[Not-A-Virus.Hacktool.EvId]
Résolu
Country Man
Messages postés
209
Statut
Membre
-
Country Man Messages postés 209 Statut Membre -
Country Man Messages postés 209 Statut Membre -
Bonjour,
Ewido m'a détecté cette "chose" :
Not-A-Virus.Hacktool.Evid.
Qu'est-ce ? Est-ce vraiment inoffensif ?
PS. Mon PC a été utilisé récement comme open-proxy et, est "pourri" par des vers et trojan Horst et Medbot que je suis en train de traiter...
Comme de toutes les façons le temps n'est pas top au moins j'ai du boulot pour ce dimanche ;-)
Merci d'avance
@+ Country
Ewido m'a détecté cette "chose" :
Not-A-Virus.Hacktool.Evid.
Qu'est-ce ? Est-ce vraiment inoffensif ?
PS. Mon PC a été utilisé récement comme open-proxy et, est "pourri" par des vers et trojan Horst et Medbot que je suis en train de traiter...
Comme de toutes les façons le temps n'est pas top au moins j'ai du boulot pour ce dimanche ;-)
Merci d'avance
@+ Country
A voir également:
- [Not-A-Virus.Hacktool.EvId]
- Do not turn off target traduction - Forum Samsung
- Selected file is not a proper bios ✓ - Forum Windows 10
- Samsung galaxy tab S Bloquer Downloading do not turn off target - Forum Téléphones & tablettes Android
- Your browser sent a request that this server could not understand ✓ - Forum Réseaux sociaux
- Signal cable not connected - Forum Ecran
5 réponses
Salut,
fait un petit cop de AVG Anti-Spyware Free
en bas de page clique la dessus:
AVG Anti-Spyware Free for Windows installation files
http://free.grisoft.com/doc/5390/lng/us/tpl/v5
vas savoir ?
fait un petit cop de AVG Anti-Spyware Free
en bas de page clique la dessus:
AVG Anti-Spyware Free for Windows installation files
http://free.grisoft.com/doc/5390/lng/us/tpl/v5
vas savoir ?
Bonsoir,
J'ai fait carburer les anti-virus ( avast/ AVG/)toute la journée, et un paquet impressionant est en quarantaine. Cependant j'ai encore quelques alertes avast sur win : 32Medbot-AX entre autre, ce qui signifierais que tout n'est pas résolu.
Je post ici un scan Highjack si vous y voyez des choses interressantes, je suis preneur, vu que pour moi c'est comme lire dans du marc de café...
Merci d'avance,
@++
Country Man
Logfile of HijackThis v1.99.1
Scan saved at 23:22:04, on 25/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\DELLMMKB.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\GRAWYV~1\LOCALS~1\Temp\QZTEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi
V2\McciTrayApp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"
-osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers
communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
(file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
{85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\AIM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version3/Applet/wchatsign.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program
Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/06ff2864692633a8ff19/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://fnac.metaboli.fr/components/Metaboli.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {EB6D7E70-AAA9-40D9-BA05-F214089F2275} - http://www.clickteam.com/vitalize3/vitalize.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido
anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program
Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program
Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware
Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
J'ai fait carburer les anti-virus ( avast/ AVG/)toute la journée, et un paquet impressionant est en quarantaine. Cependant j'ai encore quelques alertes avast sur win : 32Medbot-AX entre autre, ce qui signifierais que tout n'est pas résolu.
Je post ici un scan Highjack si vous y voyez des choses interressantes, je suis preneur, vu que pour moi c'est comme lire dans du marc de café...
Merci d'avance,
@++
Country Man
Logfile of HijackThis v1.99.1
Scan saved at 23:22:04, on 25/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\DELLMMKB.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\GRAWYV~1\LOCALS~1\Temp\QZTEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi
V2\McciTrayApp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"
-osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers
communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
(file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
{85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\AIM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version3/Applet/wchatsign.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program
Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/06ff2864692633a8ff19/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://fnac.metaboli.fr/components/Metaboli.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {EB6D7E70-AAA9-40D9-BA05-F214089F2275} - http://www.clickteam.com/vitalize3/vitalize.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido
anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program
Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program
Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware
Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Bonsoir,
pour faire avancer
* Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
* Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
* Redémarre ton ordinateur en mode sans échec
* Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum,
avec un nouveau log Hijackthis
pour faire avancer
* Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
* Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
* Redémarre ton ordinateur en mode sans échec
* Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum,
avec un nouveau log Hijackthis
Re bonsoir camarade,
Apparement y en avait besoin !
