[virus] Win32:Horst-N [Trj]
Résolu
MasterBbb
Messages postés
44
Date d'inscription
Statut
Membre
Dernière intervention
-
Akira-Kun Messages postés 1 Date d'inscription Statut Membre Dernière intervention -
Akira-Kun Messages postés 1 Date d'inscription Statut Membre Dernière intervention -
Voilà celà fait maintenant quelques jours que dès que je lance mon ordinateur avast me dit que je suis infecté par un virus (ou même deux d'en coup), j'ai beua mettre en quarantaine ou même suprimer il en reviens toujours un. Voilà l'historique avast
[quote]17/10/2006 22:44:22 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\97exssd32.c.exe\[UPX]" file.
17/10/2006 22:44:33 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\0exhdd.d.exe\[UPX]" file.
17/10/2006 23:52:14 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\32exssd32.c.exe\[UPX]" file.
17/10/2006 23:52:26 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\6exhdd.d.exe\[UPX]" file.
18/10/2006 0:17:27 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\78exhdd.d.exe\[UPX]" file.
18/10/2006 0:17:47 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\1exssd32.c.exe\[UPX]" file.
18/10/2006 0:21:52 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\48exhdd.d.exe\[UPX]" file.
18/10/2006 0:22:11 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\95exssd32.c.exe\[UPX]" file.
18/10/2006 1:00:10 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\92exssd32.c.exe\[UPX]" file.
18/10/2006 1:30:37 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\97exhdd.d.exe\[UPX]" file.
18/10/2006 17:24:05 SYSTEM 664 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\76exssd32.c.exe\[UPX]" file.
18/10/2006 19:35:12 SYSTEM 664 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\11exssd32.c.exe\[UPX]" file.
18/10/2006 23:41:24 SYSTEM 400 Sign of "Win32:Horst-N [Trj]" has been found in "C:\WINDOWS\TEMP\40exssd32.c.exe\[UPX]" file.
18/10/2006 23:42:52 SYSTEM 400 Sign of "Win32:Horst-N [Trj]" has been found in "C:\WINDOWS\TEMP\63exssd32.c.exe\[UPX]" file.
18/10/2006 23:47:15 SYSTEM 400 Sign of "Win32:Horst-N [Trj]" has been found in "C:\WINDOWS\TEMP\61exssd32.c.exe\[UPX]" file.
19/10/2006 0:15:54 Andy 388 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\60exssd32.c.exe\[UPX]" file.
19/10/2006 0:19:18 Andy 388 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\92exssd32.c.exe\[UPX]" file.
19/10/2006 7:02:44 Andy 464 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\25exssd32.c.exe\[UPX]" file.
19/10/2006 7:06:06 Andy 464 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\14exssd32.c.exe\[UPX]" file.
19/10/2006 7:09:50 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\29exssd32.c.exe\[UPX]" file.
19/10/2006 7:46:47 Andy 644 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\86exssd32.c.exe\[UPX]" file.
19/10/2006 22:40:10 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\58exssd32.c.exe\[UPX]" file.
19/10/2006 22:40:29 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\58exssd32.c.exe\[UPX]" file.
19/10/2006 22:48:44 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\90exssd32.c.exe\[UPX]" file. [/quote]
Que dois-je faire pour résoudre ce problème? Sachant que j'ai déjà lancée deux analyse complete avec avast et qu'il n'a rien trouvé pourtant ça reviens...
ps: j'ai également lancé spybot et ad aware au cas ou et rien de trouver, mon fire wall est zone alarme et je passe de temps à autre un coup de CCleaner pour nettoyer.
Merci d'avance
[quote]17/10/2006 22:44:22 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\97exssd32.c.exe\[UPX]" file.
17/10/2006 22:44:33 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\0exhdd.d.exe\[UPX]" file.
17/10/2006 23:52:14 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\32exssd32.c.exe\[UPX]" file.
