Pub intempestives help!
vincccfr
Messages postés
4
Statut
Membre
-
philae83 Messages postés 12854 Statut Contributeur sécurité -
philae83 Messages postés 12854 Statut Contributeur sécurité -
bonjour a tous , voila j'ai des pubs qui apparaissent tres souvent depuis une semaine, pourtant j'ai zone alrm, awast et spyboat, et je n'arrive pas a m'en separer. j'ai effectuer un hitjack , voila ce que cela donne. merci d'avance a ceux qui peuvent m'aider tchao
Logfile of HijackThis v1.99.1
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil
Software\Avast4\ashServ.exe
C:\Program Files\Fichiers
communs\Microsoft
Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.
exe
C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Alcohol Soft\Alcohol
120\StarWind\StarWindService.exe
C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe
C:\Program
Files\Google\GoogleToolbarNotifier\1.2.112
8.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead
Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.
exe
C:\Program Files\Fichiers
communs\Ahead\Lib\NMIndexStoreSvr.ex
e
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
C:\Program Files\Internet
Explorer\IEXPLORE.EXE
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet
Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version
Française\VERSION TRADUITE
ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
https://www.microsoft.com/fr-fr/
157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
https://www.microsoft.com/fr-fr/?ref=go
896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
https://www.microsoft.com/fr-fr/?ref=go
896
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
https://www.microsoft.com/fr-fr/
157
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF
Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0
B3} - C:\Program Files\Fichiers
communs\Adobe\Acrobat\ActiveX\AcroIE
Helper.dll
O2 - BHO: (no name) -
{182B90A3-F372-438A-800C-6814B4DE417
B} - C:\WINDOWS\system32\tuvvttr.dll
O2 - BHO: (no name) -
{57E218E6-5A80-4f0c-AB25-83598F25D7E
9} - C:\WINDOWS\system32\caajoghp.dll
O2 - BHO: (no name) -
{63547608-0E83-4569-87A5-5BA1A6B9D5
CE} - C:\WINDOWS\system32\ddcca.dll
O2 - BHO: Canon Easy Web Print Helper -
{68F9551E-0411-48E4-9AAF-4BC42A6A46B
E} - C:\Program
Files\Canon\Easy-WebPrint\EWPBrowseLoa
der.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D
43} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar
Helper -
{AE7CD045-E861-484f-8273-0445EE161910
} - D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88
} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint -
{327C2873-E90D-4c37-AA9D-10AC9BABA4
6C} - C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF -
{47833539-D0C5-4125-9FA8-0819E2EAAC9
3} - D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F
} - c:\program
files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.
exe
O4 - HKLM\..\Run: [Zone Labs Client]
C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon]
RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStar
tup
O4 - HKLM\..\Run: [Easy PDF Creator]
D:\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [SoundService]
rundll32.exe
"C:\WINDOWS\system32\futewcsr.dll",se
tvm
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-84C7-88
D8A56B10AA}] "C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.112
8.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Ajouter au
fichier PDF existant - res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pend.html
O8 - Extra context menu item: Convertir en
Adobe PDF - res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
pture.html
O8 - Extra context menu item: Convertir la
cible du lien en Adobe PDF -
res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
pture.html
O8 - Extra context menu item: Convertir la
cible du lien en un fichier PDF existant -
res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pend.html
O8 - Extra context menu item: Convertir la
sélection en Adobe PDF - res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
pture.html
O8 - Extra context menu item: Convertir la
sélection en un fichier PDF existant -
res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pend.html
O8 - Extra context menu item: Convertir les
liens sélectionnés en fichier Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
ptureSelLinks.html
O8 - Extra context menu item: Convertir les
liens sélectionnés en un fichier PDF existant
- res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pendSelLinks.html
O8 - Extra context menu item:
Easy-WebPrint Impression rapide -
res://C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll/R
C_HSPrint.html
O8 - Extra context menu item:
Easy-WebPrint Imprimer -
res://C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll/R
C_Print.html
O8 - Extra context menu item:
Easy-WebPrint Prévisualiser -
res://C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll/R
C_Preview.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C60850
1} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java
(Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C60850
1} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263
} - C:\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL]
International*
O16 - DPF:
{1D6711C8-7154-40BB-8380-3DEA45B69CB
F} -
O16 - DPF:
{D27CDB6E-AE6D-11CF-96B8-44455354000
0} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/sh
ockwave/cabs/flash/swflash.cab
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E305202313F
} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
(file missing)
O20 - Winlogon Notify: ddcca -
C:\WINDOWS\system32\ddcca.dll
O20 - Winlogon Notify: tuvvttr -
C:\WINDOWS\SYSTEM32\tuvvttr.dll
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service
(aswUpdSv) - Unknown owner - C:\Program
Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown
owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service
(file missing)
O23 - Service: avast! Web Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service
(file missing)
O23 - Service: FLEXnet Licensing Service -
Macrovision Europe Ltd. - C:\Program
Files\Fichiers communs\Macrovision
Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service
(gusvc) - Google - C:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers
communs\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: NBService - Nero AG -
C:\Program Files\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver
Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service
(StarWindService) - Rocket Division
Software - D:\Alcohol Soft\Alcohol
120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper
(UleadBurningHelper) - Ulead Systems, Inc.
