Sujet Précédent Sujet Suivant

Infecté par TROJ generic.ADV et trojan win32

Résolu
perduu -  
 Utilisateur anonyme -
bonjour , suite a un trojan je n'arrive plus a utiliser mon poste de travail et certaine autres fonctions , j'ai fait plusieur scan avec divers antivirus (norton, a-squared , secuser etc...) qui m'ont eliminer ce virus et apparement tout est clean mais mon pc deconne toujours , ya-t-il un manipulation a faire ? je n'y connais pas grand chose , quelqu'un peut-il m'aider SVP ?
HELP PLEASE
A voir également:

26 réponses

  • 1
  • 2
Réponse 1 / 26
Utilisateur anonyme
 
Salut,

Télécharge HijackThis :
---> http://www.infos-du-net.com/telecharger/HijackThis,0301-454.html
Installe le dans son propre dossier :
- clic droit sur le bureau, tu choisis "nouveau dossier" puis installe-le à l'intérieur.
Double-clic sur HijackThis.
Clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici stp
0
Réponse 2 / 26
perduu
 
j'ai fait comme tu m'as dit donc voila
Logfile of HijackThis v1.99.1
Scan saved at 17:40:32, on 11/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\APPS\SMP\SmpSys.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\a-squared Anti-Malware\a2scan.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Documents and Settings\nabila\Local Settings\Temporary Internet Files\Content.IE5\2W5Y63RQ\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.videostudiopro.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?590cf60d134545dd8b687c471216aef8
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?590cf60d134545dd8b687c471216aef8
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: OPXPGina - C:\Apps\Softex\OmniPass\opxpgina.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0
Réponse 3 / 26
Utilisateur anonyme
 
En mode sans echec, arrives-tu a utiliser ton poste de travail ?
0
perduu
 
desolé je me suis trompé , ça marche en mode sans echec
que dois je faire ?
et merci pour ton aide
0
Réponse 4 / 26
perduu
 
non meme en mode sans echec ! quand je clic dessus tout les icones disparaissent puis revienne mais rien ne s'ouvrent
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 26
Utilisateur anonyme
 
Telecharge ceci
https://www.silentrunners.org/Silent%20Runners.vbs

Fait un clic en haut à droite sur "fichier" , "enregistrer sous".

Execute le ,attends quelques minutes, il va créer un dossier juste a coté de silent runner sous format texte, copie/colle ce qu il te donnera
0
Réponse 6 / 26
perduu
 
bon ecoute desolé mais j'y arrive pas , je telecharge je fais "executer" puis ensuite il y une fenetre en anglais , je clic oui , mais apres je ne sais pas ou va le rapport ? impossible de mettre la main dessus ( je dois vraiment etre nul !!)
0
Réponse 7 / 26
Utilisateur anonyme
 
Il doit être juste à côté du fichier que tu as téléchargé.
Retélécharge le sur ton bureau le rapport sera sur le bureau ;-)
0
Réponse 8 / 26
perduu
 
il me me mets ça :
SILENT RUNNERS RR50 Complete
all done ! the results are in the file :
startup programs 2007-03-11 23.45.txt
this file is in the same directory as the script
voila j'y comprend rien et quand je le mets sur le bureau je ne peu pas l'ouvrir (comme les autres icones d'ailleurs)
0
Réponse 9 / 26
perduu
 
autant pour moi je suis nul (mais j'espere etre un vrai forgeron)voila
"Silent Runners.vbs", revision R50, https://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"SmpcSys" = "C:\APPS\SMP\SmpSys.exe" ["Packard Bell BV"]
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]
"NBJ" = ""C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"]
"updateMgr" = "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9" ["Adobe Systems Incorporated"]
"Pando" = ""C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized" ["Pando Networks"]
"Spyware Doctor" = ""C:\Program Files\Spyware Doctor\swdoctor.exe" /Q" ["PC Tools Research Pty Ltd"]
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ehTray" = "C:\WINDOWS\ehome\ehtray.exe" [MS]
"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]
"SkyTel" = "SkyTel.EXE" ["Realtek Semiconductor Corp."]
"Alcmtr" = "ALCMTR.EXE" ["Realtek Semiconductor Corp."]
"NECHotkey" = "mHotkey.exe" [empty string]
"ATICCC" = ""c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"" [null data]
"ATSwpNav" = ""C:\Program Files\Fingerprint Sensor\ATSwpNav" -run" ["AuthenTec, Inc."]
"Vade Retro Outlook Express" = ""C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"" [empty string]
"DetectorApp" = "C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [null data]
"OmniPass" = "C:\Apps\Softex\OmniPass\scureapp.exe" [null data]
"IMJPMIG8.1" = ""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"" [MS]
"BOOT" = "C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT" ["ISSENDIS"]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Nero AG"]
"TkBellExe" = ""C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]
"a-squared" = ""C:\Program Files\a-squared Anti-Malware\a2guard.exe"" ["Emsi Software GmbH"]
"!ewido" = ""C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized" ["Anti-Malware Development a.s."]
"ccApp" = ""C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]
"OoPDFSettingsv6.exe" = "C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" ["ISSENDIS"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4EFB-9B51-7695ECA05670}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Yahoo! Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{38D3FE60-3D53-4F37-BB0E-C7A97A26A156}\(Default) = (no title provided)
-> {HKLM...CLSID} = "CInterceptor Object"
\InProcServer32\(Default) = "C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll" ["Pando Networks"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}\(Default) = (no title provided)
-> {HKLM...CLSID} = "PCTools Site Guard"
\InProcServer32\(Default) = "C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll" ["PC Tools"]
{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Windows Live Sign-in Helper"
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1}\(Default) = "Norton Internet Security 2006"
-> {HKLM...CLSID} = "CNisExtBho Class"
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}\(Default) = "NAV Helper"
-> {HKLM...CLSID} = "CNavExtBho Class"
\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]
{B56A7D7D-6927-48C8-A975-17DF180C71AC}\(Default) = (no title provided)
-> {HKLM...CLSID} = "PCTools Browser Monitor"
\InProcServer32\(Default) = "C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll" ["PC Tools"]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Windows Live Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "c:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{D0CE97A0-415B-42E9-B251-34393AF2D5F6}" = "OmniPass Shell Extension"
-> {HKLM...CLSID} = "Softex OmniPass Encrypted File"
\InProcServer32\(Default) = "C:\Apps\Softex\OmniPass\opfolderext.dll" ["Softex Inc."]
"{D5B1944E-DB4E-482E-B3F1-DB05827F0978}" = "OmniPass ShellNameSpace Extension"
-> {HKLM...CLSID} = "Softex OmniPass Encrypted Folder"
\InProcServer32\(Default) = "C:\Apps\Softex\OmniPass\opfolderext.dll" ["Softex Inc."]
"{192A2665-957E-4870-99D1-08F5CD082551}" = "shellpdfmenu"
-> {HKLM...CLSID} = "OFFICE One PDF Manager v6"
\InProcServer32\(Default) = "C:\WINDOWS\system32\OoPdfManagerPopup.dll" [empty string]
"{77E7AAFA-76D1-4798-859D-DB0B9DFFEAA9}" = "OFFICEOneZipv6"
-> {HKLM...CLSID} = "OFFICE One Zip v6"
\InProcServer32\(Default) = "C:\WINDOWS\system32\OoneZipPopup.dll" [null data]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
-> {HKLM...CLSID} = "Mes dossiers de partage"
\InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0812.00.dll" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{AB77609F-2178-4E6F-9C4B-44AC179D937A}" = "a-squared Context Menu Shell Extension"
-> {HKLM...CLSID} = "a-squared context menu"
\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "ewido anti-spyware 4.0"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll" ["Anti-Malware Development a.s."]

