7 réponses
Bonsoir,
télécharge HijackThis ici:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
télécharge HijackThis ici:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Voici !
Logfile of HijackThis v1.99.1
Scan saved at 21:30:59, on 03/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
D:\Utilitaires\Diskeeper 8.0\DKService.exe
C:\Program Files\Inquiero Installable RC\installablerc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe
C:\Program Files\PostgreSQL\8.0\bin\postmaster.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PFU\ScanSnap\PfuSsSct.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Utilitaires\RealPopup\RealPopup.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\FNTS~1\wuaclt.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\bcd_file\SbCRecE.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Utilitaires\Post-It\Psn2Lite.exe
C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe
C:\Program Files\Inquiero Client\inquiero.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
D:\UTILIT~1\Post-It\PSNGive.exe
D:\Utilitaires\Touches Express\GhostTyp.exe
D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
D:\Program Files\VideoLAN\VLC\vlc.exe
D:\PROGRA~1\Netscape\Netscp.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
R3 - URLSearchHook: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.free.fr/freebox/index.html"); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
O2 - BHO: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Utilitaires\Spybot\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8C2B5EA3-E347-EDCA-6730-CA29D28637CB} - C:\WINDOWS\system32\rbp.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PfuSsSct.exe] C:\Program Files\PFU\ScanSnap\PfuSsSct.exe /Station
O4 - HKLM\..\Run: [CardMinder] C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
O4 - HKLM\..\Run: [Pdfquickview] C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\TT Images\Quicktime 6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RealPopup] "D:\Utilitaires\RealPopup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] "D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [iwqr] C:\PROGRA~1\FICHIE~1\iwqr\iwqrm.exe
O4 - HKCU\..\Run: [Djo] C:\WINDOWS\system32\??mantec\?serinit.exe
O4 - HKCU\..\Run: [Btae] "C:\WINDOWS\system32\FNTS~1\wuaclt.exe" -vt yazr
O4 - HKCU\..\Run: [Igmsc] C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Mozilla Quick Launch] "d:\Program Files\Netscape\Netscp.exe" -turbo
O4 - Startup: Palm Registration.lnk = D:\Palm\register.exe
O4 - Startup: vlcom.lnk = D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Inquiero Client.lnk = C:\Program Files\Inquiero Client\_INQUIERO.EXE
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\Utilitaires\Post-It\Psn2Lite.exe
O4 - Global Startup: ScanSnap Manager.lnk = ?
O4 - Global Startup: Touches Express.lnk = D:\Utilitaires\Touches Express\GhostTyp.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\UTILIT~1\INCRED~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - D:\Utilitaires\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Copernic 2001 - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Traduire - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Utilitaires\Diskeeper 8.0\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
O23 - Service: Inquiero Installable RC (installablerc) - Net Transmit & Receive - C:\Program Files\Inquiero Installable RC\installablerc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PostgreSQL Database Server 8.0 (pgsql-8.0) - Unknown owner - C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe" runservice -N "pgsql-8.0" -D "C:\Program Files\PostgreSQL\8.0\data\ (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 21:30:59, on 03/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
D:\Utilitaires\Diskeeper 8.0\DKService.exe
C:\Program Files\Inquiero Installable RC\installablerc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe
C:\Program Files\PostgreSQL\8.0\bin\postmaster.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PFU\ScanSnap\PfuSsSct.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Utilitaires\RealPopup\RealPopup.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\FNTS~1\wuaclt.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\bcd_file\SbCRecE.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Utilitaires\Post-It\Psn2Lite.exe
C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe
C:\Program Files\Inquiero Client\inquiero.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