17/10/2006 23:52:26 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\6exhdd.d.exe\[UPX]" file.
18/10/2006 0:17:27 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\78exhdd.d.exe\[UPX]" file.
18/10/2006 0:17:47 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\1exssd32.c.exe\[UPX]" file.
18/10/2006 0:21:52 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\48exhdd.d.exe\[UPX]" file.
18/10/2006 0:22:11 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\95exssd32.c.exe\[UPX]" file.
18/10/2006 1:00:10 Andy 404 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\92exssd32.c.exe\[UPX]" file.
18/10/2006 1:30:37 Andy 404 Sign of "Win32:Horst-L [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\97exhdd.d.exe\[UPX]" file.
18/10/2006 17:24:05 SYSTEM 664 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\76exssd32.c.exe\[UPX]" file.
18/10/2006 19:35:12 SYSTEM 664 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\11exssd32.c.exe\[UPX]" file.
18/10/2006 23:41:24 SYSTEM 400 Sign of "Win32:Horst-N [Trj]" has been found in "C:\WINDOWS\TEMP\40exssd32.c.exe\[UPX]" file.
18/10/2006 23:42:52 SYSTEM 400 Sign of "Win32:Horst-N [Trj]" has been found in "C:\WINDOWS\TEMP\63exssd32.c.exe\[UPX]" file.
18/10/2006 23:47:15 SYSTEM 400 Sign of "Win32:Horst-N [Trj]" has been found in "C:\WINDOWS\TEMP\61exssd32.c.exe\[UPX]" file.
19/10/2006 0:15:54 Andy 388 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\60exssd32.c.exe\[UPX]" file.
19/10/2006 0:19:18 Andy 388 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\92exssd32.c.exe\[UPX]" file.
19/10/2006 7:02:44 Andy 464 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\25exssd32.c.exe\[UPX]" file.
19/10/2006 7:06:06 Andy 464 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\14exssd32.c.exe\[UPX]" file.
19/10/2006 7:09:50 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\29exssd32.c.exe\[UPX]" file.
19/10/2006 7:46:47 Andy 644 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\86exssd32.c.exe\[UPX]" file.
19/10/2006 22:40:10 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\58exssd32.c.exe\[UPX]" file.
19/10/2006 22:40:29 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\58exssd32.c.exe\[UPX]" file.
19/10/2006 22:48:44 Andy 568 Sign of "Win32:Horst-N [Trj]" has been found in "C:\DOCUME~1\Andy\LOCALS~1\Temp\90exssd32.c.exe\[UPX]" file. [/quote]
Que dois-je faire pour résoudre ce problème? Sachant que j'ai déjà lancée deux analyse complete avec avast et qu'il n'a rien trouvé pourtant ça reviens...
ps: j'ai également lancé spybot et ad aware au cas ou et rien de trouver, mon fire wall est zone alarme et je passe de temps à autre un coup de CCleaner pour nettoyer.
Merci d'avance
A voir également:
- [virus] Win32:Horst-N [Trj]
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Altruistic virus ✓ - Forum Antivirus
21 réponses
Bonjour! j'ai moi aussi eu le Horst-N ainsi que l'Agent-VM et le Horst-L! j'ai utiliser tout les logiciels conseiller tel que Ad-Aware, spybot, ccleaner, j'ai même suprimé le fichier smss.exe mais Horst-N perciste,peut on m'aider please!!!
Voici le rapport hijack! Merci d'avance.
Logfile of HijackThis v1.99.1
Scan saved at 20:03:55, on 24/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\program files\steam\steam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\lycos\Lyc_SysTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\RSC\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [lycosInside] C:\Program Files\lycos\Lyc_SysTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Voici le rapport hijack! Merci d'avance.
Logfile of HijackThis v1.99.1
Scan saved at 20:03:55, on 24/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\program files\steam\steam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\lycos\Lyc_SysTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\RSC\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [lycosInside] C:\Program Files\lycos\Lyc_SysTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