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\System\CurrentControlSet\Control\Session Manager\
<<!>> "BootExecute" = "autocheck autochk *"|"smrgdf D:\Documents and Settings\nabila\Application Data\iolo\" [null data]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
<<!>> OPXPGina\DLLName = "C:\Apps\Softex\OmniPass\opxpgina.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
OPShellExt\(Default) = "{D0CE97A0-415B-42E9-B251-34393AF2D5F6}"
-> {HKLM...CLSID} = "Softex OmniPass Encrypted File"
\InProcServer32\(Default) = "C:\Apps\Softex\OmniPass\opfolderext.dll" ["Softex Inc."]
PandoShellExt\(Default) = "{9C150845-2A2D-44CC-90B3-AA03480AA3D2}"
-> {HKLM...CLSID} = "PDShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Pando Networks\Pando\PandoShellExt.dll" ["Pando Networks"]
shellpdfmenu\(Default) = "{192A2665-957E-4870-99D1-08F5CD082551}"
-> {HKLM...CLSID} = "OFFICE One PDF Manager v6"
\InProcServer32\(Default) = "C:\WINDOWS\system32\OoPdfManagerPopup.dll" [empty string]
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
OPShellExt\(Default) = "{D0CE97A0-415B-42E9-B251-34393AF2D5F6}"
-> {HKLM...CLSID} = "Softex OmniPass Encrypted File"
\InProcServer32\(Default) = "C:\Apps\Softex\OmniPass\opfolderext.dll" ["Softex Inc."]
PandoShellExt\(Default) = "{9C150845-2A2D-44CC-90B3-AA03480AA3D2}"
-> {HKLM...CLSID} = "PDShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Pando Networks\Pando\PandoShellExt.dll" ["Pando Networks"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"
-> {HKLM...CLSID} = "a-squared context menu"
\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
0
Réponse 10 / 26
perduu
 
bonjour , personne pour m'aider svp ?
0
Réponse 11 / 26
Utilisateur anonyme
 
Salut ton rapport n'est pas complet ;-)

fait ceci

Télécharge ComboScan sur ton Bureau.
http://www.techsupportforum.com/sectools/Deckard/comboscan.exe

Ferme toutes les applications en cours.
Double-clique sur comboscan.exe pour lancer l'outil.
A la fenêtre de prévention, clique sur OK.
L'analyse peut prendre quelques minutes.
A la fenêtre indiquant la fin de l'analyse, clique sur OK.
Le rapport Comboscan.txt s'affichera, envoie ce rapport dans ta future réponse.

Je te repondrais vers début le soirée heure de chez toi ;-)

A++
0
Réponse 12 / 26
perduu
 
ok merci a toi de continuer a m'aider
ComboScan v20070306.20 run by nabila on 2007-03-12 at 15:35:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created ComboScan Restore Point.

-- Last 2 Restore Point(s) --
2: 2007-03-12 14:35:11 UTC - RP2 - ComboScan Restore Point
1: 2007-03-11 13:04:27 UTC - RP1 - Point de vérification système

Performed disk cleanup.

-- HijackThis (run as nabila.exe) ----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 15:35:49, on 12/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\NMain.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Documents and Settings\nabila\Local Settings\Temporary Internet Files\Content.IE5\T0Y2RW9F\comboscan[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\HIJACK~1\nabila.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.videostudiopro.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?590cf60d134545dd8b687c471216aef8
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?590cf60d134545dd8b687c471216aef8
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: OPXPGina - C:\Apps\Softex\OmniPass\opxpgina.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

-- File Associations -----------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3R 3xHybrid (3xHybrid service) - C:\WINDOWS\system32\drivers\3xHybrid.sys
0R agpCPQ (Filtre de bus AGP Compaq) - C:\WINDOWS\system32\drivers\AGPCPQ.SYS
0R alim1541 (Filtre de bus AGP ALI) - C:\WINDOWS\system32\drivers\ALIM1541.SYS
0R amdagp (Pilote de filtre du bus AMD AGP) - C:\WINDOWS\system32\drivers\AMDAGP.SYS
3R Arp1394 (Protocole client ARP 1394) - C:\WINDOWS\system32\drivers\arp1394.sys
3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys
3R ATSWPDRV (AuthenTec TruePrint USB Driver (AES2500)) - C:\WINDOWS\system32\drivers\ATSwpDrv.sys
0R cbidf - C:\WINDOWS\system32\drivers\cbidf2k.sys
3S CCDECODE (Décodeur sous-titre fermé) - C:\WINDOWS\system32\drivers\CCDECODE.sys
0R dac2w2k - C:\WINDOWS\system32\drivers\dac2w2k.sys
1R eeCtrl (Symantec Eraser Control driver) - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys
3R EraserUtilRebootDrv - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
1R ewido anti-spyware 4.0 driver - C:\Program Files\ewido anti-spyware 4.0\guard.sys
3R FETND5BV (VIA Rhine-Family Fast Ethernet Adapter Driver Service) - C:\WINDOWS\system32\drivers\fetnd5bv.sys
3R HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys
3R HidUsb (Pilote de classe HID Microsoft) - C:\WINDOWS\system32\drivers\hidusb.sys
1R ikhfile (File Security Kernel Anti-Spyware Driver) - C:\WINDOWS\system32\drivers\ikhfile.sys
1R ikhlayer (Kernel Anti-Spyware Driver) - C:\WINDOWS\system32\drivers\ikhlayer.sys
3R IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - C:\WINDOWS\system32\drivers\RtkHDAud.Sys
1R intelppm (Pilote de processeur Intel) - C:\WINDOWS\system32\drivers\intelppm.sys
1R kbdhid (Pilote HID de clavier) - C:\WINDOWS\system32\drivers\kbdhid.sys
3S MHNDRV (Pilote MHN) - C:\WINDOWS\system32\drivers\mhndrv.sys
3S mouhid (Pilote HID de souris) - C:\WINDOWS\system32\drivers\mouhid.sys
3S MPE (Filtre BDA MPE) - C:\WINDOWS\system32\drivers\MPE.sys
3S MSTEE (Convertisseur en T/site-à-site de répartition Microsoft) - C:\WINDOWS\system32\drivers\MSTEE.sys
3S NABTSFEC (Codec NABTS/FEC VBI) - C:\WINDOWS\system32\drivers\NABTSFEC.sys
3R NAVENG - C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20070311.021\NAVENG.SYS
3R NAVEX15 - C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20070311.021\NAVEX15.SYS
3S NdisIP (Connection TV/vidéo Microsoft) - C:\WINDOWS\system32\drivers\NdisIP.sys
3R NIC1394 (Pilote réseau 1394) - C:\WINDOWS\system32\drivers\nic1394.sys
0R ohci1394 (Contrôleur hôte compatible IEE 1394 VIA OHCI) - C:\WINDOWS\system32\drivers\ohci1394.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys
3R SAVRT - C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys
1R SAVRTPEL - C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys
0R sisagp (Filtre de bus AGP SIS) - C:\WINDOWS\system32\drivers\SISAGP.SYS
3S SLIP (Détrameur décalage BDA) - C:\WINDOWS\system32\drivers\SLIP.sys
1R SPBBCDrv - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys
3S ss_bus (SAMSUNG Mobile USB Device 1.0 driver (WDM)) - C:\WINDOWS\system32\drivers\ss_bus.sys
3S ss_mdfl (SAMSUNG Mobile USB Modem 1.0 Filter) - C:\WINDOWS\system32\drivers\ss_mdfl.sys
3S ss_mdm (SAMSUNG Mobile USB Modem 1.0 Drivers) - C:\WINDOWS\system32\drivers\ss_mdm.sys
3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\StreamIP.sys
3R SYMDNS - C:\WINDOWS\system32\drivers\symdns.sys
3R SymEvent - C:\Program Files\Symantec\SYMEVENT.SYS
3R SYMFW - C:\WINDOWS\system32\drivers\symfw.sys
3R SYMIDS - C:\WINDOWS\system32\drivers\symids.sys
3R SYMIDSCO - C:\Program Files\Fichiers communs\Symantec Shared\SymcData\idsdefs\20070308.001\SymIDSCo.sys
2R symlcbrd - C:\WINDOWS\system32\drivers\symlcbrd.sys
3R SYMNDIS - C:\WINDOWS\system32\drivers\symndis.sys
3R SYMREDRV - C:\WINDOWS\system32\drivers\symredrv.sys
1R SYMTDI - C:\WINDOWS\system32\drivers\symtdi.sys
3R usbccgp (Pilote parent générique USB Microsoft) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0) - C:\WINDOWS\system32\drivers\usbehci.sys
3S usbohci (Pilote miniport de contrôleur hôte ouvert USB Microsoft) - C:\WINDOWS\system32\drivers\usbohci.sys
3R USBSTOR (Pilote de stockage de masse USB) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
0R viaagp (Filtre de bus AGP VIA) - C:\WINDOWS\system32\drivers\VIAAGP.SYS
0S viamraid - C:\WINDOWS\system32\drivers\viamraid.sys
3R wanatw (WAN Miniport (ATW)) - C:\WINDOWS\system32\drivers\wanatw4.sys
3S WSTCODEC (Codec Teletext standard) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3R X10Hid (X10 Hid Device) - C:\WINDOWS\system32\drivers\x10hid.sys
3S XUIF (X10 USB Wireless Transceiver) - C:\WINDOWS\system32\drivers\x10ufx2.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