D:\UTILIT~1\Post-It\PSNGive.exe
D:\Utilitaires\Touches Express\GhostTyp.exe
D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
D:\Program Files\VideoLAN\VLC\vlc.exe
D:\PROGRA~1\Netscape\Netscp.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
R3 - URLSearchHook: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.free.fr/freebox/index.html"); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
O2 - BHO: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Utilitaires\Spybot\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8C2B5EA3-E347-EDCA-6730-CA29D28637CB} - C:\WINDOWS\system32\rbp.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PfuSsSct.exe] C:\Program Files\PFU\ScanSnap\PfuSsSct.exe /Station
O4 - HKLM\..\Run: [CardMinder] C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
O4 - HKLM\..\Run: [Pdfquickview] C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\TT Images\Quicktime 6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RealPopup] "D:\Utilitaires\RealPopup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] "D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [iwqr] C:\PROGRA~1\FICHIE~1\iwqr\iwqrm.exe
O4 - HKCU\..\Run: [Djo] C:\WINDOWS\system32\??mantec\?serinit.exe
O4 - HKCU\..\Run: [Btae] "C:\WINDOWS\system32\FNTS~1\wuaclt.exe" -vt yazr
O4 - HKCU\..\Run: [Igmsc] C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Mozilla Quick Launch] "d:\Program Files\Netscape\Netscp.exe" -turbo
O4 - Startup: Palm Registration.lnk = D:\Palm\register.exe
O4 - Startup: vlcom.lnk = D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Inquiero Client.lnk = C:\Program Files\Inquiero Client\_INQUIERO.EXE
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\Utilitaires\Post-It\Psn2Lite.exe
O4 - Global Startup: ScanSnap Manager.lnk = ?
O4 - Global Startup: Touches Express.lnk = D:\Utilitaires\Touches Express\GhostTyp.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\UTILIT~1\INCRED~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - D:\Utilitaires\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Copernic 2001 - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Traduire - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Utilitaires\Diskeeper 8.0\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
O23 - Service: Inquiero Installable RC (installablerc) - Net Transmit & Receive - C:\Program Files\Inquiero Installable RC\installablerc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PostgreSQL Database Server 8.0 (pgsql-8.0) - Unknown owner - C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe" runservice -N "pgsql-8.0" -D "C:\Program Files\PostgreSQL\8.0\data\ (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Weco,
Y a du boulot !
Dans un premier temps, fait déja tout cela :
telecharge et execute ces antispywares ( pense a les mettre a jour avant de les lancer)
(1) ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip
***
(2) spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
***
et aussi ceci
(3) Ccleaner :
Télécharge Ccleaner ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
(4) Edwido
http://download.ewido.net/ewido-setup.exe
Pendant l'installation, sur la page "Additional Options", décoche les deux options "Install background guard" et "Install scan via context menu Ewido Security Suite. Clique sur mise à jour.
Clique sur scanner puis sur scan complet du système.
(5) Pour vérifier, scanne ton PC avec cet antivirus en ligne :
https://www.bitdefender.com/toolbox/
(6) Relance hijackthis et colle le log ici stp.
Bon courage
A+
Y a du boulot !
Dans un premier temps, fait déja tout cela :
telecharge et execute ces antispywares ( pense a les mettre a jour avant de les lancer)
(1) ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip
***
(2) spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
***
et aussi ceci
(3) Ccleaner :
Télécharge Ccleaner ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
(4) Edwido
http://download.ewido.net/ewido-setup.exe
Pendant l'installation, sur la page "Additional Options", décoche les deux options "Install background guard" et "Install scan via context menu Ewido Security Suite. Clique sur mise à jour.
Clique sur scanner puis sur scan complet du système.
(5) Pour vérifier, scanne ton PC avec cet antivirus en ligne :
https://www.bitdefender.com/toolbox/
(6) Relance hijackthis et colle le log ici stp.
Bon courage
A+
J'ai suivi vos consignes...mais je vois encore des fenêtres anormales!!!
Voici mon log :
Logfile of HijackThis v1.99.1
Scan saved at 23:45:54, on 03/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
D:\Utilitaires\Diskeeper 8.0\DKService.exe
C:\Program Files\Inquiero Installable RC\installablerc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe
C:\Program Files\PostgreSQL\8.0\bin\postmaster.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PFU\ScanSnap\PfuSsSct.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Utilitaires\RealPopup\RealPopup.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\FNTS~1\wuaclt.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\bcd_file\SbCRecE.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Utilitaires\Post-It\Psn2Lite.exe
C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
D:\UTILIT~1\Post-It\PSNGive.exe
D:\Utilitaires\Touches Express\GhostTyp.exe
D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
D:\PROGRA~1\Netscape\Netscp.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
R3 - URLSearchHook: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.free.fr/freebox/index.html"); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
O2 - BHO: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Utilitaires\Spybot\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8C2B5EA3-E347-EDCA-6730-CA29D28637CB} - C:\WINDOWS\system32\rbp.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PfuSsSct.exe] C:\Program Files\PFU\ScanSnap\PfuSsSct.exe /Station
O4 - HKLM\..\Run: [CardMinder] C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
O4 - HKLM\..\Run: [Pdfquickview] C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\TT Images\Quicktime 6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RealPopup] "D:\Utilitaires\RealPopup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] "D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [iwqr] C:\PROGRA~1\FICHIE~1\iwqr\iwqrm.exe
O4 - HKCU\..\Run: [Djo] C:\WINDOWS\system32\??mantec\?serinit.exe
O4 - HKCU\..\Run: [Btae] "C:\WINDOWS\system32\FNTS~1\wuaclt.exe" -vt yazr
O4 - HKCU\..\Run: [Igmsc] C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Mozilla Quick Launch] "d:\Program Files\Netscape\Netscp.exe" -turbo
O4 - Startup: Palm Registration.lnk = D:\Palm\register.exe
O4 - Startup: vlcom.lnk = D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Inquiero Client.lnk = C:\Program Files\Inquiero Client\_INQUIERO.EXE
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\Utilitaires\Post-It\Psn2Lite.exe
O4 - Global Startup: ScanSnap Manager.lnk = ?
O4 - Global Startup: Touches Express.lnk = D:\Utilitaires\Touches Express\GhostTyp.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\UTILIT~1\INCRED~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - D:\Utilitaires\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Copernic 2001 - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Traduire - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Utilitaires\Diskeeper 8.0\DKService.exe
O23 - Service: ewido security suite control - ewido networks - D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
O23 - Service: Inquiero Installable RC (installablerc) - Net Transmit & Receive - C:\Program Files\Inquiero Installable RC\installablerc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PostgreSQL Database Server 8.0 (pgsql-8.0) - Unknown owner - C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe" runservice -N "pgsql-8.0" -D "C:\Program Files\PostgreSQL\8.0\data\ (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Voici mon log :
Logfile of HijackThis v1.99.1
Scan saved at 23:45:54, on 03/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
D:\Utilitaires\Diskeeper 8.0\DKService.exe
C:\Program Files\Inquiero Installable RC\installablerc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe
C:\Program Files\PostgreSQL\8.0\bin\postmaster.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PFU\ScanSnap\PfuSsSct.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Utilitaires\RealPopup\RealPopup.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\FNTS~1\wuaclt.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\bcd_file\SbCRecE.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Utilitaires\Post-It\Psn2Lite.exe
C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
D:\UTILIT~1\Post-It\PSNGive.exe
D:\Utilitaires\Touches Express\GhostTyp.exe
D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
D:\PROGRA~1\Netscape\Netscp.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
R3 - URLSearchHook: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.free.fr/freebox/index.html"); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
O2 - BHO: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Utilitaires\Spybot\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8C2B5EA3-E347-EDCA-6730-CA29D28637CB} - C:\WINDOWS\system32\rbp.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PfuSsSct.exe] C:\Program Files\PFU\ScanSnap\PfuSsSct.exe /Station
O4 - HKLM\..\Run: [CardMinder] C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
O4 - HKLM\..\Run: [Pdfquickview] C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\TT Images\Quicktime 6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RealPopup] "D:\Utilitaires\RealPopup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] "D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [iwqr] C:\PROGRA~1\FICHIE~1\iwqr\iwqrm.exe
O4 - HKCU\..\Run: [Djo] C:\WINDOWS\system32\??mantec\?serinit.exe
O4 - HKCU\..\Run: [Btae] "C:\WINDOWS\system32\FNTS~1\wuaclt.exe" -vt yazr
O4 - HKCU\..\Run: [Igmsc] C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Mozilla Quick Launch] "d:\Program Files\Netscape\Netscp.exe" -turbo
O4 - Startup: Palm Registration.lnk = D:\Palm\register.exe
O4 - Startup: vlcom.lnk = D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Inquiero Client.lnk = C:\Program Files\Inquiero Client\_INQUIERO.EXE
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\Utilitaires\Post-It\Psn2Lite.exe
O4 - Global Startup: ScanSnap Manager.lnk = ?
O4 - Global Startup: Touches Express.lnk = D:\Utilitaires\Touches Express\GhostTyp.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\UTILIT~1\INCRED~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - D:\Utilitaires\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Copernic 2001 - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Traduire - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Utilitaires\Diskeeper 8.0\DKService.exe
O23 - Service: ewido security suite control - ewido networks - D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
O23 - Service: Inquiero Installable RC (installablerc) - Net Transmit & Receive - C:\Program Files\Inquiero Installable RC\installablerc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PostgreSQL Database Server 8.0 (pgsql-8.0) - Unknown owner - C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe" runservice -N "pgsql-8.0" -D "C:\Program Files\PostgreSQL\8.0\data\ (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Salut,
Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R3 - URLSearchHook: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
R3 - URLSearchHook: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
O2 - BHO: (no name) - {8C2B5EA3-E347-EDCA-6730-CA29D28637CB} - C:\WINDOWS\system32\rbp.dll (file missing)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [iwqr] C:\PROGRA~1\FICHIE~1\iwqr\iwqrm.exe
O4 - HKCU\..\Run: [Djo] C:\WINDOWS\system32\??mantec\?serinit.exe
O4 - HKCU\..\Run: [Btae] "C:\WINDOWS\system32\FNTS~1\wuaclt.exe" -vt yazr
O4 - HKCU\..\Run: [Igmsc] C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
Fais ce scan anti-virus en ligne, avec Internet Explorer, si non ça fontionnera pas, accepte l'active X et une fois qu'il a fini, enregistre le rapport et colle le ici avec un nouveau rapport hijackthis
https://www.bitdefender.com/toolbox/
Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R3 - URLSearchHook: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
R3 - URLSearchHook: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: (no name) - {053CB54F-01AF-2224-8F02-2427C2E0B9CF} - C:\WINDOWS\system32\awqr.dll
O2 - BHO: (no name) - {3B1AACF1-1F46-30C2-6CA5-3B46E4928DC3} - C:\WINDOWS\system32\lfqmvfak.dll (file missing)
O2 - BHO: (no name) - {8C2B5EA3-E347-EDCA-6730-CA29D28637CB} - C:\WINDOWS\system32\rbp.dll (file missing)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [iwqr] C:\PROGRA~1\FICHIE~1\iwqr\iwqrm.exe
O4 - HKCU\..\Run: [Djo] C:\WINDOWS\system32\??mantec\?serinit.exe
O4 - HKCU\..\Run: [Btae] "C:\WINDOWS\system32\FNTS~1\wuaclt.exe" -vt yazr
O4 - HKCU\..\Run: [Igmsc] C:\Documents and Settings\Corinne\Application Data\?ssembly\m?hta.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
Fais ce scan anti-virus en ligne, avec Internet Explorer, si non ça fontionnera pas, accepte l'active X et une fois qu'il a fini, enregistre le rapport et colle le ici avec un nouveau rapport hijackthis
https://www.bitdefender.com/toolbox/
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici le fichier bat :
Rapport fait à 0:22:43,25 le 04/05/2006
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\All Users\Application Data
23/04/2006 21:22 <REP> CyberLink
16/04/2006 19:52 1755 QTSBandwidthCache
11/04/2006 16:39 <REP> Apple Computer
05/04/2006 23:33 <REP> Windows Genuine Advantage
05/04/2006 23:23 <REP> Spybot - Search & Destroy
05/04/2006 14:33 <REP> DVD Shrink
05/04/2006 09:08 <REP> QuickTime
04/04/2006 23:04 <REP> Ahead
04/04/2006 21:34 <REP> DataViz
04/04/2006 21:33 <REP> HotSync
04/04/2006 20:26 <REP> 4D
02/04/2006 23:04 <REP> Skype
01/04/2006 10:42 <REP> Ulead Systems
31/03/2006 22:46 62 desktop.ini
31/03/2006 22:45 <REP> Microsoft
31/03/2006 22:45 <REP> ..
