RAPPORT HIJACKTHIS POUR PROBLEME VIRUS
Fermé
metlesbou
Messages postés
63
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
23 décembre 2009
-
26 sept. 2007 à 07:48
metlesbou Messages postés 63 Date d'inscription mardi 17 juillet 2007 Statut Membre Dernière intervention 23 décembre 2009 - 26 sept. 2007 à 15:09
metlesbou Messages postés 63 Date d'inscription mardi 17 juillet 2007 Statut Membre Dernière intervention 23 décembre 2009 - 26 sept. 2007 à 15:09
A voir également:
- RAPPORT HIJACKTHIS POUR PROBLEME VIRUS
- Rapport de stage - Guide
- Tinyurl virus - Forum Virus / Sécurité
- Svchost.exe virus - Guide
- Tlauncher virus ✓ - Forum Jeux vidéo
- 6 proccesus svchost.exe Virus? ✓ - Forum Virus / Sécurité
6 réponses
dyl
Messages postés
94
Date d'inscription
lundi 8 janvier 2007
Statut
Membre
Dernière intervention
27 septembre 2012
33
26 sept. 2007 à 07:50
26 sept. 2007 à 07:50
telecharge avg free il marche meme avec les aures antivirus installlé et regarde ce qu'ill te dis
metlesbou
Messages postés
63
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
23 décembre 2009
10
26 sept. 2007 à 10:43
26 sept. 2007 à 10:43
Merci
voici ce qu'il en est, mais en plus il y a 2 codes suspects:
1- ds C:/programfiles/navilog/navilog1/navilog1.bat,
2- ds C:/System Volume Information/.../A0072140.bat
pour1 et 2 le code suspect est HEUR/Exploit.HTML : je l'ai mis en quarantaine
3- ds C:/System Volume Information/.../A0065496.exe
contient "detection patern of the dropper DR/Agent.bcn.13 mis en quarantaine.
voilà, maintenant qu'estce que je dois faire ?
Merci d'avance
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 10:26:06 26/09/2007
+ Résultat de l'analyse:
C:\Documents and Settings\Agathe\Cookies\agathe@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@www.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@enhance[2].txt -> TrackingCookie.Enhance : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
voici ce qu'il en est, mais en plus il y a 2 codes suspects:
1- ds C:/programfiles/navilog/navilog1/navilog1.bat,
2- ds C:/System Volume Information/.../A0072140.bat
pour1 et 2 le code suspect est HEUR/Exploit.HTML : je l'ai mis en quarantaine
3- ds C:/System Volume Information/.../A0065496.exe
contient "detection patern of the dropper DR/Agent.bcn.13 mis en quarantaine.
voilà, maintenant qu'estce que je dois faire ?
Merci d'avance
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 10:26:06 26/09/2007
+ Résultat de l'analyse:
C:\Documents and Settings\Agathe\Cookies\agathe@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@www.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@enhance[2].txt -> TrackingCookie.Enhance : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Alexis\Cookies\alexis@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Agathe\Cookies\agathe@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Sylvie\Cookies\sylvie@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\ludovic\Cookies\ludovic@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
dyl
Messages postés
94
Date d'inscription
lundi 8 janvier 2007
Statut
Membre
Dernière intervention
27 septembre 2012
33
26 sept. 2007 à 10:46
26 sept. 2007 à 10:46
est ce ue ca va mieux avec ces fichiers en quarantaine
Entre temps j'ai appliqué CCleaner et Spybot. Maintenant je vais refaire un scan antivir car j'ai supprimé Avast, raz le bol !
A tout à l'heure
A tout à l'heure
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
^^Marie^^
Messages postés
113926
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 276
26 sept. 2007 à 11:41
26 sept. 2007 à 11:41
Slt
1- ds C:/programfiles/navilog/navilog1/navilog1.bat,
Tu as utilisé le logiciel de désinfection pour les Pubs ==> Navilog ??? Donc supprime N
AVG ==> ce ne sont que des cookies ==> donc rien de méchant
2- ds C:/System Volume Information/. ==> infection de la resto-système
A++
1- ds C:/programfiles/navilog/navilog1/navilog1.bat,
Tu as utilisé le logiciel de désinfection pour les Pubs ==> Navilog ??? Donc supprime N
AVG ==> ce ne sont que des cookies ==> donc rien de méchant
2- ds C:/System Volume Information/. ==> infection de la resto-système
A++
metlesbou
Messages postés
63
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
23 décembre 2009
10
26 sept. 2007 à 15:09
26 sept. 2007 à 15:09
je vous renvoie un rapport hijackthis pouvez vous me dire si tout est résolu ou non?
merci
Logfile of HijackThis v1.99.1
Scan saved at 15:08:47, on 26/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMOne\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0M2.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe
C:\Program Files\COMOne\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\OrangeHSS\browser\browser.exe
C:\Hijackthis Version Française\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang FR
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] DSLAGENT.EXE USB
O4 - HKLM\..\Run: [GsiFinal] rundll32 gspndll.dll,postInstall final
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus Photo RX600] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0M2.EXE /P24 "EPSON Stylus Photo RX600" /O6 "USB001" /M "Stylus Photo RX600"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\COMOne\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\COMOne\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by134fd.bay134.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{45309E15-71C7-428F-85E3-5361F411D86E}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\COMOne\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
merci
Logfile of HijackThis v1.99.1
Scan saved at 15:08:47, on 26/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMOne\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0M2.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe
C:\Program Files\COMOne\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\OrangeHSS\browser\browser.exe
C:\Hijackthis Version Française\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang FR
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] DSLAGENT.EXE USB
O4 - HKLM\..\Run: [GsiFinal] rundll32 gspndll.dll,postInstall final
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus Photo RX600] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0M2.EXE /P24 "EPSON Stylus Photo RX600" /O6 "USB001" /M "Stylus Photo RX600"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\COMOne\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\COMOne\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by134fd.bay134.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{45309E15-71C7-428F-85E3-5361F411D86E}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\COMOne\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe