Problème Trojan.W32.Looksky
Résolu
sly42
Messages postés
6
Statut
Membre
-
sly42 Messages postés 6 Statut Membre -
sly42 Messages postés 6 Statut Membre -
Bonjour,
J'aurai besoin d'aide pour me débarrasser de trojan.W32.looksky et j'ai vu sur le forum que le problème devait être résolu au cas par cas.
J'ai téléchargé hijackthis avec lequel j'ai créé un rapport comme cela était expliqué sur ce forum.
J'ai également CCleaner et AVG Anti-Spyware mais vu que je ne suis pa très doué en informatique je ne sait pas trop quoi faire de tout ça.
Alors voilà si quelqu'un pouvait m'aider ça serait super sympa.
J'aurai besoin d'aide pour me débarrasser de trojan.W32.looksky et j'ai vu sur le forum que le problème devait être résolu au cas par cas.
J'ai téléchargé hijackthis avec lequel j'ai créé un rapport comme cela était expliqué sur ce forum.
J'ai également CCleaner et AVG Anti-Spyware mais vu que je ne suis pa très doué en informatique je ne sait pas trop quoi faire de tout ça.
Alors voilà si quelqu'un pouvait m'aider ça serait super sympa.
1 réponse
Je suppose qu'il faut que je post le rapport hijackthis alors le voici :
Logfile of HijackThis v1.99.1
Scan saved at 14:12:38, on 30/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec
Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec
Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft
Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Hijackthis Version Française\hijackthis
vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page =
http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&l
id=2
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection
Wizard,ShellNext =
https://register.hp.com/servlet/WebReg.servlets.ProdReg1Servl
et?appID=java_wreg_wreg_genpg&modelID=PN599E&product_full_nam
e=Pavilion%20zd7000&PROD_SERIAL_ID=CNF4440PN9&PURCH_DT_MONTH=
12&PURCH_DT_DAY=23&PURCH_DT_YEAR=2004&gwCountry=FR&language=F
R&prodOS=011
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper -
{02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: metaspinner media GmbH -
{12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} -
C:\PROGRA~1\YETISP~1\IEBUTT~1.DLL
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75}
- C:\Program Files\Fichiers communs\Symantec
Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: MSVPS System -
{208D7BCC-9857-4C9E-823B-D04E72490A67} - C:\WINDOWS\mxduo.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Fichiers communs\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Afficher Norton Toolbar -
{90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program
Files\Fichiers communs\Symantec
Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers
communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program
Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default
Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick
Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP
Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers
communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet
Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program
Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe"
/a /m "C:\Program Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dl
l"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Global Startup: HP Digital Imaging Monitor.lnk =
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program
Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel
- res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth -
C:\Program Files\Belkin\Logiciel
Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Titan Poker -
{49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program
Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker -
{49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program
Files\Titan Poker\casino.exe
O9 - Extra button: (no name) -
{85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online
Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF:
START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
home&locale=FR_FR&c=Q304&bd=pavilion&pf=laptop
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E}
(MetaStreamCtl Class) -
https://components.viewpoint.com/MTSInstallers/MetaStream3.ca
b?url=http://www.astonmartin.com/configurator/db9volante_load
.html
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
(YInstStarter Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_curr
ent.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
(BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: livecall -
{828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj -
{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: wmphost - {2D6A5AE6-B3DB-4669-A540-5C4B0CF630D6}
- C:\WINDOWS\wmphost.dll
O21 - SSODL: wmpdev - {DC17ED02-04E9-4402-83DC-7D9C152C9D25}
- C:\WINDOWS\wmpdev.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program
Files\Fichiers communs\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. -
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown
owner - C:\Program Files\Fichiers communs\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown
owner - C:\Program Files\Fichiers communs\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service
(CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers
communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file
missing)
O23 - Service: COM Host (comHost) - Symantec Corporation -
C:\Program Files\Fichiers communs\Symantec
Shared\VAScanner\comHost.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard
Development Company, L.P. - C:\Program
Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Fichiers
communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD
Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc.
- C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS
(ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton
Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate
Notice Ex) - Unknown owner - C:\Program Files\Fichiers
communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file
missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner -
C:\Program Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe"
/m "C:\Program Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
(file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique -
Symantec Corporation - C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation -
C:\Program Files\Fichiers communs\Symantec
Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) -
Symantec Corporation - C:\Program Files\Fichiers
communs\Symantec Shared\AppCore\AppSvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 14:12:38, on 30/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec
Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec
Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft
Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Hijackthis Version Française\hijackthis
vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page =
http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&l
id=2
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection
Wizard,ShellNext =
https://register.hp.com/servlet/WebReg.servlets.ProdReg1Servl
et?appID=java_wreg_wreg_genpg&modelID=PN599E&product_full_nam
e=Pavilion%20zd7000&PROD_SERIAL_ID=CNF4440PN9&PURCH_DT_MONTH=
12&PURCH_DT_DAY=23&PURCH_DT_YEAR=2004&gwCountry=FR&language=F
R&prodOS=011
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper -
{02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: metaspinner media GmbH -
{12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} -
C:\PROGRA~1\YETISP~1\IEBUTT~1.DLL
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75}
- C:\Program Files\Fichiers communs\Symantec
Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: MSVPS System -
{208D7BCC-9857-4C9E-823B-D04E72490A67} - C:\WINDOWS\mxduo.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Fichiers communs\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Afficher Norton Toolbar -
{90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program
Files\Fichiers communs\Symantec
Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers
communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program
Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default
Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick
Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP
Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers
communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet
Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program
Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe"
/a /m "C:\Program Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dl
l"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Global Startup: HP Digital Imaging Monitor.lnk =
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program
Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel
- res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth -
C:\Program Files\Belkin\Logiciel
Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Titan Poker -
{49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program
Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker -
{49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program
Files\Titan Poker\casino.exe
O9 - Extra button: (no name) -
{85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online
Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF:
START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
home&locale=FR_FR&c=Q304&bd=pavilion&pf=laptop
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E}
(MetaStreamCtl Class) -
https://components.viewpoint.com/MTSInstallers/MetaStream3.ca
b?url=http://www.astonmartin.com/configurator/db9volante_load
.html
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
(YInstStarter Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_curr
ent.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
(BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: livecall -
{828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj -
{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: wmphost - {2D6A5AE6-B3DB-4669-A540-5C4B0CF630D6}
- C:\WINDOWS\wmphost.dll
O21 - SSODL: wmpdev - {DC17ED02-04E9-4402-83DC-7D9C152C9D25}
- C:\WINDOWS\wmpdev.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program
Files\Fichiers communs\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. -
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown
owner - C:\Program Files\Fichiers communs\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown
owner - C:\Program Files\Fichiers communs\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service
(CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers
communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file
missing)
O23 - Service: COM Host (comHost) - Symantec Corporation -
C:\Program Files\Fichiers communs\Symantec
Shared\VAScanner\comHost.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard
Development Company, L.P. - C:\Program
Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Fichiers
communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD
Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc.
- C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS
(ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton
Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate
Notice Ex) - Unknown owner - C:\Program Files\Fichiers
communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file
missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner -
C:\Program Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe"
/m "C:\Program Files\Fichiers communs\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
(file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique -
Symantec Corporation - C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation -
C:\Program Files\Fichiers communs\Symantec
Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) -
Symantec Corporation - C:\Program Files\Fichiers
communs\Symantec Shared\AppCore\AppSvc32.exe