31/03/2006 22:45 <REP> .
31/03/2006 22:19 <REP> Adobe
31/03/2006 22:04 778 hpzinstall.log
31/03/2006 21:43 <REP> Symantec
3 fichier(s) 2595 octets
17 R‚p(s) 67665014784 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\Corinne\Application Data
02/05/2006 00:14 <REP> Google
25/04/2006 20:04 <REP> vlc
23/04/2006 21:37 <REP> InterVideo
23/04/2006 21:23 <REP> CyberLink
21/04/2006 08:59 <REP> ??curity
19/04/2006 11:29 <REP> Sun
19/04/2006 07:49 <REP> W?nSxS
16/04/2006 18:05 <REP> Help
16/04/2006 12:21 <REP> Vso
11/04/2006 16:41 <REP> Apple Computer
10/04/2006 09:21 <REP> PC Tools
06/04/2006 11:36 <REP> ?ssembly
05/04/2006 22:01 <REP> MailWasherPro
04/04/2006 22:05 <REP> Leadertech
04/04/2006 21:32 <REP> HotSync
03/04/2006 16:27 <REP> ntr
03/04/2006 00:14 <REP> Creative
02/04/2006 23:04 <REP> Skype
01/04/2006 19:17 <REP> Macromedia
01/04/2006 18:18 <REP> AdobeUM
01/04/2006 13:10 <REP> Fujitsu
01/04/2006 13:04 <REP> PFU
01/04/2006 11:48 <REP> RealPopup
01/04/2006 11:07 <REP> Kazaa Lite
01/04/2006 11:03 <REP> AlertInfo
01/04/2006 10:55 <REP> Lavasoft
31/03/2006 22:45 <REP> Mozilla
31/03/2006 22:39 <REP> Hewlett-Packard
31/03/2006 22:21 <REP> Adobe
31/03/2006 21:43 <REP> Symantec
31/03/2006 21:04 <REP> Identities
31/03/2006 21:04 62 desktop.ini
31/03/2006 21:04 <REP> ..
31/03/2006 21:04 <REP> .
31/03/2006 21:04 <REP> Microsoft
1 fichier(s) 62 octets
34 R‚p(s) 67664998400 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\Default User\Application Data
31/03/2006 22:46 62 desktop.ini
31/03/2006 22:45 <REP> ..
31/03/2006 22:45 <REP> Microsoft
31/03/2006 22:45 <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 67664998400 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\postgres\Application Data
21/04/2006 14:49 62 desktop.ini
21/04/2006 14:49 <REP> Microsoft
21/04/2006 14:49 <REP> ..
21/04/2006 14:49 <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 67664998400 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\WINDOWS\Tasks
16/04/2006 12:20 570 Norton AntiVirus - Analyser mon ordinateur - Corinne.job
16/04/2006 12:15 368 Symantec NetDetect.job
02/04/2006 22:11 286 AutoSav32.job
02/04/2006 22:05 280 ccleaner.job
01/04/2006 10:58 280 Ad-Aware.job
31/03/2006 22:39 394 FRU Task #Hewlett-Packard#hp psc 2200 series#1143837528.job
31/03/2006 21:03 6 SA.DAT
31/03/2006 20:57 65 desktop.ini
31/03/2006 20:57 <REP> .
31/03/2006 20:57 <REP> ..
