[worm] autorite nt\system
Résolu
anakin6661
Messages postés
90
Statut
Membre
-
Séb08 Messages postés 18169 Date d'inscription Statut Contributeur Dernière intervention -
Séb08 Messages postés 18169 Date d'inscription Statut Contributeur Dernière intervention -
Bonjours a tous
je viens a vous car je n arrive pas a eradiquer ce sataner ver de mon ordinateur, j ai parcouru le site et les forum mais je me retrouve bloquer apres avoir fait un scan de mon ordinateur
j ai utiliser ewido anti-spyware et antivir personal edition mais je n arrive toujours pas a me debarrasser de ce ver informatique (je tiens a le preciser hein pour ceux qui ont l esprit mal tourné)
bon treve de plaisanterie, j ai formaté mon disque dur, le premier element que j ai installé avant meme les drivers, ce fut kerio firewall une vieille edition
a l analyse de mon disque dur apres plusieurs redemarrage, j ai finis par completer la manoeuvre en enlever le redemarrage automatique et j ai reussi a etablir un rapport comme suit :
-------------------------
AntiVir PersonalEdition Classic
Report file date: samedi 30 septembre 2006 23:28
Scanning for 515767 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-WURGE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Username: maydat
Computer name: MAYDAT-BUREAU
Version information:
AVSCAN.EXE : 7.0.0.47 200744 21/08/2006 10:06:56
AVSCAN.DLL : 7.0.0.45 41000 07/09/2006 10:56:33
LUKE.DLL : 7.0.0.47 118824 07/09/2006 10:32:33
LUKERES.DLL : 7.0.0.47 9256 07/09/2006 10:56:33
ANTIVIR0.VDF : 6.35.0.1 7371264 31/05/2006 10:35:27
ANTIVIR1.VDF : 6.36.0.9 1424384 06/09/2006 07:12:24
ANTIVIR2.VDF : 6.36.0.71 284160 25/09/2006 17:00:49
ANTIVIR3.VDF : 6.36.0.84 44032 30/09/2006 17:00:49
AVEWIN32.DLL : 7.2.0.22 1860096 30/09/2006 17:00:49
AVPREF.DLL : 7.0.0.2 23592 24/07/2006 12:36:04
AVREP.DLL : 6.36.0.5 806952 30/09/2006 17:00:49
AVRPBASE.DLL : 7.0.0.0 2162728 30/03/2006 08:43:31
AVPACK32.DLL : 7.2.0.0 368680 21/07/2006 06:00:28
AVREG.DLL : 6.31.0.90 27688 28/07/2005 10:06:36
NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:49
NETNW.DLL : 7.0.0.0 9768 24/07/2006 12:35:55
RCIMAGE.DLL : 7.0.0.74 1642536 01/08/2006 11:22:57
RCTEXT.DLL : 7.0.1.4 77864 30/09/2006 17:00:47
Configuration settings for the scan:
Jobname.......................: Local Drives
Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Boot sectors..................: C,D,A,E,F,G
Scan memory...................: 1
Process scan..................: 1
Scan all files................: 1
Scan archives.................: 1
Recursion depth...............: 20
Smart extensions..............: 1
Macro heuristic...............: 1
File heuristic................: 0
Primary action................: 1
Secondary action..............: 0
Start of the scan: samedi 30 septembre 2006 23:28
The scan of running processes will be started
9 Processes were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'E:\'
[NOTE] In the drive 'E:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( 12 files ).
Starting the file scan:
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\Local Settings\Temp\Perflib_Perfdata_6dc.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\default
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\default.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SAM
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SAM.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SECURITY
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SECURITY.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\software
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\software.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\system
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\system.LOG
[WARNING] The file could not be opened!
The path A:\ could not be found!
Le périphérique n'est pas prêt.
The path E:\ could not be found!
Le périphérique n'est pas prêt.
The path F:\ could not be found!
Le périphérique n'est pas prêt.
The path G:\ could not be found!
Le périphérique n'est pas prêt.
End of the scan: samedi 30 septembre 2006 23:31
Used time: 03:09 min
The scan has been done completely.
965 Scanning directories
34238 Files were scanned
0 viruses and/or unwanted programs were found
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
329 Archives were scanned
24 Warnings
1 Notes
--------------------- Fin du rapport
a partir de la je n arrive pas a savoir quelles sont les manipulation a effectuer, je ne suis pas informaticien, loin de la, j essaye d avoir un bon niveai de debutant, donc si vous arriver a m expliquer ce que je dois faire a partir de la par des mots simple, je vous en serait vraiment reconnaissant
sur ce j attend avec impatience d avoir des reponse. merci d avance
je viens a vous car je n arrive pas a eradiquer ce sataner ver de mon ordinateur, j ai parcouru le site et les forum mais je me retrouve bloquer apres avoir fait un scan de mon ordinateur
j ai utiliser ewido anti-spyware et antivir personal edition mais je n arrive toujours pas a me debarrasser de ce ver informatique (je tiens a le preciser hein pour ceux qui ont l esprit mal tourné)
bon treve de plaisanterie, j ai formaté mon disque dur, le premier element que j ai installé avant meme les drivers, ce fut kerio firewall une vieille edition
a l analyse de mon disque dur apres plusieurs redemarrage, j ai finis par completer la manoeuvre en enlever le redemarrage automatique et j ai reussi a etablir un rapport comme suit :
-------------------------
AntiVir PersonalEdition Classic
Report file date: samedi 30 septembre 2006 23:28
Scanning for 515767 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-WURGE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Username: maydat
Computer name: MAYDAT-BUREAU
Version information:
AVSCAN.EXE : 7.0.0.47 200744 21/08/2006 10:06:56
AVSCAN.DLL : 7.0.0.45 41000 07/09/2006 10:56:33
LUKE.DLL : 7.0.0.47 118824 07/09/2006 10:32:33
LUKERES.DLL : 7.0.0.47 9256 07/09/2006 10:56:33
ANTIVIR0.VDF : 6.35.0.1 7371264 31/05/2006 10:35:27
ANTIVIR1.VDF : 6.36.0.9 1424384 06/09/2006 07:12:24
ANTIVIR2.VDF : 6.36.0.71 284160 25/09/2006 17:00:49
ANTIVIR3.VDF : 6.36.0.84 44032 30/09/2006 17:00:49
AVEWIN32.DLL : 7.2.0.22 1860096 30/09/2006 17:00:49
AVPREF.DLL : 7.0.0.2 23592 24/07/2006 12:36:04
AVREP.DLL : 6.36.0.5 806952 30/09/2006 17:00:49
AVRPBASE.DLL : 7.0.0.0 2162728 30/03/2006 08:43:31
AVPACK32.DLL : 7.2.0.0 368680 21/07/2006 06:00:28
AVREG.DLL : 6.31.0.90 27688 28/07/2005 10:06:36
NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:49
NETNW.DLL : 7.0.0.0 9768 24/07/2006 12:35:55
RCIMAGE.DLL : 7.0.0.74 1642536 01/08/2006 11:22:57
RCTEXT.DLL : 7.0.1.4 77864 30/09/2006 17:00:47
Configuration settings for the scan:
Jobname.......................: Local Drives
Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Boot sectors..................: C,D,A,E,F,G
Scan memory...................: 1
Process scan..................: 1
Scan all files................: 1
Scan archives.................: 1
Recursion depth...............: 20
Smart extensions..............: 1
Macro heuristic...............: 1
File heuristic................: 0
Primary action................: 1
Secondary action..............: 0
Start of the scan: samedi 30 septembre 2006 23:28
The scan of running processes will be started
9 Processes were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'E:\'
[NOTE] In the drive 'E:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( 12 files ).
Starting the file scan:
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\maydat\Local Settings\Temp\Perflib_Perfdata_6dc.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\default
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\default.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SAM
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SAM.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SECURITY
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SECURITY.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\software
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\software.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\system
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\system.LOG
[WARNING] The file could not be opened!
The path A:\ could not be found!
Le périphérique n'est pas prêt.
The path E:\ could not be found!
Le périphérique n'est pas prêt.
The path F:\ could not be found!
Le périphérique n'est pas prêt.
The path G:\ could not be found!
Le périphérique n'est pas prêt.
End of the scan: samedi 30 septembre 2006 23:31
Used time: 03:09 min
The scan has been done completely.
965 Scanning directories
34238 Files were scanned
0 viruses and/or unwanted programs were found
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
329 Archives were scanned
24 Warnings
1 Notes
--------------------- Fin du rapport
a partir de la je n arrive pas a savoir quelles sont les manipulation a effectuer, je ne suis pas informaticien, loin de la, j essaye d avoir un bon niveai de debutant, donc si vous arriver a m expliquer ce que je dois faire a partir de la par des mots simple, je vous en serait vraiment reconnaissant
sur ce j attend avec impatience d avoir des reponse. merci d avance
A voir également:
- [worm] autorite nt\system
- Reboot system now - Guide
- Hns-accessible-system-folder ✓ - Forum Réseau
- Nt kernel & system - Forum Windows
- Cette action ne peut pas être réalisée car le fichier est ouvert dans system - Guide
- Mail delivery system ✓ - Forum Virus
4 réponses
slt,
Pour vérifier, scanne ton PC avec cet antivirus en ligne (sous IE et accepte l’activX) :
http://www.bitdefender.fr/bd/site/search.php#
Clique sur « scan on line » suis les instructions.
Et colle le rapport
ensuite :
télécharge HijackThis (version francaise) ici:
http://telechargement.zebulon.fr/160-Patch-fran%C3%A7ais-pour-HijackThis.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo (merci à Balltrap) :
instalation hijackthis
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "faire un scan et sauvegarder le log" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (merci à balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
A+
Pour vérifier, scanne ton PC avec cet antivirus en ligne (sous IE et accepte l’activX) :
http://www.bitdefender.fr/bd/site/search.php#
Clique sur « scan on line » suis les instructions.
Et colle le rapport
ensuite :
télécharge HijackThis (version francaise) ici:
http://telechargement.zebulon.fr/160-Patch-fran%C3%A7ais-pour-HijackThis.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo (merci à Balltrap) :
instalation hijackthis
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "faire un scan et sauvegarder le log" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (merci à balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
A+
Voila le rapport que j ai eu :
-------------------------
Logfile of HijackThis v1.99.1
Scan saved at 00:58:26, on 01/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
----------------Fin rapport
pas trop d info je trouve
-------------------------
Logfile of HijackThis v1.99.1
Scan saved at 00:58:26, on 01/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
----------------Fin rapport
pas trop d info je trouve