2R AOL ACS (AOL Connectivity Service) - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
3S aspnet_state (Service d'état ASP.NET) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2R Ati HotKey Poller - C:\WINDOWS\system32\Ati2evxx.exe
2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"
3S ccISPwdSvc (Symantec Internet Security Password Validation) - "C:\Program Files\Norton Internet Security\ccPwdSvc.exe"
2R ccProxy (Symantec Network Proxy) - "C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe"
2R ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe"
3S clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
3S comHost (COM Host) - "C:\Program Files\Norton Internet Security\comHost.exe"
2R ehRecvr (Media Center Receiver Service) - C:\WINDOWS\eHome\ehRecvr.exe
2R ehSched (Service de planification Media Center) - C:\WINDOWS\eHome\ehSched.exe
2R ewido anti-spyware 4.0 guard - C:\Program Files\ewido anti-spyware 4.0\guard.exe
3S gusvc (Google Updater Service) - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
3S IDriverT (InstallDriver Table Manager) - "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"
2R ioloDMV (iolo DMV Service) - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
3S LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
2R McrdSvc (Media Center Extender Service) - C:\WINDOWS\ehome\mcrdsvc.exe
3S MHN - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R navapsvc (Service Norton AntiVirus Auto-Protect) - "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"
3R NSCService (Norton Protection Center Service) - "C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE"
2R omniserv (Softex OmniPass Service) - C:\Apps\Softex\OmniPass\Omniserv.exe
2R Planificateur LiveUpdate automatique - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
3S SAVScan (Symantec AVScan) - "C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe"
2R SNDSrvc (Symantec Network Drivers Service) - "C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe"
2R SPBBCSvc (Symantec SPBBCSvc) - "C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe"
2R Symantec Core LC - "C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe"
2R UleadBurningHelper (Ulead Burning Helper) - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
2R USBDeviceService - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
3R usnsvc (Service Messenger Sharing USN Journal Reader) - C:\WINDOWS\system32\svchost.exe -k usnsvc
2R x10nets (X10 Device Network Service) - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

-- Scheduled Tasks -------------------------------------------------------------

2007-03-12 15:11:01 358 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job<CHECKU~1.JOB>
2007-03-10 18:43:32 586 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - nabila.job<NORTON~1.JOB>

-- Files created between 2007-02-12 and 2007-03-12 -----------------------------

2007-03-12 15:35:04 0 d-------- D:\ComboScan<COMBOS~1>
2007-03-12 15:20:58 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1>
2007-03-12 15:20:57 0 d-------- C:\WINDOWS\LastGood
2007-03-12 11:44:07 0 d-------- C:\WINDOWS\AU_Temp
2007-03-10 18:40:52 0 d-------- D:\Documents and Settings\nabila\Application Data\Symantec
2007-03-10 18:33:13 87768 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-03-10 18:33:13 108168 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-03-10 17:24:24 155648 --a------ C:\WINDOWS\system32\ssleay32.dll
2007-03-10 17:24:24 696320 --a------ C:\WINDOWS\system32\libeay32.dll
2007-03-10 17:24:23 0 d-------- D:\Documents and Settings\LocalService\Application Data\iolo
2007-03-10 17:24:21 25264 --a------ C:\WINDOWS\system32\smrgdf.exe
2007-03-10 17:24:21 41472 --a------ C:\WINDOWS\system32\iolobtdfg.exe<IOLOBT~1.EXE>
2007-03-10 17:24:21 436840 --a------ C:\WINDOWS\system32\Incinerator.dll<INCINE~1.DLL>
2007-03-10 17:24:19 0 d-------- C:\Program Files\iolo
2007-03-10 17:23:43 0 d-------- D:\Documents and Settings\nabila\Application Data\iolo
2007-03-10 17:23:43 0 d-------- D:\Documents and Settings\All Users\Application Data\iolo
2007-03-10 15:08:55 0 d-------- D:\Documents and Settings\nabila\.housecall6.6<HOUSEC~1.6>
2007-03-09 22:34:22 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-03-09 15:11:49 0 d-------- C:\WINDOWS\BDOSCAN8
2007-03-08 20:32:35 0 d-------- C:\Program Files\ewido anti-spyware 4.0<EWIDOA~1.0>
2007-03-08 19:13:07 0 d-------- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
2007-03-08 19:08:52 0 d-------- D:\Documents and Settings\nabila\Application Data\Lavasoft
2007-03-08 19:08:49 0 d-------- C:\Program Files\Lavasoft
2007-03-08 17:54:30 0 d-a------ D:\Documents and Settings\All Users\Application Data\TEMP
2007-03-08 17:54:29 51072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys
2007-03-08 17:54:29 30592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys
2007-03-08 17:54:24 0 d-------- D:\Documents and Settings\nabila\Application Data\PC Tools<PCTOOL~1>
2007-03-08 17:42:05 0 d-------- D:\Documents and Settings\All Users\Application Data\Yahoo!
2007-03-08 17:16:49 0 d-------- C:\WINDOWS\report
2007-03-08 17:15:40 0 d-------- C:\WINDOWS\AU_Backup<AU_BAC~1>
2007-03-08 17:15:39 1101904 --a------ C:\WINDOWS\vsapi32.dll
2007-03-08 17:15:39 229957 --a------ C:\WINDOWS\tsc.exe
2007-03-08 17:15:39 71749 --a------ C:\WINDOWS\hcextoutput.dll<HCEXTO~1.DLL>
2007-03-08 17:15:39 86094 --a------ C:\WINDOWS\BPMNT.dll
2007-03-08 17:14:57 0 d-------- C:\WINDOWS\AU_Log
2007-03-08 17:14:53 69689 --a------ C:\WINDOWS\UNZIP.DLL
2007-03-08 17:14:53 507904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-03-08 17:14:53 286720 --a------ C:\WINDOWS\PATCH.EXE
2007-03-08 16:55:17 0 d-------- C:\Program Files\Grisoft
2007-03-08 12:17:03 0 d-------- C:\Program Files\a-squared Anti-Malware<A-SQUA~1>
2007-03-06 23:28:13 0 d-------- C:\Program Files\Seagate
2007-03-06 19:18:10 0 d-------- D:\Documents and Settings\All Users\Application Data\Yahoo! Companion<YAHOO!~1>
2007-03-06 19:16:34 0 d-------- C:\Program Files\Yahoo!
2007-03-06 19:16:24 0 d-------- C:\Program Files\CCleaner
2007-03-05 19:19:17 0 d-------- C:\Program Files\Pando Networks<PANDON~1>
2007-03-05 18:18:07 0 d-------- C:\Program Files\RegCleaner<REGCLE~1>
2007-02-24 21:09:53 2308 --a------ C:\WINDOWS\mozver.dat
2007-02-18 21:48:16 0 d-------- C:\Program Files\WinAVIVideoConverter<WINAVI~1>
2007-02-15 19:59:19 0 d-------- D:\Documents and Settings\Nabila_2\Application Data\Real
2007-02-14 20:17:34 0 d-------- D:\Documents and Settings\nabila\Application Data\Talkback
2007-02-14 19:59:57 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-14 19:57:17 0 d-------- C:\Program Files\Fichiers communs\xing shared<XINGSH~1>
2007-02-14 19:56:19 0 d-------- D:\Documents and Settings\nabila\Application Data\Real
2007-02-14 19:50:25 0 d-------- D:\Documents and Settings\All Users\Application Data\FreeTest
2007-02-14 03:01:18 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1>
2007-02-12 17:22:48 538256 --a------ C:\WINDOWS\system32\SymNeti.dll
2007-02-12 17:22:46 161424 --a------ C:\WINDOWS\system32\SymRedir.dll
2007-02-12 17:22:40 196752 --a------ C:\WINDOWS\system32\drivers\symtdi.sys
2007-02-12 17:22:36 24720 --a------ C:\WINDOWS\system32\drivers\symredrv.sys
2007-02-12 17:22:30 31888 --a------ C:\WINDOWS\system32\drivers\symids.sys
2007-02-12 17:22:26 28304 --a------ C:\WINDOWS\system32\drivers\symndis.sys
2007-02-12 17:22:20 110736 --a------ C:\WINDOWS\system32\drivers\symfw.sys
2007-02-12 17:22:16 12944 --a------ C:\WINDOWS\system32\drivers\symdns.sys

-- Find3M Report ---------------------------------------------------------------

2007-03-12 15:35:37 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared<SYMANT~1>
2007-03-11 01:33:19 0 d-------- C:\Program Files\eChanblard<ECHANB~1>
2007-03-10 18:58:43 0 d-------- C:\Program Files\Ashampoo
2007-03-10 18:53:45 0 d-------- C:\Program Files\Norton Internet Security<NORTON~1>
2007-03-10 18:46:27 0 d-------- C:\Program Files\Symantec
2007-03-10 18:46:09 0 d-------- C:\Program Files\Fichiers communs<FICHIE~1>
2007-03-08 18:10:07 0 d-------- C:\Program Files\Spyware Doctor<SPYWAR~1>
2007-03-08 16:59:27 0 d---s---- D:\Documents and Settings\nabila\Application Data\Microsoft<MICROS~1>
2007-03-06 22:46:24 468490 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-03-06 22:46:24 75506 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-02-28 11:36:46 0 d-------- D:\Documents and Settings\nabila\Application Data\AdobeUM
2007-02-27 17:59:25 0 d-------- D:\Documents and Settings\nabila\Application Data\Adobe
2007-02-24 21:14:36 0 d-------- C:\Program Files\DivX
2007-02-24 21:10:02 0 d-------- C:\Program Files\Google
2007-02-17 13:07:46 0 d-------- D:\Documents and Settings\nabila\Application Data\Ahead
2007-02-14 20:16:44 0 d-------- D:\Documents and Settings\nabila\Application Data\Mozilla
2007-02-14 19:57:14 0 d-------- C:\Program Files\Fichiers communs\Real
2007-02-11 19:42:40 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-11 17:54:18 0 d-------- C:\Program Files\Ahead
2007-02-11 17:54:15 0 d-------- C:\Program Files\Fichiers communs\Ahead
2007-02-07 16:50:52 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-02-05 12:26:53 0 d-------- D:\Documents and Settings\nabila\Application Data\CyberLink<CYBERL~1>
2007-02-04 20:37:57 0 d-------- C:\Program Files\Microsoft Games<MICROS~2>
2007-02-04 19:46:24 0 d-------- C:\Program Files\EZFace
2007-02-04 18:44:24 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1>
2007-02-04 18:44:24 0 d-------- C:\Program Files\Windows Live Toolbar<WI81E8~1>
2007-02-04 18:44:23 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-04 18:44:23 0 d-------- C:\Program Files\AOL 9.0<AOL9~1.0>
2007-02-04 01:02:56 0 d-------- C:\Program Files\Freeplayer<FREEPL~1>
2007-02-03 23:50:56 0 d-------- C:\Program Files\VideoLAN
2007-01-31 23:56:24 0 d-------- D:\Documents and Settings\nabila\Application Data\vlc
2007-01-30 06:03:34 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-01-30 06:03:34 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe
2007-01-29 09:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-20 21:49:27 0 d-------- D:\Documents and Settings\nabila\Application Data\AVG7
2007-01-15 17:46:46 0 d-------- D:\Documents and Settings\nabila\Application Data\Google
2007-01-14 18:21:05 0 d-------- D:\Documents and Settings\nabila\Application Data\VadeRetro<VADERE~1>
2007-01-14 17:02:13 0 d-------- C:\Program Files\MuleMRTG
2007-01-13 02:16:54 0 d-------- C:\Program Files\Fichiers communs\System
2007-01-12 14:06:09 0 d-------- C:\Program Files\Fichiers communs\Microsoft Shared<MICROS~1>
2007-01-12 14:05:45 0 d-------- C:\Program Files\MSN Messenger<MSNMES~1>
2007-01-12 12:57:25 0 d-------- D:\Documents and Settings\nabila\Application Data\Macromedia<MACROM~1>
2007-01-12 12:57:25 0 d-------- C:\Program Files\Free
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-11 19:12:08 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-01-10 13:45:16 2048 --a------ D:\Documents and Settings\nabila\Application Data\user60.rdb
2007-01-10 13:45:12 112 --a------ D:\Documents and Settings\nabila\Application Data\sversion.ini
2007-01-10 13:43:15 77824 --a------ C:\WINDOWS\uinst001.exe
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-12-19 22:49:47 135168 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 19:17:50 334336 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-19 19:12:00 0 --a------ C:\WINDOWS\system32\bn.dll
2006-12-19 18:34:03 161520 --a------ C:\WINDOWS\Screen Recorder Pro Uninstaller.exe<SCREEN~1.EXE>

-- Registry Dump ---------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"SmpcSys"="C:\\APPS\\SMP\\SmpSys.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\""
"updateMgr"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
"Pando"="\"C:\\Program Files\\Pando Networks\\Pando\\pando.exe\" /Minimized"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"Alcmtr"="ALCMTR.EXE"
"NECHotkey"="mHotkey.exe"
"ATICCC"="\"c:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"ATSwpNav"="\"C:\\Program Files\\Fingerprint Sensor\\ATSwpNav\" -run"
"Vade Retro Outlook Express"="\"C:\\PROGRA~1\\GOTOSO~1\\VADERE~1\\Vaderetro_oe.exe\""
"DetectorApp"="C:\\Program Files\\Sonic\\DigitalMedia LE v7\\MyDVD LE\\DetectorApp.exe"
"OmniPass"="C:\\Apps\\Softex\\OmniPass\\scureapp.exe"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32\""
"BOOT"="C:\\Program Files\\ISSENDIS\\ISSENDIS WebUpdate v6\\issendiswebupdatev6.exe /BOOT"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"a-squared"="\"C:\\Program Files\\a-squared Anti-Malware\\a2guard.exe\""
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"OoPDFSettingsv6.exe"="C:\\Program Files\\OFFICE One6.5\\OFFICE One PDF Manager\\OoPDFSettingsv6.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_COMHOST

-- End of ComboScan: finished at 2007-03-12 at 15:36:23 ------------------------
0
Réponse 13 / 26
Utilisateur anonyme
 
Je pense qu'il va te falloir réparer Windows.
As-tu ton CD XP ?
0
Réponse 14 / 26
perduu
 
non ya pas de cd , je l'ai acheter fin decembre tout etait deja pre-installer
0
Réponse 15 / 26
Utilisateur anonyme
 
Aec le rapport ComboScan tu n'avais pas un rapport complémentaire ou une suite ?

Clic sur démarrer, poste de travail, clic droit sur C:, propriétés, onglet "outils" vérifier maintenant coche les deux cases puis choisis "redémarrer maintenant"

Laisse Windows redémarré puis Windows va chercher des eventuelles erreurs.
Puis essai à nouveau d'accèder à ton poste de travail.
0
Réponse 16 / 26
perduu
 
j'ai fait comme tu m'as dit pour la verification du systeme mais ça ne marche toujours pas , mon bureau disparait puis reapparait 2seconde plus tard quand je clic sur mon poste de travail
j'ai refait une analyse avec comboscan voila le rapport
ComboScan v20070306.20 run by nabila on 2007-03-12 at 19:21:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as nabila.exe) ----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 19:21:57, on 12/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
D:\Documents and Settings\nabila\Local Settings\Temporary Internet Files\Content.IE5\QESZ2DHH\comboscan[1].exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\PROGRA~1\HIJACK~1\nabila.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.videostudiopro.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?590cf60d134545dd8b687c471216aef8
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?590cf60d134545dd8b687c471216aef8
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://bitdefender.solutions-antivirus.com/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: OPXPGina - C:\Apps\Softex\OmniPass\opxpgina.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