8 fichier(s) 2ÿ249 octets
2 R‚p(s) 67ÿ664ÿ994ÿ304 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Tu bosses tard ! Merci
Rapport fait à 0:22:43,25 le 04/05/2006
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\All Users\Application Data
23/04/2006 21:22 <REP> CyberLink
16/04/2006 19:52 1755 QTSBandwidthCache
11/04/2006 16:39 <REP> Apple Computer
05/04/2006 23:33 <REP> Windows Genuine Advantage
05/04/2006 23:23 <REP> Spybot - Search & Destroy
05/04/2006 14:33 <REP> DVD Shrink
05/04/2006 09:08 <REP> QuickTime
04/04/2006 23:04 <REP> Ahead
04/04/2006 21:34 <REP> DataViz
04/04/2006 21:33 <REP> HotSync
04/04/2006 20:26 <REP> 4D
02/04/2006 23:04 <REP> Skype
01/04/2006 10:42 <REP> Ulead Systems
31/03/2006 22:46 62 desktop.ini
31/03/2006 22:45 <REP> Microsoft
31/03/2006 22:45 <REP> ..
31/03/2006 22:45 <REP> .
31/03/2006 22:19 <REP> Adobe
31/03/2006 22:04 778 hpzinstall.log
31/03/2006 21:43 <REP> Symantec
3 fichier(s) 2595 octets
17 R‚p(s) 67665014784 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\Corinne\Application Data
02/05/2006 00:14 <REP> Google
25/04/2006 20:04 <REP> vlc
23/04/2006 21:37 <REP> InterVideo
23/04/2006 21:23 <REP> CyberLink
21/04/2006 08:59 <REP> ??curity
19/04/2006 11:29 <REP> Sun
19/04/2006 07:49 <REP> W?nSxS
16/04/2006 18:05 <REP> Help
16/04/2006 12:21 <REP> Vso
11/04/2006 16:41 <REP> Apple Computer
10/04/2006 09:21 <REP> PC Tools
06/04/2006 11:36 <REP> ?ssembly
05/04/2006 22:01 <REP> MailWasherPro
04/04/2006 22:05 <REP> Leadertech
04/04/2006 21:32 <REP> HotSync
03/04/2006 16:27 <REP> ntr
03/04/2006 00:14 <REP> Creative
02/04/2006 23:04 <REP> Skype
01/04/2006 19:17 <REP> Macromedia
01/04/2006 18:18 <REP> AdobeUM
01/04/2006 13:10 <REP> Fujitsu
01/04/2006 13:04 <REP> PFU
01/04/2006 11:48 <REP> RealPopup
01/04/2006 11:07 <REP> Kazaa Lite
01/04/2006 11:03 <REP> AlertInfo
01/04/2006 10:55 <REP> Lavasoft
31/03/2006 22:45 <REP> Mozilla
31/03/2006 22:39 <REP> Hewlett-Packard
31/03/2006 22:21 <REP> Adobe
31/03/2006 21:43 <REP> Symantec
31/03/2006 21:04 <REP> Identities
31/03/2006 21:04 62 desktop.ini
31/03/2006 21:04 <REP> ..
31/03/2006 21:04 <REP> .
31/03/2006 21:04 <REP> Microsoft
1 fichier(s) 62 octets
34 R‚p(s) 67664998400 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\Default User\Application Data
31/03/2006 22:46 62 desktop.ini
31/03/2006 22:45 <REP> ..
31/03/2006 22:45 <REP> Microsoft
31/03/2006 22:45 <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 67664998400 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\Documents and Settings\postgres\Application Data
21/04/2006 14:49 62 desktop.ini
21/04/2006 14:49 <REP> Microsoft
21/04/2006 14:49 <REP> ..
21/04/2006 14:49 <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 67664998400 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6899-2D96
R‚pertoire de C:\WINDOWS\Tasks
16/04/2006 12:20 570 Norton AntiVirus - Analyser mon ordinateur - Corinne.job
16/04/2006 12:15 368 Symantec NetDetect.job
02/04/2006 22:11 286 AutoSav32.job
02/04/2006 22:05 280 ccleaner.job
01/04/2006 10:58 280 Ad-Aware.job
31/03/2006 22:39 394 FRU Task #Hewlett-Packard#hp psc 2200 series#1143837528.job
31/03/2006 21:03 6 SA.DAT
31/03/2006 20:57 65 desktop.ini
31/03/2006 20:57 <REP> .