- C:\Program Files\Fichiers communs\Ulead
Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet
Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.
exe
Logfile of HijackThis v1.99.1
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil
Software\Avast4\ashServ.exe
C:\Program Files\Fichiers
communs\Microsoft
Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.
exe
C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Alcohol Soft\Alcohol
120\StarWind\StarWindService.exe
C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe
C:\Program
Files\Google\GoogleToolbarNotifier\1.2.112
8.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead
Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.
exe
C:\Program Files\Fichiers
communs\Ahead\Lib\NMIndexStoreSvr.ex
e
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
C:\Program Files\Internet
Explorer\IEXPLORE.EXE
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet
Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version
Française\VERSION TRADUITE
ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
https://www.microsoft.com/fr-fr/
157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
https://www.microsoft.com/fr-fr/?ref=go
896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
https://www.microsoft.com/fr-fr/?ref=go
896
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
https://www.microsoft.com/fr-fr/
157
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF
Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0
B3} - C:\Program Files\Fichiers
communs\Adobe\Acrobat\ActiveX\AcroIE
Helper.dll
O2 - BHO: (no name) -
{182B90A3-F372-438A-800C-6814B4DE417
B} - C:\WINDOWS\system32\tuvvttr.dll
O2 - BHO: (no name) -
{57E218E6-5A80-4f0c-AB25-83598F25D7E
9} - C:\WINDOWS\system32\caajoghp.dll
O2 - BHO: (no name) -
{63547608-0E83-4569-87A5-5BA1A6B9D5
CE} - C:\WINDOWS\system32\ddcca.dll
O2 - BHO: Canon Easy Web Print Helper -
{68F9551E-0411-48E4-9AAF-4BC42A6A46B
E} - C:\Program
Files\Canon\Easy-WebPrint\EWPBrowseLoa
der.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D
43} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar
Helper -
{AE7CD045-E861-484f-8273-0445EE161910
} - D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88
} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint -
{327C2873-E90D-4c37-AA9D-10AC9BABA4
6C} - C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF -
{47833539-D0C5-4125-9FA8-0819E2EAAC9
3} - D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F
} - c:\program
files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.
exe
O4 - HKLM\..\Run: [Zone Labs Client]
C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon]
RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStar
tup
O4 - HKLM\..\Run: [Easy PDF Creator]
D:\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [SoundService]
rundll32.exe
"C:\WINDOWS\system32\futewcsr.dll",se
tvm
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-84C7-88
D8A56B10AA}] "C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.112
8.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Ajouter au
fichier PDF existant - res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pend.html
O8 - Extra context menu item: Convertir en
Adobe PDF - res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
pture.html
O8 - Extra context menu item: Convertir la
cible du lien en Adobe PDF -
res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
pture.html
O8 - Extra context menu item: Convertir la
cible du lien en un fichier PDF existant -
res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pend.html
O8 - Extra context menu item: Convertir la
sélection en Adobe PDF - res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
pture.html
O8 - Extra context menu item: Convertir la
sélection en un fichier PDF existant -
res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pend.html
O8 - Extra context menu item: Convertir les
liens sélectionnés en fichier Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECa
ptureSelLinks.html
O8 - Extra context menu item: Convertir les
liens sélectionnés en un fichier PDF existant
- res://D:\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAp
pendSelLinks.html
O8 - Extra context menu item:
Easy-WebPrint Impression rapide -
res://C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll/R
C_HSPrint.html
O8 - Extra context menu item:
Easy-WebPrint Imprimer -
res://C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll/R
C_Print.html
O8 - Extra context menu item:
Easy-WebPrint Prévisualiser -
res://C:\Program
Files\Canon\Easy-WebPrint\Toolband.dll/R
C_Preview.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C60850
1} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java
(Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C60850
1} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263
} - C:\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL]
International*
O16 - DPF:
{1D6711C8-7154-40BB-8380-3DEA45B69CB
F} -
O16 - DPF:
{D27CDB6E-AE6D-11CF-96B8-44455354000
0} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/sh
ockwave/cabs/flash/swflash.cab
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E305202313F
} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
(file missing)
O20 - Winlogon Notify: ddcca -
C:\WINDOWS\system32\ddcca.dll
O20 - Winlogon Notify: tuvvttr -
C:\WINDOWS\SYSTEM32\tuvvttr.dll
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service
(aswUpdSv) - Unknown owner - C:\Program
Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown
owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service
(file missing)
O23 - Service: avast! Web Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service
(file missing)
O23 - Service: FLEXnet Licensing Service -
Macrovision Europe Ltd. - C:\Program
Files\Fichiers communs\Macrovision
Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service
(gusvc) - Google - C:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers
communs\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: NBService - Nero AG -
C:\Program Files\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver
Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service
(StarWindService) - Rocket Division
Software - D:\Alcohol Soft\Alcohol
120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper
(UleadBurningHelper) - Ulead Systems, Inc.
- C:\Program Files\Fichiers communs\Ulead
Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet
Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.
exe
A voir également:
- Pub intempestives help!
- Supprimer pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer la pub - Guide
- Musique pub italienne lalala - Forum Musique / Radio / Clip
- Pub par sms - Guide
8 réponses
Bonjour,
télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip sur ton bureau
dézippe le dossier, double-clique sur GenProc.bat
et poste le contenu du rapport qui s'ouvre
Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip sur ton bureau
dézippe le dossier, double-clique sur GenProc.bat
et poste le contenu du rapport qui s'ouvre
Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
Bonjour narco j'ai le meme probleme j'ai des pages cid qui souvre tout le temps voilà le rapport hijackthis. ogfile of HijackThis v1.99.1
Scan saved at 12:04:58, on 29/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program files\Hijackthis\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [anterdrthunkfor] C:\Documents and Settings\All Users\Application Data\MEMO LESS ANTE RDR\soap tool.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [partdvd] C:\DOCUME~1\NADGEM~1\APPLIC~1\ARMYBO~1\Bashamen.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program files\spybotsd\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0A8A4A5-6266-4090-837C-F44BDE8C28C7}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Scan saved at 12:04:58, on 29/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program files\Hijackthis\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [anterdrthunkfor] C:\Documents and Settings\All Users\Application Data\MEMO LESS ANTE RDR\soap tool.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [partdvd] C:\DOCUME~1\NADGEM~1\APPLIC~1\ARMYBO~1\Bashamen.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program files\spybotsd\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0A8A4A5-6266-4090-837C-F44BDE8C28C7}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
j'ai suivi la procedure (sans difficultés tout est tres clair)
voici donc le rapport
VundoFix V6.3.18
Checking Java version...
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Scan started at 13:31:27 29/03/2007
Listing files found while scanning....
C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\caajoghp.dll
C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\futewcsr.dll
C:\WINDOWS\system32\iifdeda.dll
C:\WINDOWS\system32\qomjgdc.dll
C:\WINDOWS\system32\rscwetuf.ini
C:\WINDOWS\system32\ssqolmm.dll
C:\WINDOWS\system32\tuvvttr.dll
C:\WINDOWS\system32\xxyaxww.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\accdd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\caajoghp.dll
C:\WINDOWS\system32\caajoghp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ddcca.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\futewcsr.dll
C:\WINDOWS\system32\futewcsr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifdeda.dll
C:\WINDOWS\system32\iifdeda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomjgdc.dll
C:\WINDOWS\system32\qomjgdc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rscwetuf.ini
C:\WINDOWS\system32\rscwetuf.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqolmm.dll
C:\WINDOWS\system32\ssqolmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvttr.dll
C:\WINDOWS\system32\tuvvttr.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\xxyaxww.dll
C:\WINDOWS\system32\xxyaxww.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\accdd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ddcca.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvttr.dll
C:\WINDOWS\system32\tuvvttr.dll Has been deleted!
Performing Repairs to the registry.
Done!
voici donc le rapport
VundoFix V6.3.18
Checking Java version...
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Scan started at 13:31:27 29/03/2007
Listing files found while scanning....
C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\caajoghp.dll
C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\futewcsr.dll
C:\WINDOWS\system32\iifdeda.dll
C:\WINDOWS\system32\qomjgdc.dll
C:\WINDOWS\system32\rscwetuf.ini
C:\WINDOWS\system32\ssqolmm.dll
C:\WINDOWS\system32\tuvvttr.dll
C:\WINDOWS\system32\xxyaxww.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\accdd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\caajoghp.dll
C:\WINDOWS\system32\caajoghp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ddcca.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\futewcsr.dll
C:\WINDOWS\system32\futewcsr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifdeda.dll
C:\WINDOWS\system32\iifdeda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomjgdc.dll
C:\WINDOWS\system32\qomjgdc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rscwetuf.ini
C:\WINDOWS\system32\rscwetuf.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqolmm.dll
C:\WINDOWS\system32\ssqolmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvttr.dll
C:\WINDOWS\system32\tuvvttr.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\xxyaxww.dll
C:\WINDOWS\system32\xxyaxww.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\accdd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ddcca.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvttr.dll
C:\WINDOWS\system32\tuvvttr.dll Has been deleted!
Performing Repairs to the registry.
Done!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Logfile of HijackThis v1.99.1
Scan saved at 15:59:49, on 29/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\caajoghp.dll (file missing)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {805F3BD7-A8C1-4EA9-B1B5-12F7DCD15970} - C:\WINDOWS\system32\ddcca.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Easy PDF Creator] D:\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\futewcsr.dll",setvm
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 15:59:49, on 29/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\caajoghp.dll (file missing)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {805F3BD7-A8C1-4EA9-B1B5-12F7DCD15970} - C:\WINDOWS\system32\ddcca.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Easy PDF Creator] D:\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\futewcsr.dll",setvm
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
a priori cela fonctionne tres bien , car depuis je n'ai plus de pub. merci beaucoup!!!!
ps: quel est l'interet de passer en mode sans echec?
ps: quel est l'interet de passer en mode sans echec?