-- Files created between 2007-02-12 and 2007-03-12 -----------------------------

2007-03-12 15:35:04 0 d-------- D:\ComboScan<COMBOS~1>
2007-03-12 15:20:58 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1>
2007-03-12 11:44:07 0 d-------- C:\WINDOWS\AU_Temp
2007-03-10 18:40:52 0 d-------- D:\Documents and Settings\nabila\Application Data\Symantec
2007-03-10 18:33:13 87768 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-03-10 18:33:13 108168 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-03-10 17:24:24 155648 --a------ C:\WINDOWS\system32\ssleay32.dll
2007-03-10 17:24:24 696320 --a------ C:\WINDOWS\system32\libeay32.dll
2007-03-10 17:24:23 0 d-------- D:\Documents and Settings\LocalService\Application Data\iolo
2007-03-10 17:24:21 25264 --a------ C:\WINDOWS\system32\smrgdf.exe
2007-03-10 17:24:21 41472 --a------ C:\WINDOWS\system32\iolobtdfg.exe<IOLOBT~1.EXE>
2007-03-10 17:24:21 436840 --a------ C:\WINDOWS\system32\Incinerator.dll<INCINE~1.DLL>
2007-03-10 17:24:19 0 d-------- C:\Program Files\iolo
2007-03-10 17:23:43 0 d-------- D:\Documents and Settings\nabila\Application Data\iolo
2007-03-10 17:23:43 0 d-------- D:\Documents and Settings\All Users\Application Data\iolo
2007-03-10 15:08:55 0 d-------- D:\Documents and Settings\nabila\.housecall6.6<HOUSEC~1.6>
2007-03-09 22:34:22 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-03-09 15:11:49 0 d-------- C:\WINDOWS\BDOSCAN8
2007-03-08 20:32:35 0 d-------- C:\Program Files\ewido anti-spyware 4.0<EWIDOA~1.0>
2007-03-08 19:13:07 0 d-------- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
2007-03-08 19:08:52 0 d-------- D:\Documents and Settings\nabila\Application Data\Lavasoft
2007-03-08 19:08:49 0 d-------- C:\Program Files\Lavasoft
2007-03-08 17:54:30 0 d-a------ D:\Documents and Settings\All Users\Application Data\TEMP
2007-03-08 17:54:29 51072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys
2007-03-08 17:54:29 30592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys
2007-03-08 17:54:24 0 d-------- D:\Documents and Settings\nabila\Application Data\PC Tools<PCTOOL~1>
2007-03-08 17:42:05 0 d-------- D:\Documents and Settings\All Users\Application Data\Yahoo!
2007-03-08 17:16:49 0 d-------- C:\WINDOWS\report
2007-03-08 17:15:40 0 d-------- C:\WINDOWS\AU_Backup<AU_BAC~1>
2007-03-08 17:15:39 1101904 --a------ C:\WINDOWS\vsapi32.dll
2007-03-08 17:15:39 229957 --a------ C:\WINDOWS\tsc.exe
2007-03-08 17:15:39 71749 --a------ C:\WINDOWS\hcextoutput.dll<HCEXTO~1.DLL>
2007-03-08 17:15:39 86094 --a------ C:\WINDOWS\BPMNT.dll
2007-03-08 17:14:57 0 d-------- C:\WINDOWS\AU_Log
2007-03-08 17:14:53 69689 --a------ C:\WINDOWS\UNZIP.DLL
2007-03-08 17:14:53 507904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-03-08 17:14:53 286720 --a------ C:\WINDOWS\PATCH.EXE
2007-03-08 16:55:17 0 d-------- C:\Program Files\Grisoft
2007-03-08 12:17:03 0 d-------- C:\Program Files\a-squared Anti-Malware<A-SQUA~1>
2007-03-06 23:28:13 0 d-------- C:\Program Files\Seagate
2007-03-06 19:18:10 0 d-------- D:\Documents and Settings\All Users\Application Data\Yahoo! Companion<YAHOO!~1>
2007-03-06 19:16:34 0 d-------- C:\Program Files\Yahoo!
2007-03-06 19:16:24 0 d-------- C:\Program Files\CCleaner
2007-03-05 19:19:17 0 d-------- C:\Program Files\Pando Networks<PANDON~1>
2007-03-05 18:18:07 0 d-------- C:\Program Files\RegCleaner<REGCLE~1>
2007-02-24 21:09:53 2308 --a------ C:\WINDOWS\mozver.dat
2007-02-18 21:48:16 0 d-------- C:\Program Files\WinAVIVideoConverter<WINAVI~1>
2007-02-15 19:59:19 0 d-------- D:\Documents and Settings\Nabila_2\Application Data\Real
2007-02-14 20:17:34 0 d-------- D:\Documents and Settings\nabila\Application Data\Talkback
2007-02-14 19:59:57 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-14 19:57:17 0 d-------- C:\Program Files\Fichiers communs\xing shared<XINGSH~1>
2007-02-14 19:56:19 0 d-------- D:\Documents and Settings\nabila\Application Data\Real
2007-02-14 19:50:25 0 d-------- D:\Documents and Settings\All Users\Application Data\FreeTest
2007-02-14 03:01:18 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1>
2007-02-12 17:22:48 538256 --a------ C:\WINDOWS\system32\SymNeti.dll
2007-02-12 17:22:46 161424 --a------ C:\WINDOWS\system32\SymRedir.dll
2007-02-12 17:22:40 196752 --a------ C:\WINDOWS\system32\drivers\symtdi.sys
2007-02-12 17:22:36 24720 --a------ C:\WINDOWS\system32\drivers\symredrv.sys
2007-02-12 17:22:30 31888 --a------ C:\WINDOWS\system32\drivers\symids.sys
2007-02-12 17:22:26 28304 --a------ C:\WINDOWS\system32\drivers\symndis.sys
2007-02-12 17:22:20 110736 --a------ C:\WINDOWS\system32\drivers\symfw.sys
2007-02-12 17:22:16 12944 --a------ C:\WINDOWS\system32\drivers\symdns.sys