31/03/2006 20:57 <REP> ..
8 fichier(s) 2ÿ249 octets
2 R‚p(s) 67ÿ664ÿ994ÿ304 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Tu bosses tard ! Merci
je laisse tourner l'antivirus, mais j'ai toujours ammaena.com qui arrive!!! je te tiens au courant demain........ MERCI
Bonjour,
J'ai fait le scan par Bitdefender et voici un nouveu log de Hijackthis, si quelqu'un veut bien regarder ...
Merci !
Logfile of HijackThis v1.99.1
Scan saved at 10:10:23, on 04/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
D:\Utilitaires\Diskeeper 8.0\DKService.exe
D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Inquiero Installable RC\installablerc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
C:\Program Files\PostgreSQL\8.0\bin\postmaster.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PFU\ScanSnap\PfuSsSct.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\LVComS.exe
D:\Utilitaires\RealPopup\RealPopup.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\bcd_file\SbCRecE.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Utilitaires\Post-It\Psn2Lite.exe
C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe
D:\Utilitaires\Touches Express\GhostTyp.exe
D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
C:\Program Files\Inquiero Client\inquiero.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\UTILIT~1\Post-It\PSNGive.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\PROGRA~1\Netscape\Netscp.exe
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.free.fr/freebox/index.html"); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Utilitaires\Spybot\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PfuSsSct.exe] C:\Program Files\PFU\ScanSnap\PfuSsSct.exe /Station
O4 - HKLM\..\Run: [CardMinder] C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
O4 - HKLM\..\Run: [Pdfquickview] C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\TT Images\Quicktime 6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RealPopup] "D:\Utilitaires\RealPopup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] "D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Mozilla Quick Launch] "d:\Program Files\Netscape\Netscp.exe" -turbo
O4 - Startup: Palm Registration.lnk = D:\Palm\register.exe
O4 - Startup: vlcom.lnk = D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Inquiero Client.lnk = C:\Program Files\Inquiero Client\_INQUIERO.EXE
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\Utilitaires\Post-It\Psn2Lite.exe
O4 - Global Startup: ScanSnap Manager.lnk = ?
O4 - Global Startup: Touches Express.lnk = D:\Utilitaires\Touches Express\GhostTyp.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\UTILIT~1\INCRED~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - D:\Utilitaires\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Copernic 2001 - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Traduire - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Utilitaires\Diskeeper 8.0\DKService.exe
O23 - Service: ewido security suite control - ewido networks - D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
O23 - Service: Inquiero Installable RC (installablerc) - Net Transmit & Receive - C:\Program Files\Inquiero Installable RC\installablerc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PostgreSQL Database Server 8.0 (pgsql-8.0) - Unknown owner - C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe" runservice -N "pgsql-8.0" -D "C:\Program Files\PostgreSQL\8.0\data\ (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
J'ai fait le scan par Bitdefender et voici un nouveu log de Hijackthis, si quelqu'un veut bien regarder ...
Merci !
Logfile of HijackThis v1.99.1
Scan saved at 10:10:23, on 04/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
D:\Utilitaires\Diskeeper 8.0\DKService.exe
D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Inquiero Installable RC\installablerc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
C:\Program Files\PostgreSQL\8.0\bin\postmaster.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\Program Files\PostgreSQL\8.0\bin\postgres.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PFU\ScanSnap\PfuSsSct.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\LVComS.exe
D:\Utilitaires\RealPopup\RealPopup.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\bcd_file\SbCRecE.exe
D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Utilitaires\Post-It\Psn2Lite.exe
C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe
D:\Utilitaires\Touches Express\GhostTyp.exe
D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
C:\Program Files\Inquiero Client\inquiero.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\UTILIT~1\Post-It\PSNGive.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\PROGRA~1\Netscape\Netscp.exe
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.free.fr/freebox/index.html"); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Corinne\Application Data\Mozilla\Profiles\default\umyeeju0.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Utilitaires\Spybot\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PfuSsSct.exe] C:\Program Files\PFU\ScanSnap\PfuSsSct.exe /Station
O4 - HKLM\..\Run: [CardMinder] C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
O4 - HKLM\..\Run: [Pdfquickview] C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\Nero\InCD\InCD\InCD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\TT Images\Quicktime 6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RealPopup] "D:\Utilitaires\RealPopup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Detector] "D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Utilitaires\Spyware Doctor\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Mozilla Quick Launch] "d:\Program Files\Netscape\Netscp.exe" -turbo
O4 - Startup: Palm Registration.lnk = D:\Palm\register.exe
O4 - Startup: vlcom.lnk = D:\Program Files\VideoLAN\VLC\VlcOM\vlcom.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Inquiero Client.lnk = C:\Program Files\Inquiero Client\_INQUIERO.EXE
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\Utilitaires\Post-It\Psn2Lite.exe
O4 - Global Startup: ScanSnap Manager.lnk = ?
O4 - Global Startup: Touches Express.lnk = D:\Utilitaires\Touches Express\GhostTyp.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\UTILIT~1\INCRED~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Chercher avec Copernic 2001 - D:\Utilitaires\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Copernic 2001 - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Utilitaires\Copernic 2001 Basic\Copernic.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\UTILIT~1\SPYWAR~2\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Traduire - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Utilitaires\Copernic 2001 Basic\Translate.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {F11BFF96-CC7A-4482-819B-91EAE4C454EF} (NTR ActiveX 1.1.6) - https://www.inquiero.com/ssl/inquiero/mod/setup/ntractivex116_14.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Utilitaires\Diskeeper 8.0\DKService.exe
O23 - Service: ewido security suite control - ewido networks - D:\Utilitaires\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\Nero\InCD\InCD\InCDsrv.exe
O23 - Service: Inquiero Installable RC (installablerc) - Net Transmit & Receive - C:\Program Files\Inquiero Installable RC\installablerc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PostgreSQL Database Server 8.0 (pgsql-8.0) - Unknown owner - C:\Program Files\PostgreSQL\8.0\bin\pg_ctl.exe" runservice -N "pgsql-8.0" -D "C:\Program Files\PostgreSQL\8.0\data\ (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Utilitaires\Spyware Doctor\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Salut,
ça semble propre mais on a pas les rapports de Bitdefender et D'Ewido,..
1.Fait un nettoyage complet (erreur+nettoyage) avec Ccleaner
2.Cliques sur demarrer, executer, tapes: cleanmgr ,choisis ton disque C:, coches toutes les cases puis Ok.
3.Fait ça
Cliques sur demarrer, cliques droit sur poste de travail, propriétés, onglet "restauration du systeme"
-coches la case, puis cliques sur "appliquer"
-decoches la case et cliques sur "appliquer" puis "ok".
Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:
Cliques sur demarrer, tout les programmes, accessoires, outils systemes, restauration du systeme, choisis "creer un point de restauration" nommes le " ccm" par exemple, cliques sur "creer" puis "ok".
4.Refais un scan complet avec Ewido et colles le rapport ici stp
5. puis cliques sur demarrer, tous les programmes, accessoires, defragmentateur de disque, choisis ton disque C: et defragmente le
ça semble propre mais on a pas les rapports de Bitdefender et D'Ewido,..
1.Fait un nettoyage complet (erreur+nettoyage) avec Ccleaner
2.Cliques sur demarrer, executer, tapes: cleanmgr ,choisis ton disque C:, coches toutes les cases puis Ok.
3.Fait ça
Cliques sur demarrer, cliques droit sur poste de travail, propriétés, onglet "restauration du systeme"
-coches la case, puis cliques sur "appliquer"
-decoches la case et cliques sur "appliquer" puis "ok".
Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:
Cliques sur demarrer, tout les programmes, accessoires, outils systemes, restauration du systeme, choisis "creer un point de restauration" nommes le " ccm" par exemple, cliques sur "creer" puis "ok".
4.Refais un scan complet avec Ewido et colles le rapport ici stp
5. puis cliques sur demarrer, tous les programmes, accessoires, defragmentateur de disque, choisis ton disque C: et defragmente le