Voila voila :
1/ rapport SDFix
SDFix: Version 1.68
Run by GRAW YVES - 25/02/2007 @ 23:47:30,95
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
Path:
Restoring Windows Registry Entries
Restoring Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\DOCUME~1\GRAWYV~1\LOCALS~1\Temp\autorun.inf - Deleted
C:\WINDOWS\system\smss.exe - Deleted
ADS Check:
C:\WINDOWS\system32
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Documents and Settings\\GRAW YVES\\Local Settings\\Temp\\~os105.tmp\\ossproxy.exe"="C:\\Documents and Settings\\GRAW YVES\\Local Settings\\Temp\\~os105.tmp\\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe"="C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe:*:Disabled:CoDUOMP"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Disabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Disabled:AOL 9.0"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"="C:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe:*:Disabled:BF1942"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Disabled:CoD2MP_s"
"C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe"="C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe:*:Disabled:CoDMP"
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Palm\\Hotsync.exe"="C:\\Program Files\\Palm\\Hotsync.exe:*:Disabled:HotSync® Manager Application"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe"="C:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe:*:Disabled:Medal of Honor Allied Assault(tm)"
"C:\\WINDOWS\\SYSTEM32\\mmc.exe"="C:\\WINDOWS\\SYSTEM32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="C:\\Program Files\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Disabled:pandora"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Disabled:Sid Meier's Civilization 4"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe:*:Disabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe:*:Disabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe:*:Disabled:SiSoftware Sandra Lite"
"C:\\Program Files\\Ratajik Software\\StationRipper\\StationRipperConsole.exe"="C:\\Program Files\\Ratajik Software\\StationRipper\\StationRipperConsole.exe:*:Disabled:StationRipperConsole"
"C:\\Valve\\Steam\\Steam.exe"="C:\\Valve\\Steam\\Steam.exe:*:Disabled:Steam"
"C:\\Program Files\\Xfire\\ua_lsp_inst.exe"="C:\\Program Files\\Xfire\\ua_lsp_inst.exe:*:Disabled:ua_lsp_inst"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Disabled:AOL"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\17exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\17exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\54exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\54exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\72exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\72exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\95exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\95exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\14exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\14exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\96exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\96exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\71exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\71exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\51exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\51exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\28exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\28exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\55exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\55exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\37exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\37exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\62exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\62exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\87exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\87exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\50exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\50exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\3exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\3exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\1exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\1exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\58exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\58exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\38exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\38exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\31exinjs.a2.exe"="C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\31exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\66exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\66exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\88exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\88exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\29exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\29exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\93exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\93exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\5exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\5exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\67exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\67exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\69exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\69exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\46exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\46exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\75exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\75exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\36exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\36exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\20exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\20exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\81exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\81exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\33exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\33exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\68exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\68exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\61exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\61exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\97exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\97exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\52exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\52exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\9exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\9exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\98exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\98exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\63exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\63exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\89exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\89exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\12exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\12exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\91exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\91exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\59exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\59exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\4exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\4exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\40exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\40exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\54exinjs.a2.exe"="C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\54exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\16exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\16exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\20exinjs.a2.exe"="C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\20exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\19exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\19exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\70exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\70exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\41exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\41exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\60exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\60exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\90exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\90exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\30exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\30exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\80exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\80exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes :
C:\WINDOWS\SYSTEM32\PackethSvc.exe
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL0131.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL0194.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL0610.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL1408.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL1745.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL2175.tmp
C:\Documents and Settings\GRAW GUILAINE\Mes documents\BOULOT\bilan 2006\~WRL0009.tmp
C:\Documents and Settings\GRAW GUILAINE\Mes documents\BOULOT\bilan 2006\~WRL0322.tmp
C:\Documents and Settings\GRAW GUILAINE\Mes documents\BOULOT\bilan 2006\~WRL2661.tmp
C:\Documents and Settings\GRAW YVES\Application Data\Microsoft\ModŠles\~WRL0005.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R23.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R3E.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R40.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R42.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R43.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R44.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R46.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R48.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R52.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R5D.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R5F.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R61.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R63.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R69.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S24.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S3F.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S41.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S43.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S44.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S45.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S47.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S49.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S53.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S5E.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S60.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S62.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S64.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S6A.tmp
Add/Remove Programs List:
Commande ECHO d‚sactiv‚e.
Ad-Aware SE Personal
AIM
avast! Antivirus
AVG 7.5
CartoExploreur
Catching Features (remove only)
CCleaner (remove only)
SafeCast Shared Components
Club Internet Agent Wi-Fi V2
Configurateur Modem
DiamondCS Port Explorer v2.150
eMule
ewido anti-spyware 4.0
FoneSync
Free Mp3 Wma Converter V 1.5.0
Free Spider
G-Force
GCompris (supprimer uniquement)
GUILD WARS
R‚cr‚s1
R‚cr‚s2
R‚cr‚s3
HijackThis 1.99.1
HP Image Zone 4.7
HP PSC 2350 series
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Microsoft Data Access Components KB870669
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885295
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893066
Correctif Windows XP - KB893086
Le pique nique
Macromedia Shockwave Player
Mozilla Firefox (1.5.0.10)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft National Language Support Downlevel APIs
NVIDIA Windows 2000/XP Display Drivers
POB11 range ses jouets
POB 7
Quick Zip 4.60.017b
QuickTime
RealPlayer
TribalWeb.net
Shockwave
Macromedia Flash Player 8
SiSoftware Sandra Lite 2005.SR3 (Win64/32/CE)
Skype 2.5
Spybot - Search & Destroy 1.4
Viewpoint Media Player
Lecteur Windows Mediaÿ11
Windows XP Service Pack 2
WJChess 0.72
Installation de Microsoft Works Suite 2001
Microsoft User-Mode Driver Framework Feature Pack 1.0
ZoneAlarm
Microsoft Office 2000 Small Business
Microsoft Word 2000 SR-1
2350
2350_Help
Macro compl‚mentaire Microsoft Word pour Works Suite
Python 2.5
Scan
Modem Test
ScannerCopy
OS Pack Works Suite
HP Product Assistant
AutoUpdate
TrayApp
Unload
J2SE Runtime Environment 5.0 Update 11
HP PSC & OfficeJet 4.7
Synchronisation de Works
ProductContext
Google Earth
Sid Meier's Civilization 4
Readme
HP Software Update
AiO_Scan
Adaptateur IEEE 802.11g Sans-Fil USB
Destinations
BufferChm
DellTouch
Microsoft Works 6.0
HPSystemDiagnostics
DivX Codec
HP Image Zone Express
AiOSoftware
QFolder
DivX Player
Microsoft Office PowerPoint Viewer 2003
Help and Support Customization
Hercules Webcam
Adobe Reader 7.0.9 - Fran‡ais
Palm
JourneySoftwarePromo
Director
2350Trb
WebReg
Sid Meier's Civilization 4
Microsoft Money 2001
Hercules WebCam Station
SpeedTouch USB Software
Documents To Go
Nero 7 Premium
Finished
2/ Highjack
Logfile of HijackThis v1.99.1
Scan saved at 00:04:55, on 26/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\DELLMMKB.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\GRAWYV~1\LOCALS~1\Temp\QZTEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\AIM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version3/Applet/wchatsign.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06ff2864692633a8ff19/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://fnac.metaboli.fr/components/Metaboli.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {EB6D7E70-AAA9-40D9-BA05-F214089F2275} - http://www.clickteam.com/vitalize3/vitalize.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Apparement y en avait besoin !
Voila voila :
1/ rapport SDFix
SDFix: Version 1.68
Run by GRAW YVES - 25/02/2007 @ 23:47:30,95
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
Path:
Restoring Windows Registry Entries
Restoring Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\DOCUME~1\GRAWYV~1\LOCALS~1\Temp\autorun.inf - Deleted
C:\WINDOWS\system\smss.exe - Deleted
ADS Check:
C:\WINDOWS\system32
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Documents and Settings\\GRAW YVES\\Local Settings\\Temp\\~os105.tmp\\ossproxy.exe"="C:\\Documents and Settings\\GRAW YVES\\Local Settings\\Temp\\~os105.tmp\\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe"="C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe:*:Disabled:CoDUOMP"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Disabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Disabled:AOL 9.0"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"="C:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe:*:Disabled:BF1942"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Disabled:CoD2MP_s"
"C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe"="C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe:*:Disabled:CoDMP"
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Palm\\Hotsync.exe"="C:\\Program Files\\Palm\\Hotsync.exe:*:Disabled:HotSync® Manager Application"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe"="C:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe:*:Disabled:Medal of Honor Allied Assault(tm)"
"C:\\WINDOWS\\SYSTEM32\\mmc.exe"="C:\\WINDOWS\\SYSTEM32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="C:\\Program Files\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Disabled:pandora"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Disabled:Sid Meier's Civilization 4"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe:*:Disabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe:*:Disabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe:*:Disabled:SiSoftware Sandra Lite"
"C:\\Program Files\\Ratajik Software\\StationRipper\\StationRipperConsole.exe"="C:\\Program Files\\Ratajik Software\\StationRipper\\StationRipperConsole.exe:*:Disabled:StationRipperConsole"
"C:\\Valve\\Steam\\Steam.exe"="C:\\Valve\\Steam\\Steam.exe:*:Disabled:Steam"
"C:\\Program Files\\Xfire\\ua_lsp_inst.exe"="C:\\Program Files\\Xfire\\ua_lsp_inst.exe:*:Disabled:ua_lsp_inst"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Disabled:AOL"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\17exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\17exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\54exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\54exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\72exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\72exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\95exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\95exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\14exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\14exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\96exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\96exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\71exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\71exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\51exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\51exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\28exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\28exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\55exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\55exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\37exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\37exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\62exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\62exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\87exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\87exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\50exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\50exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\3exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\3exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\1exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\1exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\58exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\58exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\38exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\38exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\31exinjs.a2.exe"="C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\31exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\66exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\66exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\88exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\88exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\29exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\29exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\93exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\93exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\5exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\5exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\67exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\67exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\69exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\69exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\46exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\46exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\75exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\75exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\36exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\36exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\20exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\20exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\81exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\81exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\33exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\33exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\68exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\68exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\61exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\61exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\97exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\97exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\52exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\52exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\9exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\9exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\98exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\98exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\63exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\63exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\89exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\89exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\12exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\12exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\91exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\91exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\59exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\59exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\4exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\4exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\40exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\40exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\54exinjs.a2.exe"="C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\54exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\16exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\16exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\20exinjs.a2.exe"="C:\\DOCUME~1\\GRAWGU~1\\LOCALS~1\\Temp\\20exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\19exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\19exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\70exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\70exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\41exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\41exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\60exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\60exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\90exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\90exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\30exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\30exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\80exinjs.a2.exe"="C:\\DOCUME~1\\GRAWYV~1\\LOCALS~1\\Temp\\80exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2005.SR3\\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes :
C:\WINDOWS\SYSTEM32\PackethSvc.exe
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL0131.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL0194.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL0610.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL1408.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL1745.tmp
C:\Documents and Settings\GRAW GUILAINE\Application Data\Microsoft\Word\~WRL2175.tmp
C:\Documents and Settings\GRAW GUILAINE\Mes documents\BOULOT\bilan 2006\~WRL0009.tmp
C:\Documents and Settings\GRAW GUILAINE\Mes documents\BOULOT\bilan 2006\~WRL0322.tmp
C:\Documents and Settings\GRAW GUILAINE\Mes documents\BOULOT\bilan 2006\~WRL2661.tmp
C:\Documents and Settings\GRAW YVES\Application Data\Microsoft\ModŠles\~WRL0005.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R23.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R3E.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R40.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R42.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R43.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R44.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R46.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R48.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R52.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R5D.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R5F.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R61.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R63.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@R69.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S24.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S3F.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S41.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S43.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S44.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S45.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S47.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S49.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S53.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S5E.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S60.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S62.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S64.tmp
C:\Documents and Settings\GRAW YVES\Local Settings\Temp\Z@S6A.tmp
Add/Remove Programs List:
Commande ECHO d‚sactiv‚e.
Ad-Aware SE Personal
AIM
avast! Antivirus
AVG 7.5
CartoExploreur
Catching Features (remove only)
CCleaner (remove only)
SafeCast Shared Components
Club Internet Agent Wi-Fi V2
Configurateur Modem
DiamondCS Port Explorer v2.150
eMule
ewido anti-spyware 4.0
FoneSync
Free Mp3 Wma Converter V 1.5.0
Free Spider
G-Force
GCompris (supprimer uniquement)
GUILD WARS
R‚cr‚s1
R‚cr‚s2
R‚cr‚s3
HijackThis 1.99.1
HP Image Zone 4.7
HP PSC 2350 series
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Microsoft Data Access Components KB870669
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885295
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893066
Correctif Windows XP - KB893086
Le pique nique
Macromedia Shockwave Player
Mozilla Firefox (1.5.0.10)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft National Language Support Downlevel APIs
NVIDIA Windows 2000/XP Display Drivers
POB11 range ses jouets
POB 7
Quick Zip 4.60.017b
QuickTime
RealPlayer
TribalWeb.net
Shockwave
Macromedia Flash Player 8
SiSoftware Sandra Lite 2005.SR3 (Win64/32/CE)
Skype 2.5
Spybot - Search & Destroy 1.4
Viewpoint Media Player
Lecteur Windows Mediaÿ11
Windows XP Service Pack 2
WJChess 0.72
Installation de Microsoft Works Suite 2001
Microsoft User-Mode Driver Framework Feature Pack 1.0
ZoneAlarm
Microsoft Office 2000 Small Business
Microsoft Word 2000 SR-1
2350
2350_Help
Macro compl‚mentaire Microsoft Word pour Works Suite
Python 2.5
Scan
Modem Test
ScannerCopy
OS Pack Works Suite
HP Product Assistant
AutoUpdate
TrayApp
Unload
J2SE Runtime Environment 5.0 Update 11
HP PSC & OfficeJet 4.7
Synchronisation de Works
ProductContext
Google Earth
Sid Meier's Civilization 4
Readme
HP Software Update
AiO_Scan
Adaptateur IEEE 802.11g Sans-Fil USB
Destinations
BufferChm
DellTouch
Microsoft Works 6.0
HPSystemDiagnostics
DivX Codec
HP Image Zone Express
AiOSoftware
QFolder
DivX Player
Microsoft Office PowerPoint Viewer 2003
Help and Support Customization
Hercules Webcam
Adobe Reader 7.0.9 - Fran‡ais
Palm
JourneySoftwarePromo
Director
2350Trb
WebReg
Sid Meier's Civilization 4
Microsoft Money 2001
Hercules WebCam Station
SpeedTouch USB Software
Documents To Go
Nero 7 Premium
Finished
2/ Highjack
Logfile of HijackThis v1.99.1
Scan saved at 00:04:55, on 26/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\DELLMMKB.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\GRAWYV~1\LOCALS~1\Temp\QZTEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\AIM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version3/Applet/wchatsign.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06ff2864692633a8ff19/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://fnac.metaboli.fr/components/Metaboli.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {EB6D7E70-AAA9-40D9-BA05-F214089F2275} - http://www.clickteam.com/vitalize3/vitalize.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
oui c'est incompatible. Tu retrouveras tjs des problèmes voir des ralentissements à mettre des antivirus en double ou des firewall. C'est pareil, et tu ne seras pas mieux protégé
Récap de la situation :
Aprés un oubli de réactivation du pare feu et une nuit solo, mon FAI m'a averti de l'ouverture d'un OPEN PROXY sur mon adresse IP.
Un scan AVAST a permis de détecter divers vers et trojans qui se sont démultipliés >100.
Un scan avec AVG d'autres encores qui ont étés mis en quarantaine.
Ensuite une couche EWIDO et CC cleaner pour finir.
Malgré tout des alertes subsistaient encore sur deux trojans.
Un dernier nettoyage en mode sans echec avec SDFIx me semble avoir résolu le problème.
Merci a Garybrax et Philae83
Aprés un oubli de réactivation du pare feu et une nuit solo, mon FAI m'a averti de l'ouverture d'un OPEN PROXY sur mon adresse IP.
Un scan AVAST a permis de détecter divers vers et trojans qui se sont démultipliés >100.
Un scan avec AVG d'autres encores qui ont étés mis en quarantaine.
Ensuite une couche EWIDO et CC cleaner pour finir.
Malgré tout des alertes subsistaient encore sur deux trojans.
Un dernier nettoyage en mode sans echec avec SDFIx me semble avoir résolu le problème.
Merci a Garybrax et Philae83