-- Find3M Report ---------------------------------------------------------------

2007-03-12 16:30:44 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared<SYMANT~1>
2007-03-11 01:33:19 0 d-------- C:\Program Files\eChanblard<ECHANB~1>
2007-03-10 18:58:43 0 d-------- C:\Program Files\Ashampoo
2007-03-10 18:53:45 0 d-------- C:\Program Files\Norton Internet Security<NORTON~1>
2007-03-10 18:46:27 0 d-------- C:\Program Files\Symantec
2007-03-10 18:46:09 0 d-------- C:\Program Files\Fichiers communs<FICHIE~1>
2007-03-08 18:10:07 0 d-------- C:\Program Files\Spyware Doctor<SPYWAR~1>
2007-03-08 16:59:27 0 d---s---- D:\Documents and Settings\nabila\Application Data\Microsoft<MICROS~1>
2007-03-06 22:46:24 468490 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-03-06 22:46:24 75506 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-02-28 11:36:46 0 d-------- D:\Documents and Settings\nabila\Application Data\AdobeUM
2007-02-27 17:59:25 0 d-------- D:\Documents and Settings\nabila\Application Data\Adobe
2007-02-24 21:14:36 0 d-------- C:\Program Files\DivX
2007-02-24 21:10:02 0 d-------- C:\Program Files\Google
2007-02-17 13:07:46 0 d-------- D:\Documents and Settings\nabila\Application Data\Ahead
2007-02-14 20:16:44 0 d-------- D:\Documents and Settings\nabila\Application Data\Mozilla
2007-02-14 19:57:14 0 d-------- C:\Program Files\Fichiers communs\Real
2007-02-11 19:42:40 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-11 17:54:18 0 d-------- C:\Program Files\Ahead
2007-02-11 17:54:15 0 d-------- C:\Program Files\Fichiers communs\Ahead
2007-02-07 16:50:52 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-02-05 12:26:53 0 d-------- D:\Documents and Settings\nabila\Application Data\CyberLink<CYBERL~1>
2007-02-04 20:37:57 0 d-------- C:\Program Files\Microsoft Games<MICROS~2>
2007-02-04 19:46:24 0 d-------- C:\Program Files\EZFace
2007-02-04 18:44:24 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1>
2007-02-04 18:44:24 0 d-------- C:\Program Files\Windows Live Toolbar<WI81E8~1>
2007-02-04 18:44:23 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-04 18:44:23 0 d-------- C:\Program Files\AOL 9.0<AOL9~1.0>
2007-02-04 01:02:56 0 d-------- C:\Program Files\Freeplayer<FREEPL~1>
2007-02-03 23:50:56 0 d-------- C:\Program Files\VideoLAN
2007-01-31 23:56:24 0 d-------- D:\Documents and Settings\nabila\Application Data\vlc
2007-01-30 06:03:34 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-01-30 06:03:34 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe
2007-01-29 09:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-20 21:49:27 0 d-------- D:\Documents and Settings\nabila\Application Data\AVG7
2007-01-15 17:46:46 0 d-------- D:\Documents and Settings\nabila\Application Data\Google
2007-01-14 18:21:05 0 d-------- D:\Documents and Settings\nabila\Application Data\VadeRetro<VADERE~1>
2007-01-14 17:02:13 0 d-------- C:\Program Files\MuleMRTG
2007-01-13 02:16:54 0 d-------- C:\Program Files\Fichiers communs\System
2007-01-12 14:06:09 0 d-------- C:\Program Files\Fichiers communs\Microsoft Shared<MICROS~1>
2007-01-12 14:05:45 0 d-------- C:\Program Files\MSN Messenger<MSNMES~1>
2007-01-12 12:57:25 0 d-------- D:\Documents and Settings\nabila\Application Data\Macromedia<MACROM~1>
2007-01-12 12:57:25 0 d-------- C:\Program Files\Free
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-11 19:12:08 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-01-10 13:45:16 2048 --a------ D:\Documents and Settings\nabila\Application Data\user60.rdb
2007-01-10 13:45:12 112 --a------ D:\Documents and Settings\nabila\Application Data\sversion.ini
2007-01-10 13:43:15 77824 --a------ C:\WINDOWS\uinst001.exe
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-12-19 22:49:47 135168 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 19:17:50 334336 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-19 19:12:00 0 --a------ C:\WINDOWS\system32\bn.dll
2006-12-19 18:34:03 161520 --a------ C:\WINDOWS\Screen Recorder Pro Uninstaller.exe<SCREEN~1.EXE>

-- Registry Dump ---------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"SmpcSys"="C:\\APPS\\SMP\\SmpSys.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\""
"updateMgr"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
"Pando"="\"C:\\Program Files\\Pando Networks\\Pando\\pando.exe\" /Minimized"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"Alcmtr"="ALCMTR.EXE"
"NECHotkey"="mHotkey.exe"
"ATICCC"="\"c:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"ATSwpNav"="\"C:\\Program Files\\Fingerprint Sensor\\ATSwpNav\" -run"
"Vade Retro Outlook Express"="\"C:\\PROGRA~1\\GOTOSO~1\\VADERE~1\\Vaderetro_oe.exe\""
"DetectorApp"="C:\\Program Files\\Sonic\\DigitalMedia LE v7\\MyDVD LE\\DetectorApp.exe"
"OmniPass"="C:\\Apps\\Softex\\OmniPass\\scureapp.exe"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32\""
"BOOT"="C:\\Program Files\\ISSENDIS\\ISSENDIS WebUpdate v6\\issendiswebupdatev6.exe /BOOT"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"a-squared"="\"C:\\Program Files\\a-squared Anti-Malware\\a2guard.exe\""
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"OoPDFSettingsv6.exe"="C:\\Program Files\\OFFICE One6.5\\OFFICE One PDF Manager\\OoPDFSettingsv6.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_COMHOST

-- End of ComboScan: finished at 2007-03-12 at 19:22:31 ------------------------
0
Réponse 17 / 26
Utilisateur anonyme
 
- Dis moi tous les logiciels anti-spywares que tu as.

- Prècise si en mode sans echec le problème persiste.
0
Réponse 18 / 26
perduu
 
en mode sans echec ça fonctionne mais pas en mode normal
comme antispyware j'ai :
a-squared , norton , spybot , ewido
mais je ne les ai installé que depuis la decouverte du trojan avant j'avai juste norton 2006
0
Réponse 19 / 26
perduu
 
mais je fais des scan avec secuser , bitfender ,panda , ccleaner et tout et ok , je ne comprend rien
0
Réponse 20 / 26
perduu Messages postés 4 Statut Membre
 
dois-je formater ?? j'espere que non
0

Discussions similaires

Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
PUADlManager:Win32/OfferCore
tenmalade -
tenmalade -

2 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses