Poste de travail bloqué, Virus ?
DEBY
-
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
Voilà, depuis une semaine, mon PC commençait à faire des siennes (icônes des dossiers qui changent tout seuls...). Aujourd'hui, c'est un autre problème : lorsque j'essaye d'ouvrir le poste de travail, il reste bloqué sur "Recherche des éléments" puis (pas de réponse). J'ai donc réalisé l'ensemble des conseils donnés dans une partie de ce site, et voici les 3 rapports antivirus qui en sont ressortis... Je voulais donc savoir si qqu'un pensait que cela puisse provenir d'un virus, ou bien si c'est un problème software, voire hardware ?
Merci
Voilà, depuis une semaine, mon PC commençait à faire des siennes (icônes des dossiers qui changent tout seuls...). Aujourd'hui, c'est un autre problème : lorsque j'essaye d'ouvrir le poste de travail, il reste bloqué sur "Recherche des éléments" puis (pas de réponse). J'ai donc réalisé l'ensemble des conseils donnés dans une partie de ce site, et voici les 3 rapports antivirus qui en sont ressortis... Je voulais donc savoir si qqu'un pensait que cela puisse provenir d'un virus, ou bien si c'est un problème software, voire hardware ?
Merci
A voir également:
- Poste de travail bloqué, Virus ?
- Code puk bloqué - Guide
- Téléphone bloqué code verrouillage - Guide
- Pad ordinateur bloqué - Guide
- Virus mcafee - Accueil - Piratage
- Ordinateur bloqué virus - Accueil - Arnaque
2 réponses
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 15:50:45 20/04/2007
+ Résultat de l'analyse:
C:\WINDOWS\system32\ycqgfwqm.exe -> Adware.HotBar : Ignoré.
HKLM\SOFTWARE\Classes\AppID\HbSrv.EXE -> Adware.HotBar : Ignoré.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\HbHostOL.HbMailAnim -> Adware.HotBar : Ignoré.
C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Temp\a3180003.$$$ -> Adware.Minibug : Ignoré.
C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Ignoré.
:mozilla.7:C:\Documents and Settings\Etudiant\Application Data\Mozilla\Firefox\Profiles\qicix96t.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.19:C:\Documents and Settings\Etudiant\Application Data\Mozilla\Firefox\Profiles\qicix96t.default\cookies.txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.11:C:\Documents and Settings\Etudiant\Application Data\Mozilla\Firefox\Profiles\qicix96t.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignoré.
Fin du rapport
BitDefender Online Scanner
Scan report generated at: Fri, Apr 20, 2007 - 17:51:23
Scan path: C:\;D:\;E:\;
Statistics
Time
01:41:15
Files
658091
Folders
11036
Boot Sectors
3
Archives
14743
Packed Files
56127
Results
Identified Viruses
2
Infected Files
3
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
3
Engines Info
Virus Definitions
487023
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Program Files\FastStone Image Viewer\uninst.exe
Infected with: Trojan.Isbar.298
C:\Program Files\FastStone Image Viewer\uninst.exe
Disinfection failed
C:\Program Files\FastStone Image Viewer\uninst.exe
Deleted
C:\System Volume Information\_restore{2CC69CF6-CB31-4C45-9ED3-C237F9A4F64E}\RP533\A0247743.exe
Infected with: Trojan.Isbar.298
C:\System Volume Information\_restore{2CC69CF6-CB31-4C45-9ED3-C237F9A4F64E}\RP533\A0247743.exe
Disinfection failed
C:\System Volume Information\_restore{2CC69CF6-CB31-4C45-9ED3-C237F9A4F64E}\RP533\A0247743.exe
Deleted
C:\WINDOWS\system32\ycqgfwqm.exe
Detected with: Adware.Hotbar.R
C:\WINDOWS\system32\ycqgfwqm.exe
Disinfection failed
C:\WINDOWS\system32\ycqgfwqm.exe
Deleted
Logfile of HijackThis v1.99.1
Scan saved at 18:03:58, on 20/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Philips ToUcam Camera\VProperty.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\system32\XCSyncML.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DeskSlide\DeskSlide.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Caft\caftd.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail-etudiant.grenoble-em.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
O4 - HKLM\..\Run: [XCSyncML] C:\WINDOWS\system32\XCSyncML.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [DeskSlide] C:\Program Files\DeskSlide\DeskSlide.exe -logon -hide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Caftd.exe.lnk = C:\Program Files\Caft\caftd.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: https://el.grenoble-em.com/login/index.php
O15 - Trusted Zone: http://mediaplus.grenoble-em.com
O15 - Trusted Zone: https://www.grenoble-em.com/
O16 - DPF: {06FE035E-08EE-45E6-AEBA-AF58309AD512} (D21313.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21313.CAB
O16 - DPF: {0B8BEA7D-4CF8-4963-87DE-3B78AA1985DB} (D11313.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11313.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {111080FC-A9B6-4FCC-A93E-97107464CFD3} (D41316.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41316.CAB
O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://elearning.grenoble-em.com/mediaplus/Download/inet3.cab
O16 - DPF: {248AB1C0-50DB-4D82-A15D-2E694F30B4E4} (Inet4.CInet4) - http://elearning.grenoble-em.com/mediaplus/Download/inet4.cab
O16 - DPF: {268E5AE2-6258-42D8-AAC4-B1D088918AEE} (D21314.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21314.CAB
O16 - DPF: {2C22D0EA-6C5E-42D0-8024-2BD8F37C3E04} (D21315.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21315.CAB
O16 - DPF: {3B5AD116-7561-4983-AEA8-F18C86FBE51C} (D41317.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41317.CAB
O16 - DPF: {4086CE64-0D3A-44AC-B81F-9F7475286967} (D41318.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41318.CAB
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://mediaplus.grenoble-em.com/Download/HtmlHelpViewer.CAB
O16 - DPF: {550C6929-C77A-42D6-A9DF-FA00123C836A} (D41313.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41313.CAB
O16 - DPF: {58704D08-CAAC-4105-9DFB-7E6FF3F94CC0} (D41312.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41312.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://mediaplus.grenoble-em.com/Download/Inet1.CAB
O16 - DPF: {74615031-BE13-4364-A7A7-0CD1412AE189} (D21312.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21312.CAB
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://mediaplus.grenoble-em.com/Download/tsccinst.cab
O16 - DPF: {7C07CCD1-7260-4B46-9786-70AC0873DC10} (D41311.Question0122) - http://mediaplus.grenoble-em.com/Download/413F/D41311.CAB
O16 - DPF: {909A40AE-D613-4C40-B610-F4036023CA20} (D21316.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21316.CAB
O16 - DPF: {957FABBC-B071-4CBD-83B8-99FB236AE1D2} (D41314.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41314.CAB
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://mediaplus.grenoble-em.com/Download/ENIBP.CAB
O16 - DPF: {9F22160C-99E5-4D37-8D86-22E413A96181} (D11315.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11315.cab
O16 - DPF: {A0A6C91F-5D86-4755-8237-759312735F05} (D11311.Module) - http://mediaplus.grenoble-em.com/Download/113F/D11311.CAB
O16 - DPF: {BD417B41-24BF-478C-A4C1-5968B01C82CF} (Inet8.CInet8) - http://elearning.grenoble-em.com/mediaplus/Download/inet8.cab
O16 - DPF: {CD4410E2-B040-4C86-B2B8-1E3E158157F0} (D21311.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21311.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://mediaplus.grenoble-em.com/Download/ENIInetTools.CAB
O16 - DPF: {E330EF64-7E61-4E0C-BB7F-2CC0F986D2B1} (D11314.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11314.cab
O16 - DPF: {E3D5B5B1-B0B1-488C-92BB-7B8E47B0C70A} (D11316.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11316.cab
O16 - DPF: {E5AAE8F3-9FCF-400E-A7CE-407C95F91B7D} (D11312.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11312.cab
O16 - DPF: {FA0C386E-1A08-4629-A267-B40C1624E94A} (Inet6.CInet6) - http://elearning.grenoble-em.com/mediaplus/Download/inet6.cab
O16 - DPF: {FFDF6E35-1CA0-4C82-96A9-5D37C0692ACE} (D41315.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41315.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{CED1DDD8-00D1-4972-B8EE-380B50A5B701}: NameServer = 193.252.19.3,193.252.19.4
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Créateur de rapports d'état Sophos Anti-Virus (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 15:50:45 20/04/2007
+ Résultat de l'analyse:
C:\WINDOWS\system32\ycqgfwqm.exe -> Adware.HotBar : Ignoré.
HKLM\SOFTWARE\Classes\AppID\HbSrv.EXE -> Adware.HotBar : Ignoré.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\HbHostOL.HbMailAnim -> Adware.HotBar : Ignoré.
C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Temp\a3180003.$$$ -> Adware.Minibug : Ignoré.
C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Ignoré.
:mozilla.7:C:\Documents and Settings\Etudiant\Application Data\Mozilla\Firefox\Profiles\qicix96t.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.19:C:\Documents and Settings\Etudiant\Application Data\Mozilla\Firefox\Profiles\qicix96t.default\cookies.txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.11:C:\Documents and Settings\Etudiant\Application Data\Mozilla\Firefox\Profiles\qicix96t.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignoré.
Fin du rapport
BitDefender Online Scanner
Scan report generated at: Fri, Apr 20, 2007 - 17:51:23
Scan path: C:\;D:\;E:\;
Statistics
Time
01:41:15
Files
658091
Folders
11036
Boot Sectors
3
Archives
14743
Packed Files
56127
Results
Identified Viruses
2
Infected Files
3
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
3
Engines Info
Virus Definitions
487023
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Program Files\FastStone Image Viewer\uninst.exe
Infected with: Trojan.Isbar.298
C:\Program Files\FastStone Image Viewer\uninst.exe
Disinfection failed
C:\Program Files\FastStone Image Viewer\uninst.exe
Deleted
C:\System Volume Information\_restore{2CC69CF6-CB31-4C45-9ED3-C237F9A4F64E}\RP533\A0247743.exe
Infected with: Trojan.Isbar.298
C:\System Volume Information\_restore{2CC69CF6-CB31-4C45-9ED3-C237F9A4F64E}\RP533\A0247743.exe
Disinfection failed
C:\System Volume Information\_restore{2CC69CF6-CB31-4C45-9ED3-C237F9A4F64E}\RP533\A0247743.exe
Deleted
C:\WINDOWS\system32\ycqgfwqm.exe
Detected with: Adware.Hotbar.R
C:\WINDOWS\system32\ycqgfwqm.exe
Disinfection failed
C:\WINDOWS\system32\ycqgfwqm.exe
Deleted
Logfile of HijackThis v1.99.1
Scan saved at 18:03:58, on 20/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Philips ToUcam Camera\VProperty.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\system32\XCSyncML.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DeskSlide\DeskSlide.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Caft\caftd.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail-etudiant.grenoble-em.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
O4 - HKLM\..\Run: [XCSyncML] C:\WINDOWS\system32\XCSyncML.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [DeskSlide] C:\Program Files\DeskSlide\DeskSlide.exe -logon -hide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Caftd.exe.lnk = C:\Program Files\Caft\caftd.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: https://el.grenoble-em.com/login/index.php
O15 - Trusted Zone: http://mediaplus.grenoble-em.com
O15 - Trusted Zone: https://www.grenoble-em.com/
O16 - DPF: {06FE035E-08EE-45E6-AEBA-AF58309AD512} (D21313.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21313.CAB
O16 - DPF: {0B8BEA7D-4CF8-4963-87DE-3B78AA1985DB} (D11313.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11313.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {111080FC-A9B6-4FCC-A93E-97107464CFD3} (D41316.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41316.CAB
O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://elearning.grenoble-em.com/mediaplus/Download/inet3.cab
O16 - DPF: {248AB1C0-50DB-4D82-A15D-2E694F30B4E4} (Inet4.CInet4) - http://elearning.grenoble-em.com/mediaplus/Download/inet4.cab
O16 - DPF: {268E5AE2-6258-42D8-AAC4-B1D088918AEE} (D21314.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21314.CAB
O16 - DPF: {2C22D0EA-6C5E-42D0-8024-2BD8F37C3E04} (D21315.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21315.CAB
O16 - DPF: {3B5AD116-7561-4983-AEA8-F18C86FBE51C} (D41317.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41317.CAB
O16 - DPF: {4086CE64-0D3A-44AC-B81F-9F7475286967} (D41318.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41318.CAB
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://mediaplus.grenoble-em.com/Download/HtmlHelpViewer.CAB
O16 - DPF: {550C6929-C77A-42D6-A9DF-FA00123C836A} (D41313.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41313.CAB
O16 - DPF: {58704D08-CAAC-4105-9DFB-7E6FF3F94CC0} (D41312.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41312.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://mediaplus.grenoble-em.com/Download/Inet1.CAB
O16 - DPF: {74615031-BE13-4364-A7A7-0CD1412AE189} (D21312.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21312.CAB
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://mediaplus.grenoble-em.com/Download/tsccinst.cab
O16 - DPF: {7C07CCD1-7260-4B46-9786-70AC0873DC10} (D41311.Question0122) - http://mediaplus.grenoble-em.com/Download/413F/D41311.CAB
O16 - DPF: {909A40AE-D613-4C40-B610-F4036023CA20} (D21316.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21316.CAB
O16 - DPF: {957FABBC-B071-4CBD-83B8-99FB236AE1D2} (D41314.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41314.CAB
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://mediaplus.grenoble-em.com/Download/ENIBP.CAB
O16 - DPF: {9F22160C-99E5-4D37-8D86-22E413A96181} (D11315.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11315.cab
O16 - DPF: {A0A6C91F-5D86-4755-8237-759312735F05} (D11311.Module) - http://mediaplus.grenoble-em.com/Download/113F/D11311.CAB
O16 - DPF: {BD417B41-24BF-478C-A4C1-5968B01C82CF} (Inet8.CInet8) - http://elearning.grenoble-em.com/mediaplus/Download/inet8.cab
O16 - DPF: {CD4410E2-B040-4C86-B2B8-1E3E158157F0} (D21311.Module) - http://mediaplus.grenoble-em.com/Download/213F/D21311.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://mediaplus.grenoble-em.com/Download/ENIInetTools.CAB
O16 - DPF: {E330EF64-7E61-4E0C-BB7F-2CC0F986D2B1} (D11314.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11314.cab
O16 - DPF: {E3D5B5B1-B0B1-488C-92BB-7B8E47B0C70A} (D11316.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11316.cab
O16 - DPF: {E5AAE8F3-9FCF-400E-A7CE-407C95F91B7D} (D11312.Module) - http://elearning.grenoble-em.com/mediaplus/Download/113F/d11312.cab
O16 - DPF: {FA0C386E-1A08-4629-A267-B40C1624E94A} (Inet6.CInet6) - http://elearning.grenoble-em.com/mediaplus/Download/inet6.cab
O16 - DPF: {FFDF6E35-1CA0-4C82-96A9-5D37C0692ACE} (D41315.Module) - http://mediaplus.grenoble-em.com/Download/413F/D41315.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{CED1DDD8-00D1-4972-B8EE-380B50A5B701}: NameServer = 193.252.19.3,193.252.19.4
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Créateur de rapports d'état Sophos Anti-Virus (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Bienvenue sur le forum d’entraide de CommentCaMarche.net
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Supprime bien tout ce que AVG AS a trouvé !
a+
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Supprime bien tout ce que AVG AS a trouvé !
a+
Donc désolé si je vous ai dérangé pour rien, par contre si il reste une crasse sur l'ordi et que vous voyez ça à travers les rapports, n'hésitez pas à m'en parler.
Merci pour votre aide