
All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F6D0DE12-23C4-4604-A33C-E722646411E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6D0DE12-23C4-4604-A33C-E722646411E3}\ not found.
========== FILES ==========
File/Folder C:\Program Files\Circle Devlopement not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Sandra Laurence
->Temp folder emptied: 918123 bytes
->Temporary Internet Files folder emptied: 984653 bytes
->Java cache emptied: 45688531 bytes
->FireFox cache emptied: 114493357 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148155 bytes
%systemroot%\System32 .tmp files removed: 5914624 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27915700 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23962344 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 69054 bytes
Total Files Cleaned = 212,00 mb
OTM by OldTimer - Version 3.1.6.0 log created on 01202010_225138
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F6D0DE12-23C4-4604-A33C-E722646411E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6D0DE12-23C4-4604-A33C-E722646411E3}\ not found.
========== FILES ==========
File/Folder C:\Program Files\Circle Devlopement not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Sandra Laurence
->Temp folder emptied: 918123 bytes
->Temporary Internet Files folder emptied: 984653 bytes
->Java cache emptied: 45688531 bytes
->FireFox cache emptied: 114493357 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148155 bytes
%systemroot%\System32 .tmp files removed: 5914624 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27915700 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23962344 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 69054 bytes
Total Files Cleaned = 212,00 mb
OTM by OldTimer - Version 3.1.6.0 log created on 01202010_225138
Files moved on Reboot...
Registry entries deleted on Reboot...
voici le log du scan en ligne :
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=7787bb53dee0e245b1a571671ff8d82a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-01-21 08:26:56
# local_time=2010-01-21 03:26:56 (-0500, Est)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775125 100 100 0 39544269 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=63502
# found=4
# cleaned=4
# scan_time=15791
C:\Lop SD\Backup-Lop\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\owns soft.exe a variant of Win32/TrojanDownloader.Swizzor.NDP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Lop SD\Backup-Lop\DOCUME~1\SANDRA~1\APPLIC~1\SHOWBE~1\CAMP DENT BODY.exe a variant of Win32/TrojanDownloader.Swizzor.NDQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Lop SD\Backup-Lop\DOCUME~1\SANDRA~1\APPLIC~1\SHOWBE~1\swksltxy.exe a variant of Win32/TrojanDownloader.Swizzor.NDP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Lop SD\Backup-Lop\DOCUME~1\SANDRA~1\LOCALS~1\temp\bis322.exe a variant of Win32/TrojanDownloader.Swizzor.NCY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=7787bb53dee0e245b1a571671ff8d82a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-01-21 08:26:56
# local_time=2010-01-21 03:26:56 (-0500, Est)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775125 100 100 0 39544269 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=63502
# found=4
# cleaned=4
# scan_time=15791
C:\Lop SD\Backup-Lop\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\owns soft.exe a variant of Win32/TrojanDownloader.Swizzor.NDP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Lop SD\Backup-Lop\DOCUME~1\SANDRA~1\APPLIC~1\SHOWBE~1\CAMP DENT BODY.exe a variant of Win32/TrojanDownloader.Swizzor.NDQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Lop SD\Backup-Lop\DOCUME~1\SANDRA~1\APPLIC~1\SHOWBE~1\swksltxy.exe a variant of Win32/TrojanDownloader.Swizzor.NDP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Lop SD\Backup-Lop\DOCUME~1\SANDRA~1\LOCALS~1\temp\bis322.exe a variant of Win32/TrojanDownloader.Swizzor.NCY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
Salut Lucioole
Mettre à jour Antivir, faire un scan en mode sans échec et poste le rapport après avoir démarré en mode normal.
Aide : https://www.malekal.com/avira-free-security-antivirus-gratuit/
@++ :)
Mettre à jour Antivir, faire un scan en mode sans échec et poste le rapport après avoir démarré en mode normal.
Aide : https://www.malekal.com/avira-free-security-antivirus-gratuit/
@++ :)
Bonsoir,
voici le rapport de antivir :
Avira AntiVir Personal
Report file date: 21 janvier 2010 20:00
Scanning for 1628331 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Save mode
Username : Sandra Laurence
Computer name : SANDRA-73F10F61
Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 2009-12-02 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 2009-11-23 05:19:09
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2009-02-27 15:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2009-02-20 16:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2009-02-27 15:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 05:19:08
VBASE001.VDF : 7.10.1.0 1372672 Bytes 2009-11-19 05:19:08
VBASE002.VDF : 7.10.3.1 3143680 Bytes 2010-01-20 12:47:58
VBASE003.VDF : 7.10.3.2 2048 Bytes 2010-01-20 12:47:58
VBASE004.VDF : 7.10.3.3 2048 Bytes 2010-01-20 12:47:58
VBASE005.VDF : 7.10.3.4 2048 Bytes 2010-01-20 12:47:58
VBASE006.VDF : 7.10.3.5 2048 Bytes 2010-01-20 12:47:58
VBASE007.VDF : 7.10.3.6 2048 Bytes 2010-01-20 12:47:59
VBASE008.VDF : 7.10.3.7 2048 Bytes 2010-01-20 12:47:59
VBASE009.VDF : 7.10.3.8 2048 Bytes 2010-01-20 12:47:59
VBASE010.VDF : 7.10.3.9 2048 Bytes 2010-01-20 12:47:59
VBASE011.VDF : 7.10.3.10 2048 Bytes 2010-01-20 12:48:00
VBASE012.VDF : 7.10.3.11 2048 Bytes 2010-01-20 12:48:00
VBASE013.VDF : 7.10.3.12 2048 Bytes 2010-01-20 12:48:00
VBASE014.VDF : 7.10.3.13 2048 Bytes 2010-01-20 12:48:00
VBASE015.VDF : 7.10.3.14 2048 Bytes 2010-01-20 12:48:01
VBASE016.VDF : 7.10.3.15 2048 Bytes 2010-01-20 12:48:01
VBASE017.VDF : 7.10.3.16 2048 Bytes 2010-01-20 12:48:01
VBASE018.VDF : 7.10.3.17 2048 Bytes 2010-01-20 12:48:01
VBASE019.VDF : 7.10.3.18 2048 Bytes 2010-01-20 12:48:02
VBASE020.VDF : 7.10.3.19 2048 Bytes 2010-01-20 12:48:02
VBASE021.VDF : 7.10.3.20 2048 Bytes 2010-01-20 12:48:02
VBASE022.VDF : 7.10.3.21 2048 Bytes 2010-01-20 12:48:02
VBASE023.VDF : 7.10.3.22 2048 Bytes 2010-01-20 12:48:02
VBASE024.VDF : 7.10.3.23 2048 Bytes 2010-01-20 12:48:02
VBASE025.VDF : 7.10.3.24 2048 Bytes 2010-01-20 12:48:03
VBASE026.VDF : 7.10.3.25 2048 Bytes 2010-01-20 12:48:03
VBASE027.VDF : 7.10.3.26 2048 Bytes 2010-01-20 12:48:03
VBASE028.VDF : 7.10.3.27 2048 Bytes 2010-01-20 12:48:03
VBASE029.VDF : 7.10.3.28 2048 Bytes 2010-01-20 12:48:03
VBASE030.VDF : 7.10.3.29 2048 Bytes 2010-01-20 12:48:03
VBASE031.VDF : 7.10.3.38 122880 Bytes 2010-01-21 00:55:46
Engineversion : 8.2.1.146
AEVDF.DLL : 8.1.1.2 106867 Bytes 2009-10-18 04:18:11
AESCRIPT.DLL : 8.1.3.9 659834 Bytes 2010-01-21 12:48:21
AESCN.DLL : 8.1.3.1 127348 Bytes 2010-01-15 02:14:59
AESBX.DLL : 8.1.1.1 246132 Bytes 2009-11-23 05:19:08
AERDL.DLL : 8.1.3.4 479605 Bytes 2009-12-01 22:05:49
AEPACK.DLL : 8.2.0.5 422262 Bytes 2010-01-15 02:14:58
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 2009-07-23 14:59:39
AEHEUR.DLL : 8.1.0.195 2232695 Bytes 2010-01-15 02:14:56
AEHELP.DLL : 8.1.10.0 237942 Bytes 2010-01-15 02:14:51
AEGEN.DLL : 8.1.1.83 369014 Bytes 2010-01-05 06:38:44
AEEMU.DLL : 8.1.1.0 393587 Bytes 2009-10-18 04:18:03
AECORE.DLL : 8.1.9.5 184693 Bytes 2010-01-15 02:14:50
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-09 19:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 2008-12-12 13:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 2009-10-18 04:18:11
AVREP.DLL : 8.0.0.3 155905 Bytes 2009-01-20 19:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 2008-12-05 15:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 2009-03-24 20:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 2009-01-30 15:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 2009-01-28 20:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2009-02-02 13:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 2008-12-05 15:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 2009-05-15 20:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 2009-11-23 05:19:07
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: 21 janvier 2010 20:00
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '56' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Ad-Remover\1\List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Ad-Remover\BACKUP\AD-R.exe
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Documents and Settings\Sandra Laurence\Bureau\AD-R.exe
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Documents and Settings\Sandra Laurence\Mes documents\LimeWire\Saved\daimond girl kmw greatest hit 2009.wma
[DETECTION] Is the TR/Dldr.Wimad.1395 Trojan
Beginning disinfection:
C:\Ad-Remover\1\List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
[NOTE] The file was moved to '4bcc170e.qua'!
C:\Ad-Remover\BACKUP\AD-R.exe
[NOTE] The file was moved to '4b8616e9.qua'!
C:\Documents and Settings\Sandra Laurence\Bureau\AD-R.exe
[NOTE] The file was moved to '4ae0b842.qua'!
C:\Documents and Settings\Sandra Laurence\Mes documents\LimeWire\Saved\daimond girl kmw greatest hit 2009.wma
[DETECTION] Is the TR/Dldr.Wimad.1395 Trojan
[NOTE] The file was moved to '4bc21707.qua'!
End of the scan: 21 janvier 2010 22:08
Used time: 2:05:36 Hour(s)
The scan has been done completely.
9351 Scanned directories
285659 Files were scanned
4 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
4 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
285654 Files not concerned
1560 Archives were scanned
1 Warnings
5 Notes
Lucioole
voici le rapport de antivir :
Avira AntiVir Personal
Report file date: 21 janvier 2010 20:00
Scanning for 1628331 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Save mode
Username : Sandra Laurence
Computer name : SANDRA-73F10F61
Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 2009-12-02 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 2009-11-23 05:19:09
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2009-02-27 15:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2009-02-20 16:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2009-02-27 15:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 05:19:08
VBASE001.VDF : 7.10.1.0 1372672 Bytes 2009-11-19 05:19:08
VBASE002.VDF : 7.10.3.1 3143680 Bytes 2010-01-20 12:47:58
VBASE003.VDF : 7.10.3.2 2048 Bytes 2010-01-20 12:47:58
VBASE004.VDF : 7.10.3.3 2048 Bytes 2010-01-20 12:47:58
VBASE005.VDF : 7.10.3.4 2048 Bytes 2010-01-20 12:47:58
VBASE006.VDF : 7.10.3.5 2048 Bytes 2010-01-20 12:47:58
VBASE007.VDF : 7.10.3.6 2048 Bytes 2010-01-20 12:47:59
VBASE008.VDF : 7.10.3.7 2048 Bytes 2010-01-20 12:47:59
VBASE009.VDF : 7.10.3.8 2048 Bytes 2010-01-20 12:47:59
VBASE010.VDF : 7.10.3.9 2048 Bytes 2010-01-20 12:47:59
VBASE011.VDF : 7.10.3.10 2048 Bytes 2010-01-20 12:48:00
VBASE012.VDF : 7.10.3.11 2048 Bytes 2010-01-20 12:48:00
VBASE013.VDF : 7.10.3.12 2048 Bytes 2010-01-20 12:48:00
VBASE014.VDF : 7.10.3.13 2048 Bytes 2010-01-20 12:48:00
VBASE015.VDF : 7.10.3.14 2048 Bytes 2010-01-20 12:48:01
VBASE016.VDF : 7.10.3.15 2048 Bytes 2010-01-20 12:48:01
VBASE017.VDF : 7.10.3.16 2048 Bytes 2010-01-20 12:48:01
VBASE018.VDF : 7.10.3.17 2048 Bytes 2010-01-20 12:48:01
VBASE019.VDF : 7.10.3.18 2048 Bytes 2010-01-20 12:48:02
VBASE020.VDF : 7.10.3.19 2048 Bytes 2010-01-20 12:48:02
VBASE021.VDF : 7.10.3.20 2048 Bytes 2010-01-20 12:48:02
VBASE022.VDF : 7.10.3.21 2048 Bytes 2010-01-20 12:48:02
VBASE023.VDF : 7.10.3.22 2048 Bytes 2010-01-20 12:48:02
VBASE024.VDF : 7.10.3.23 2048 Bytes 2010-01-20 12:48:02
VBASE025.VDF : 7.10.3.24 2048 Bytes 2010-01-20 12:48:03
VBASE026.VDF : 7.10.3.25 2048 Bytes 2010-01-20 12:48:03
VBASE027.VDF : 7.10.3.26 2048 Bytes 2010-01-20 12:48:03
VBASE028.VDF : 7.10.3.27 2048 Bytes 2010-01-20 12:48:03
VBASE029.VDF : 7.10.3.28 2048 Bytes 2010-01-20 12:48:03
VBASE030.VDF : 7.10.3.29 2048 Bytes 2010-01-20 12:48:03
VBASE031.VDF : 7.10.3.38 122880 Bytes 2010-01-21 00:55:46
Engineversion : 8.2.1.146
AEVDF.DLL : 8.1.1.2 106867 Bytes 2009-10-18 04:18:11
AESCRIPT.DLL : 8.1.3.9 659834 Bytes 2010-01-21 12:48:21
AESCN.DLL : 8.1.3.1 127348 Bytes 2010-01-15 02:14:59
AESBX.DLL : 8.1.1.1 246132 Bytes 2009-11-23 05:19:08
AERDL.DLL : 8.1.3.4 479605 Bytes 2009-12-01 22:05:49
AEPACK.DLL : 8.2.0.5 422262 Bytes 2010-01-15 02:14:58
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 2009-07-23 14:59:39
AEHEUR.DLL : 8.1.0.195 2232695 Bytes 2010-01-15 02:14:56
AEHELP.DLL : 8.1.10.0 237942 Bytes 2010-01-15 02:14:51
AEGEN.DLL : 8.1.1.83 369014 Bytes 2010-01-05 06:38:44
AEEMU.DLL : 8.1.1.0 393587 Bytes 2009-10-18 04:18:03
AECORE.DLL : 8.1.9.5 184693 Bytes 2010-01-15 02:14:50
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-09 19:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 2008-12-12 13:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 2009-10-18 04:18:11
AVREP.DLL : 8.0.0.3 155905 Bytes 2009-01-20 19:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 2008-12-05 15:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 2009-03-24 20:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 2009-01-30 15:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 2009-01-28 20:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2009-02-02 13:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 2008-12-05 15:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 2009-05-15 20:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 2009-11-23 05:19:07
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: 21 janvier 2010 20:00
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '56' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Ad-Remover\1\List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Ad-Remover\BACKUP\AD-R.exe
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Documents and Settings\Sandra Laurence\Bureau\AD-R.exe
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Documents and Settings\Sandra Laurence\Mes documents\LimeWire\Saved\daimond girl kmw greatest hit 2009.wma
[DETECTION] Is the TR/Dldr.Wimad.1395 Trojan
Beginning disinfection:
C:\Ad-Remover\1\List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
[NOTE] The file was moved to '4bcc170e.qua'!
C:\Ad-Remover\BACKUP\AD-R.exe
[NOTE] The file was moved to '4b8616e9.qua'!
C:\Documents and Settings\Sandra Laurence\Bureau\AD-R.exe
[NOTE] The file was moved to '4ae0b842.qua'!
C:\Documents and Settings\Sandra Laurence\Mes documents\LimeWire\Saved\daimond girl kmw greatest hit 2009.wma
[DETECTION] Is the TR/Dldr.Wimad.1395 Trojan
[NOTE] The file was moved to '4bc21707.qua'!
End of the scan: 21 janvier 2010 22:08
Used time: 2:05:36 Hour(s)
The scan has been done completely.
9351 Scanned directories
285659 Files were scanned
4 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
4 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
285654 Files not concerned
1560 Archives were scanned
1 Warnings
5 Notes
Lucioole
Salut,
pour commencer merci beaucoup pour ton aide !
deuxièmement, mon anti-virus est désactivé et je ne suis pas capable de le réactivé ???
Pourrais-tu m'aider encore une fois ?
Lucioole
pour commencer merci beaucoup pour ton aide !
deuxièmement, mon anti-virus est désactivé et je ne suis pas capable de le réactivé ???
Pourrais-tu m'aider encore une fois ?
Lucioole
Salut Lucioole
Refais un scan avec RSIT et poste le rapport log.txt seulement à la fin de l’analyse
Le rapport est dans le dossier ici C:\rsit
@++ :)
Refais un scan avec RSIT et poste le rapport log.txt seulement à la fin de l’analyse
Le rapport est dans le dossier ici C:\rsit
@++ :)
Salut, voici le log :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Sandra Laurence at 2010-01-28 21:06:57
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 36 GB (47%) free of 76 GB
Total RAM: 1279 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:07:03, on 2010-01-28
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Sandra Laurence\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Sandra Laurence\Bureau\RSIT.exe
C:\Program Files\trend micro\Sandra Laurence.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {F6D0DE12-23C4-4604-A33C-E722646411E3} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SansaDispatch] C:\Documents and Settings\Sandra Laurence\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Sandra Laurence at 2010-01-28 21:06:57
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 36 GB (47%) free of 76 GB
Total RAM: 1279 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:07:03, on 2010-01-28
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Sandra Laurence\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Sandra Laurence\Bureau\RSIT.exe
C:\Program Files\trend micro\Sandra Laurence.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {F6D0DE12-23C4-4604-A33C-E722646411E3} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SansaDispatch] C:\Documents and Settings\Sandra Laurence\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
