Demande assistance virus
Menfire
Messages postés
20
Statut
Membre
-
menfire -
menfire -
Bonjour, A tous et a toutes
Je suis actuellement en grande détresse , mon ordinateur est INCONTROLABLE ; il est représente les symptomes suivants :
-Au bout d'un moment donné je ne peux plus écrire
-IMPOSSIBLE d'ouvrir le menu démarrer il se referme un quart de seconde après
-Lorsque je double clique sur une icone de mon bureau (n'importe laquelle) il m'affiche ses propriétées .
-Mais lorsque je joue a un jeu (Counter-Strike) Il me permet décrire , Mais dans WoW (World of Warcraft) 5 Minutes plus tards je ne peux plus rien faire .
Ceci dit Lorsque je n'execute aucun jeux il ne le fait pas .
Voila en esperant une réponse détaillée de votre part
Je vous souhaite une agréable soirée
Cordialement
Je suis actuellement en grande détresse , mon ordinateur est INCONTROLABLE ; il est représente les symptomes suivants :
-Au bout d'un moment donné je ne peux plus écrire
-IMPOSSIBLE d'ouvrir le menu démarrer il se referme un quart de seconde après
-Lorsque je double clique sur une icone de mon bureau (n'importe laquelle) il m'affiche ses propriétées .
-Mais lorsque je joue a un jeu (Counter-Strike) Il me permet décrire , Mais dans WoW (World of Warcraft) 5 Minutes plus tards je ne peux plus rien faire .
Ceci dit Lorsque je n'execute aucun jeux il ne le fait pas .
Voila en esperant une réponse détaillée de votre part
Je vous souhaite une agréable soirée
Cordialement
A voir également:
- Demande assistance virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Assistance free - Guide
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
54 réponses
Salut, bonjour,
Difficile de te répondre sans connaître exactement ta configuration de ton ordinateur.
Je te suggères de visiter le site Internet "MaConfig" à l'adresse URL : https://www.driverscloud.com/ et de faire le suivant :
1.) Clic sur "Démarrer la détection".
2.) Clic sur "Installation automatique".
3.) Installer et autoriser le programme "ActiveX".
4.) Suivre les instructions d'installation.
5.) L'installation terminée, le site de "MaConfig" te montrera les détails.
6.) Clic sur "Services" en haut à droite dans la barre de navigation.
7.) Choisis après "Publier ma configuration".
8.) Une nouvelle fenêtre s'ouvre. Coches toutes les cases et ensuite tu cliques sur le bouton "Publier".
9.) Une nouvelle fenêtre s'ouvre. Copies le lien et propose-le ici sur le forum.
10.) Attention !!! Le lien n'est disponible que 24 heures sur le serveur. Envoies-moi un message privé pour me prévenir svp.
11.) Connaissant ta configuration il est déjà beaucoup plus facile pour faire un diagnostique.
*********************************************************************************************************************
À première vue, il faudrait avant tout déjà nettoyer ton système des fichiers temporaires et fichiers temporaires Internet. Pour ce faire, télécharges et installes le logiciel "CCleaner", dont voici un didacticiel qui te guideras à travers l'installation et l'utilisation :
http://www.internetmonitor.lu/download/ccleaner_27082006.pdf
2.) Ton disque dur doit avoir au moins 30% d'espace libre pour que Windows puisse travailler convenablent, vérifies cela svp.
Voici un didacticiel qui t'aidera au cas où tu ne saurais comment faire :
http://www.internetmonitor.lu/download/guidededepannage.pdf
A+
Cordialement :
Webwizard
Cordialement :
Webwizard
Difficile de te répondre sans connaître exactement ta configuration de ton ordinateur.
Je te suggères de visiter le site Internet "MaConfig" à l'adresse URL : https://www.driverscloud.com/ et de faire le suivant :
1.) Clic sur "Démarrer la détection".
2.) Clic sur "Installation automatique".
3.) Installer et autoriser le programme "ActiveX".
4.) Suivre les instructions d'installation.
5.) L'installation terminée, le site de "MaConfig" te montrera les détails.
6.) Clic sur "Services" en haut à droite dans la barre de navigation.
7.) Choisis après "Publier ma configuration".
8.) Une nouvelle fenêtre s'ouvre. Coches toutes les cases et ensuite tu cliques sur le bouton "Publier".
9.) Une nouvelle fenêtre s'ouvre. Copies le lien et propose-le ici sur le forum.
10.) Attention !!! Le lien n'est disponible que 24 heures sur le serveur. Envoies-moi un message privé pour me prévenir svp.
11.) Connaissant ta configuration il est déjà beaucoup plus facile pour faire un diagnostique.
*********************************************************************************************************************
À première vue, il faudrait avant tout déjà nettoyer ton système des fichiers temporaires et fichiers temporaires Internet. Pour ce faire, télécharges et installes le logiciel "CCleaner", dont voici un didacticiel qui te guideras à travers l'installation et l'utilisation :
http://www.internetmonitor.lu/download/ccleaner_27082006.pdf
2.) Ton disque dur doit avoir au moins 30% d'espace libre pour que Windows puisse travailler convenablent, vérifies cela svp.
Voici un didacticiel qui t'aidera au cas où tu ne saurais comment faire :
http://www.internetmonitor.lu/download/guidededepannage.pdf
A+
Cordialement :
Webwizard
Cordialement :
Webwizard
2.0.4.12
Système d'exploitation Windows XP Edition familliale (build 2600) Service Pack 2
Navigateur web par défaut: Orange Web
Client e-mail par défaut: Orange Mail
Carte mère SMBios version 2.3
MICRO-STAR INTERNATIONAL CO., LTD MS-6575 3.10
Bios: Phoenix Technologies, LTD 3.06 10/16/2003 taille: 512Kb
Processeur Intel(R) Pentium(R) 4 CPU 2.80GHz (2804Mhz) (L1: 20ko L2: 512ko )
Chipset Northbridge: SiS 651
Southbridge: SiS 5513
Mémoire Barette de 512 Mo None
mémoire windows (cette valeur ne correspond pas exactement à la mémoire totale
physique): 511Mo
Péripheriques IDE ST3120022A 3.06 (ATA, 111.79 Go, tampon: 2 Mo)
Lecteurs CD/DVD HP DVD Writer 300c 9h04 (DVD-ROM Recorder)
SAMSUNG DVD-ROM SD-616E F503 (DVD-ROM)
Disque dur ST3120022A (111.79Go)
Cartes PCI/AGP Stockage
Silicon Integrated Systems [SiS]:5513 [IDE]
Réseau
Silicon Integrated Systems [SiS]:SiS900 PCI Fast Ethernet
Affichage
ATI Technologies Inc:RV280 [Radeon 9200 SE]
ATI Technologies Inc:RV280 [Radeon 9200 SE] (Secondary)
Multimedia
Silicon Integrated Systems [SiS]:AC97 Sound Controller
Ponts
Silicon Integrated Systems [SiS]:651 Host
Silicon Integrated Systems [SiS]:Virtual PCI-to-PCI bridge (AGP): Virtual
PCI-to-PCI bridge (AGP)
Silicon Integrated Systems [SiS]:SiS85C503/5513 (LPC Bridge): SiS85C503/5513
(LPC Bridge)
Communications
Conexant:HSF 56k HSFi Modem: Compaq Stinger
Bus Series
Silicon Integrated Systems [SiS]:FireWire Controller
Silicon Integrated Systems [SiS]:USB 1.0 Controller
Silicon Integrated Systems [SiS]:USB 1.0 Controller
Silicon Integrated Systems [SiS]:USB 1.0 Controller
Silicon Integrated Systems [SiS]:USB 2.0 Controller
Périphérique USB Logitech, Inc. M-UV69a Optical Wheel Mouse (Optical USB Mouse)
Microsoft Corp. Microsoft Wireless Optical Desktop® 2.10
Clavier Compaq PS2 Keyboard (2K - 3)
Microsoft USB Dual Receiver Wireless Keyboard (IntelliType Pro)
Souris Microsoft USB Dual Receiver Wireless Mouse (IntelliPoint)
Souris HID
Ecran(s) Écran Plug-and-Play(Sony Corporation SDM-HS73)
Système d'exploitation Windows XP Edition familliale (build 2600) Service Pack 2
Navigateur web par défaut: Orange Web
Client e-mail par défaut: Orange Mail
Carte mère SMBios version 2.3
MICRO-STAR INTERNATIONAL CO., LTD MS-6575 3.10
Bios: Phoenix Technologies, LTD 3.06 10/16/2003 taille: 512Kb
Processeur Intel(R) Pentium(R) 4 CPU 2.80GHz (2804Mhz) (L1: 20ko L2: 512ko )
Chipset Northbridge: SiS 651
Southbridge: SiS 5513
Mémoire Barette de 512 Mo None
mémoire windows (cette valeur ne correspond pas exactement à la mémoire totale
physique): 511Mo
Péripheriques IDE ST3120022A 3.06 (ATA, 111.79 Go, tampon: 2 Mo)
Lecteurs CD/DVD HP DVD Writer 300c 9h04 (DVD-ROM Recorder)
SAMSUNG DVD-ROM SD-616E F503 (DVD-ROM)
Disque dur ST3120022A (111.79Go)
Cartes PCI/AGP Stockage
Silicon Integrated Systems [SiS]:5513 [IDE]
Réseau
Silicon Integrated Systems [SiS]:SiS900 PCI Fast Ethernet
Affichage
ATI Technologies Inc:RV280 [Radeon 9200 SE]
ATI Technologies Inc:RV280 [Radeon 9200 SE] (Secondary)
Multimedia
Silicon Integrated Systems [SiS]:AC97 Sound Controller
Ponts
Silicon Integrated Systems [SiS]:651 Host
Silicon Integrated Systems [SiS]:Virtual PCI-to-PCI bridge (AGP): Virtual
PCI-to-PCI bridge (AGP)
Silicon Integrated Systems [SiS]:SiS85C503/5513 (LPC Bridge): SiS85C503/5513
(LPC Bridge)
Communications
Conexant:HSF 56k HSFi Modem: Compaq Stinger
Bus Series
Silicon Integrated Systems [SiS]:FireWire Controller
Silicon Integrated Systems [SiS]:USB 1.0 Controller
Silicon Integrated Systems [SiS]:USB 1.0 Controller
Silicon Integrated Systems [SiS]:USB 1.0 Controller
Silicon Integrated Systems [SiS]:USB 2.0 Controller
Périphérique USB Logitech, Inc. M-UV69a Optical Wheel Mouse (Optical USB Mouse)
Microsoft Corp. Microsoft Wireless Optical Desktop® 2.10
Clavier Compaq PS2 Keyboard (2K - 3)
Microsoft USB Dual Receiver Wireless Keyboard (IntelliType Pro)
Souris Microsoft USB Dual Receiver Wireless Mouse (IntelliPoint)
Souris HID
Ecran(s) Écran Plug-and-Play(Sony Corporation SDM-HS73)
Voila , je n'ai pas fais la publication J'ai tout simplement fais copier coller
Merci de votre aide M. Webwizard
Merci de votre aide M. Webwizard
Salut, bonjour,
Apparemment tu disposes d'assez de mémoire vive (RAM), mais il serait préférable d'avoir 1GB de mémoire au minimum pour un ordinateur "Jeux".
Voici le lien d'aide de "WOW" : https://www.wow-europe.com/fr/info/faq/technicalsupport.html
Vérifies svp combien de place libre tu disposes sur ton disque dur, comme mentionné ci-dessus (didacticiel). Contrôle toutes les partitions svp (C, D, E, etc.).
Installes aussi le logiciel "CCleaner", comme mentionné ci-dessus (didacticiel).
Après rends-toi sur les sites suivants et fais un scan gratuit en ligne :
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=in&venid=sym
https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
https://www.emsisoft.com/fr/home/emergencykit/
De cette façon tu sauras si ton système est infecté. Donnes-moi un rapport des scans svp et après on continuera pour résoudre ton problème.
Cordialement :
Webwizard
Apparemment tu disposes d'assez de mémoire vive (RAM), mais il serait préférable d'avoir 1GB de mémoire au minimum pour un ordinateur "Jeux".
Voici le lien d'aide de "WOW" : https://www.wow-europe.com/fr/info/faq/technicalsupport.html
Vérifies svp combien de place libre tu disposes sur ton disque dur, comme mentionné ci-dessus (didacticiel). Contrôle toutes les partitions svp (C, D, E, etc.).
Installes aussi le logiciel "CCleaner", comme mentionné ci-dessus (didacticiel).
Après rends-toi sur les sites suivants et fais un scan gratuit en ligne :
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=in&venid=sym
https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
https://www.emsisoft.com/fr/home/emergencykit/
De cette façon tu sauras si ton système est infecté. Donnes-moi un rapport des scans svp et après on continuera pour résoudre ton problème.
Cordialement :
Webwizard
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour a vous Webwizard
Ma mémoire vivante est de 3,50 GO Et il me reste 711 Mo
Memoire morte 108 Go il me reste 52 , 8 Go
CCleaner a des soucis j'enregistre et en suite il m'ouvre une fenetre il me la ferme j'enregistre etc...
Voila pour mon Scan :
Je suis infécté par le Virus MyWay qui a une dangerosité faible
Cordialement :
Menfire
Ma mémoire vivante est de 3,50 GO Et il me reste 711 Mo
Memoire morte 108 Go il me reste 52 , 8 Go
CCleaner a des soucis j'enregistre et en suite il m'ouvre une fenetre il me la ferme j'enregistre etc...
Voila pour mon Scan :
Je suis infécté par le Virus MyWay qui a une dangerosité faible
Cordialement :
Menfire
Salut, bonjour,
Bizarre que tu n'arrives pas à installer "CCleaner". Ceci donne à penser que ton Windows n'est plus intacte. Il vaudrait mieux peut être de le "réparer" avec le CD d'installation d'origine.
Est-ce que tu as toujours installé les mises à jour de Windows ? Si non, voici le lien pour contrôler :
http://update.microsoft.com/windowsupdate/v6/default.aspx
Pour l'infection de "MyWay" télécharges et installes le logicile "Spyware Terminator".
http://www.spywareterminator.com/
Il t'enlèvera cette bestiole informatique ainsi que d'autres se trouvant sur ton ordinateur.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...
Attention à tous : Téléchargez "Spyware Terminator" seulement de cette adresse mentionnée, il existe un autre logiciel du même nom, téléchargeable à une autre adresse, qui à lui est un "rogue", un faux-antispyware !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...
******************************************************************************
Utilisez "Spyware Terminator" seulement pour décontaminer un ordinateur, car il a un antivirus intégré. Ou il faudra vous défaire de votre antivirus existant, sinon il y aura conflit entre les deux antivirus !!!
Je suggère d'utiliser "Spyware Terminator" seulement pour enlever la contamination et puis de le désinstaller par "Ajout/Suppression de programmes" !!!
************************************************************************************
Donnes-moi de tes nouvelles svp.
Cordialement :
Webwizard
Bizarre que tu n'arrives pas à installer "CCleaner". Ceci donne à penser que ton Windows n'est plus intacte. Il vaudrait mieux peut être de le "réparer" avec le CD d'installation d'origine.
Est-ce que tu as toujours installé les mises à jour de Windows ? Si non, voici le lien pour contrôler :
http://update.microsoft.com/windowsupdate/v6/default.aspx
Pour l'infection de "MyWay" télécharges et installes le logicile "Spyware Terminator".
http://www.spywareterminator.com/
Il t'enlèvera cette bestiole informatique ainsi que d'autres se trouvant sur ton ordinateur.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...
Attention à tous : Téléchargez "Spyware Terminator" seulement de cette adresse mentionnée, il existe un autre logiciel du même nom, téléchargeable à une autre adresse, qui à lui est un "rogue", un faux-antispyware !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...
******************************************************************************
Utilisez "Spyware Terminator" seulement pour décontaminer un ordinateur, car il a un antivirus intégré. Ou il faudra vous défaire de votre antivirus existant, sinon il y aura conflit entre les deux antivirus !!!
Je suggère d'utiliser "Spyware Terminator" seulement pour enlever la contamination et puis de le désinstaller par "Ajout/Suppression de programmes" !!!
************************************************************************************
Donnes-moi de tes nouvelles svp.
Cordialement :
Webwizard
Bonnsoir Web .
J'ai mis a jour mon windows .
Je vais scan a long terme , le scan que j'avais fait etait incomplet.
J'ai aussi un autre soucis Internet explorer ignore ma conexion internet alors que Firefox la considere...
J'ai pas pu répondre plus tot car mon ordinateur a fermé TOUTES mes fenetre Et programme en cours d'éxecution...
Cordialement
J'ai mis a jour mon windows .
Je vais scan a long terme , le scan que j'avais fait etait incomplet.
J'ai aussi un autre soucis Internet explorer ignore ma conexion internet alors que Firefox la considere...
J'ai pas pu répondre plus tot car mon ordinateur a fermé TOUTES mes fenetre Et programme en cours d'éxecution...
Cordialement
J'ai scan mon ordinateur entierement , il comporté les spywear suivants :
trojan / downloader - Spy game (considéré comme tres dangereux mais je doute que ce virus est la cause du dysfonctionnement de mon Ordinateur?)
Quelques Dialers
Et des adwares .
J'attends votre réponse avec impatience L'ami :)
Cordialement :
Menfire
trojan / downloader - Spy game (considéré comme tres dangereux mais je doute que ce virus est la cause du dysfonctionnement de mon Ordinateur?)
Quelques Dialers
Et des adwares .
J'attends votre réponse avec impatience L'ami :)
Cordialement :
Menfire
Voici le rapport que j'ai oublié de le presenter
Logfile of Spyware Terminator v2.0.1.224 (db:1.0.044.807)
Scan Time: 28/12/2007 20:23:38 length: 3429 s
Platform: Windows XP Home Service Pack 2 (WINNT 5.1.2600)
User: Limited
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 146726 (Critical:64)
Filter: No System items, No Safe items
Running Processes
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
aawservice.exe [Lavasoft AB] : C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
CDAC11BA.EXE [Macrovision] : C:\WINDOWS\system32\drivers\CDAC11BA.EXE
FTRTSVC.exe [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
kavsvc.exe ( PID=1528 )
svcntaux.exe [PC Tools] : C:\Program Files\Spyware Doctor\svcntaux.exe
swdsvc.exe [PC Tools] : C:\Program Files\Spyware Doctor\swdsvc.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
SDTrayApp.exe [PC Tools] : C:\Program Files\Spyware Doctor\SDTrayApp.exe
TaskBarIcon.exe [France Télécom R&D] : C:\Program Files\Wanadoo\TaskBarIcon.exe
kav.exe ( PID=2032 )
emule.exe https://www.emule-project.net/home/perl/general.cgi?l=1 : C:\Program Files\eMule\emule.exe
hpqtra08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
WZQKPICK.EXE [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZQKPICK.EXE
GestionnaireInternet.exe [France Télécom R&D] : C:\Program Files\Wanadoo\GestionnaireInternet.exe
ComComp.exe [France Télécom R&D] : C:\Program Files\Wanadoo\ComComp.exe
Toaster.exe [France Telecom R&D] : C:\Program Files\Wanadoo\Toaster.exe
Inactivity.exe : C:\Program Files\Wanadoo\Inactivity.exe
PollingModule.exe : C:\Program Files\Wanadoo\PollingModule.exe
AlertModule.exe : C:\WINDOWS\system32\AlertModule\AlertModule.exe
Watch.exe [France Télécom R&D] : C:\Program Files\Wanadoo\Watch.exe
wuauclt.exe ( PID=3316 )
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://qfr10.hpwis.com/
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride =
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - [My Way] : C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found
02 - BHO: - {{FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
02 - BHO: - {e2e2dd38-d088-4134-82b7-f2ba38496583} - File not found
Toolbars
03 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - [My Way] : C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, I/O Controllers : : svcnet.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RTEGPRS : : C:\Program Files\Fichiers communs\RTE\RTEGPRS.EXE
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOKIT : : C:\Program Files\WANADOO\SHELL.EXE
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eMuleAutoStart : https://www.emule-project.net/home/perl/general.cgi?l=1 : C:\Program Files\eMule\emule.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olympic : : C:\Documents and Settings\Naguib\Application Data\sgrunt\IE4321.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOWATCH : [France Télécom R&D] : C:\Program Files\Wanadoo\Watch.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOTASKBARICON : [France Télécom R&D] : C:\Program Files\Wanadoo\GestMAJ.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VTTimer : : VTTimer.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdateManager : [Sonic Solutions] : C:\Program Files\Fichiers communs\SONIC\UPDATE MANAGER\SGTRAY.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, I/O Controllers : : svcnet.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HPHUPD05 : [Hewlett-Packard] : C:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KAVPersonal50 : [Kaspersky Lab] : C:\Program Files\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL PRO\KAV.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SDTray : [PC Tools] : C:\Program Files\Spyware Doctor\SDTrayApp.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\LSDELETE.EXE
04 - Startup: %START_PROGRAMSALL%\Démarrage\HP Digital Imaging Monitor.lnk [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
04 - Startup: %START_PROGRAMSALL%\Démarrage\WinZip Quick Pick.lnk [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZQKPICK.EXE
Shell Extensions
Extension Affichage Panorama du Panneau de configuration - {42071714-76d4-11d1-8b24-00a0c9068ff3} - : deskpan.dll
- {764BF0E1-F219-11ce-972D-00AA00A14F56} - File not found
- {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - File not found
Barre des tâches et menu Démarrer - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
- {32683183-48a0-441b-a342-7c2a440a9478} - File not found
Comptes d'utilisateurs - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
RecordNow! SendToExt - {DEE12703-6333-4D4E-8F34-738C4DCC2E04} - [Sonic Solutions] : C:\Program Files\RecordNow!\shlext.dll
SampleView - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\WINDOWS\system32\ShellvRTF.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
dBpShell Class - {FED7043D-346A-414D-ACD7-550D052499A7} - : C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll
dMCIShell Class - {2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} - : C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll
IntelliType Pro Zooming Property Page - {97FA8AA2-EE77-4FF2-9449-424D8924EF21} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL
IntelliType Pro Scrolling Property Page - {111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL
IntelliType Pro Key Settings Property Page - {ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL
IntelliType Pro Wireless Control Panel Property Page - {A2569D1F-4E06-43EC-9825-0088B471BE47} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL
Page de propriétés sans fil - {20082881-FC36-4E47-9A7A-644C95FF749F} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL
Page des propriétés de la roulette - {AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL
Page des propriétés des activités - {653DCCC2-13DB-45B2-A389-427885776CFE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLACT.DLL
Page des propriétés des boutons - {124597D8-850A-41AE-849C-017A4FA99CA2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
Services
23 - [Lavasoft AB] : C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
23 - [Sensaura Ltd] : C:\WINDOWS\system32\drivers\ALCXSENS.SYS
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
23 - [Macrovision] : C:\WINDOWS\system32\drivers\CDAC11BA.EXE
23 - [Macrovision Europe Ltd] : C:\WINDOWS\system32\DRIVERS\CDAC15BA.SYS
23 - [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
23 - [Conexant Systems, Inc.] : C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
23 - [Conexant Systems, Inc.] : C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
23 - [PCTools Research Pty Ltd.] : C:\WINDOWS\system32\drivers\ikfilesec.sys
23 - [PCTools Research Pty Ltd.] : C:\WINDOWS\system32\drivers\iksysflt.sys
23 - [PCTools Research Pty Ltd.] : C:\WINDOWS\system32\drivers\iksyssec.sys
23 - [Kaspersky Lab] : C:\Program Files\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL PRO\KAVSVC.EXE
23 - [Kaspersky Lab] : C:\WINDOWS\system32\drivers\kl1.sys
23 - [Kaspersky Labs] : C:\WINDOWS\system32\drivers\klif.sys
23 - [Kaspersky Lab] : C:\WINDOWS\system32\drivers\klmc.sys
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\PCANDIS5.SYS
23 - [Friendly Technologies] : C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS
23 - [Hewlett-Packard Company] : C:\WINDOWS\system32\DRIVERS\PS2.sys
23 - [PC Tools] : C:\Program Files\Spyware Doctor\svcntaux.exe
23 - [PC Tools] : C:\Program Files\Spyware Doctor\swdsvc.exe
23 - [Silicon Integrated Systems Corporation] : C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
23 - [Silicon Integrated Systems Corporation] : C:\WINDOWS\system32\DRIVERS\srvkp.sys
23 - [SiS Corporation] : C:\WINDOWS\system32\DRIVERS\sisnic.sys
23 - [Conexant Systems, Inc.] : C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxsrvc.dll
Threat Files
<180searchAssistant> : C:\StubInstaller.exe
<W95/Bumble> : C:\Program Files\Panda Security\TotalScan\pskavs.dll
<Trojan/Downloader-SPYgame> : C:\WINDOWS\Downloaded Program Files\gsda.dll
Advanced Files Report
%PROGRAMFILES%\Spyware Doctor\smumhook.dll [PC Tools] MD5=EBD7DF944732A7C0B0BD164E95223F5A SIZE=143176
%PROGRAMFILES%\Spyware Doctor\klg.dat [PC Tools] [Spyware Doctor] MD5=6059AAAE94267AAD6A16E0D49F0C22E1 SIZE=99328
%SYSDIR%\Ati2evxx.dll [ATI Technologies Inc.] [ATI External Event Utility for NT, W2K and W9X] MD5=7608E60DBBB49B136823EBA476D72B57 SIZE=86016
%SYSDIR%\Ati2evxx.exe [ATI Technologies Inc.] [ATI External Event Utility for WindowsNT and Windows9X] MD5=74861E44690029BF25A99CF1AADCD8F4 SIZE=385024
%PROGRAMFILES%\Lavasoft\Ad-Aware 2007\aawservice.exe [Lavasoft AB] [Ad-Aware 2007 Service] MD5=25F8546FD40E40EC5A2A23AECAE4FDCA SIZE=587096
%PROGRAMFILES%\Lavasoft\Ad-Aware 2007\Update.dll [] [Update Dynamic Link Library] MD5=B824FE787DE262A9F003F3CA8EFC079D SIZE=525664
%SYSDIR%\hpzsnt09.dll [HP] [HP DeskJet] MD5=40665881B7F7531B2D9BD9C3A537B270 SIZE=204866
%SYSDIR%\drivers\CDAC11BA.EXE [Macrovision] [SafeCast Windows NT] MD5=C10D484A89EE0566D6A7B45A1D1F310C SIZE=54784
%SYSDIR%\FTRTSVC.exe [France Telecom] [FTRTSVC NT Service] MD5=D1261099E03EEE90976EA19002995B89 SIZE=40960
%SYSDIR%\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%PROGRAMFILES%\Spyware Doctor\svcntaux.exe [PC Tools] MD5=4DEB3C0649D82FB3120E9EDD55C7D698 SIZE=311112
%PROGRAMFILES%\Spyware Doctor\rtl100.bpl [Borland Software Corporation] [Borland Package Library] MD5=E016DADBA1DD3C5EF41A8F70D3DC64A0 SIZE=843264
%PROGRAMFILES%\Spyware Doctor\vcl100.bpl [Borland Software Corporation] [Borland Package Library] MD5=74B6B0BEAC3DC80201383B8699AD694E SIZE=1680896
%PROGRAMFILES%\Spyware Doctor\SysAccess.dll [PC Tools] MD5=8B9CDF2F4231FB8A8CF83FFE84505531 SIZE=126976
%PROGRAMFILES%\Spyware Doctor\ikdll.dll [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=4C83EB12080627E59854543330EFAF94 SIZE=128328
%PROGRAMFILES%\Spyware Doctor\swdsvc.exe [PC Tools] MD5=C59D581BC4AD04B6C7476812704C3A0C SIZE=1418056
%PROGRAMFILES%\Spyware Doctor\CommOM.dll [PC Tools] MD5=118A100AD0468C9EACF5B862F9737842 SIZE=705824
%PROGRAMFILES%\Spyware Doctor\CommLib.dll [PC Tools] MD5=8F2E8E3B8F38723CBDA908723912A4F2 SIZE=619808
%PROGRAMFILES%\Spyware Doctor\commhlpr.dll [PC Tools] MD5=6BA93BBA898A34F3B44B52814FD587FA SIZE=82248
%PROGRAMFILES%\Spyware Doctor\RegHelper.dll [PC Tools] [Spyware Doctor] MD5=FEBC953D9260E08543E175CC246E2F29 SIZE=108360
%PROGRAMFILES%\Spyware Doctor\inethlpr.dll [PC Tools] [Spyware Doctor] MD5=5C2A1A1EFF704C95F8E5D9CECE1D8C35 SIZE=139080
%PROGRAMFILES%\Spyware Doctor\filehlpr.dll [PC Tools] [Spyware Doctor] MD5=9DECA5E0EFA346C515E995F3BBB309E7 SIZE=140616
%PROGRAMFILES%\Spyware Doctor\sdcore.dll [PC Tools] MD5=95C4B83AD700FE95A93FE66D04CB7D02 SIZE=117064
%PROGRAMFILES%\Spyware Doctor\FileStorage.sdp [PC Tools] MD5=1F7DE33E4CEB3A62D8C9CE8D792C8563 SIZE=308552
%PROGRAMFILES%\Spyware Doctor\Settings.sdp [PC Tools] MD5=C929B4AD34D1D0AD7DD4E835DE61CDAF SIZE=111432
%PROGRAMFILES%\Spyware Doctor\IDBLib.sdp [PC Tools] MD5=C89EFA74DEFA8B67024976D7778BCF7C SIZE=254280
%PROGRAMFILES%\Spyware Doctor\SDInfo.sdp [PC Tools] MD5=013450CFA74B17244044F4EB6E449823 SIZE=714016
%PROGRAMFILES%\Spyware Doctor\SDExtra.sdp [PC Tools] MD5=3216E635A0D414655392284CFD7B71FB SIZE=158024
%PROGRAMFILES%\Spyware Doctor\PCTWSC.dll [PC Tools] [PCTWSC Dynamic Link Library] MD5=69075BE71CA315CD32C9B44062706E17 SIZE=169288
%PROGRAMFILES%\Spyware Doctor\Immunizer.sdp [PC Tools] MD5=2779BE0D201BACE64FD41595785D7D5E SIZE=110408
%PROGRAMFILES%\Spyware Doctor\Localizer.sdp [PC Tools] MD5=D358AE444820E311D420E1EFFA2B9D75 SIZE=146760
%PROGRAMFILES%\Spyware Doctor\NfyMan.sdp [PC Tools] MD5=A63401825F36D3186466AEC39E7ED243 SIZE=100168
%PROGRAMFILES%\Spyware Doctor\quarantine.sdp [PC Tools] MD5=47EAE707EA776C28EBF28DA304AEA74B SIZE=143688
%PROGRAMFILES%\Spyware Doctor\BH.dll [PC Tools] [Browser Helper] MD5=209EB0448384F1D64470A018CC802B2A SIZE=234312
%PROGRAMFILES%\Spyware Doctor\RebootManager.sdp [PC Tools] MD5=6D9EBF140CEF4E8FB09B7C708B97057F SIZE=125768
%PROGRAMFILES%\Spyware Doctor\scaneng.sdp [PC Tools] MD5=C09D36E45437E9A44C146858D77D7826 SIZE=226632
%PROGRAMFILES%\Spyware Doctor\stasks.sdp [PC Tools] MD5=F75E7756B9E15A028A1A9D067FB96BCC SIZE=128840
%PROGRAMFILES%\Spyware Doctor\SystemMonitor.sdp [PC Tools] MD5=94A97BCBEADD3F888801B738A97B43B2 SIZE=1021240
%PROGRAMFILES%\Spyware Doctor\whitelist.sdp [PC Tools] MD5=F09B38EE6C9454AFE953126B9033EFEB SIZE=126280
%PROGRAMFILES%\Spyware Doctor\plugins\Browsers.SDP [PC Tools] MD5=D5B8EBA9BFD1BE7B7746727CE458E7C3 SIZE=272896
%PROGRAMFILES%\Spyware Doctor\plugins\cookie.sdp [PC Tools] [Spyware Doctor] MD5=4A15D78750B521CA4416281F616983A8 SIZE=181760
%PROGRAMFILES%\Spyware Doctor\plugins\grfiles.SDP [PC Tools] [Spyware Doctor] MD5=C79E9D9524145E66157C4B816344C97E SIZE=266240
%PROGRAMFILES%\Spyware Doctor\plugins\grregistry.SDP [PC Tools] [Spyware Doctor] MD5=4597278E28F6217954AD23D5056A5177 SIZE=159744
%PROGRAMFILES%\Spyware Doctor\PCToolsComponents.bpl [PC Tools] MD5=695E40C941BB4E3C5DBBB72627E345F8 SIZE=373760
%PROGRAMFILES%\Spyware Doctor\SH.dll [PC Tools] MD5=E6E4106C4B16B5CD328B61DEE22A2AC3 SIZE=211272
%PROGRAMFILES%\Spyware Doctor\plugins\KLGuard.SDP [PC Tools] MD5=E31841F2EC0B9A524E58C1EF843C6993 SIZE=467456
%PROGRAMFILES%\Spyware Doctor\plugins\Network.SDP [PC Tools] [Spyware Doctor] MD5=3A0CFCCD052429413D986B9BCA9B0577 SIZE=374784
%PROGRAMFILES%\Spyware Doctor\plugins\Process.SDP [PC Tools] MD5=42D7BAA83CF91A7F1F437A00DE076378 SIZE=441344
%PROGRAMFILES%\Spyware Doctor\plugins\ScriptEngine.SDP [PC Tools] MD5=BCAE7DFBEDCC204A95FE549BAFE88D88 SIZE=750080
%PROGRAMFILES%\Spyware Doctor\plugins\SDNET.SDP [PC Tools] MD5=221294EB81A8364CC80343A6FEFC4EA6 SIZE=527360
%PROGRAMFILES%\Spyware Doctor\plugins\StartUp.SDP [PC Tools] [Spyware Doctor] MD5=62AB06D47164B798E5114D419EB0A510 SIZE=288256
%PROGRAMFILES%\Wanadoo\Inactivity.dll [] [Bibliothèque de liaison dynamique Inactivity] MD5=01516C007C86B7C1FCB31D2CD119FF12 SIZE=28672
%PROGRAMFILES%\Spyware Doctor\cdialogs.dll [PC Tools] MD5=954ED3D3861FF33402C61247EA9D6132 SIZE=651592
%PROGRAMFILES%\Spyware Doctor\pwindow.dll [PC Tools] MD5=C337EDA2060C94B9E601E4671EC8A8AF SIZE=126280
%PROGRAMFILES%\Wanadoo\TaskBarIcon.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=F9710A77123CC3FD09D062F2AF33E473 SIZE=61440
%PROGRAMFILES%\Wanadoo\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=F0AD5EF11EF655967F3C0A88DF01D5F3 SIZE=24576
%PROGRAMFILES%\Wanadoo\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=CF37736CBAD53E318A683DCA8E669887 SIZE=626688
%PROGRAMFILES%\Wanadoo\skin\Default\main\ResourceStyle.dll [] [Kit Wanadoo] MD5=6D66B152B9BC974B9EA979B1306EDE02 SIZE=1855488
%PROGRAMFILES%\Wanadoo\WooIHMF.dll [France Télécom R&D] [Gestionnaire Internet] MD5=FF91F43C73ABF326C4203D3E9C478E72 SIZE=282624
%SystemDiskRoot%\HP\KBD\led.dll [Hewlett-Packard Company] [Hewlett-Packard Company LED DLL] MD5=F68A3F0D63BE926ED65ED1C8C5B03A3D SIZE=49152
%SystemDiskRoot%\HP\KBD\USB.dll [Hewlett-Packard Company] [Hewlett-Packard Company USB DLL] MD5=6B43FBC9887F35D21E6F90A715DB7086 SIZE=77824
%SystemDiskRoot%\HP\KBD\ps2.dll [Hewlett-Packard Company] [Hewlett-Packard Company PS2 DLL] MD5=94F6FEC3F5C5532F264FFE05709DE767 SIZE=61440
%SystemDiskRoot%\HP\KBD\msg.dll [Hewlett-Packard Company] [Hewlett-Packard Company MSG DLL] MD5=BC973071B50CD7624D63628DFD9C8E1F SIZE=61440
%SystemDiskRoot%\HP\KBD\osd.dll [Hewlett-Packard Company] [Hewlett-Packard Company OSD DLL] MD5=A5A7FEB33BACF5FE30A72F6DCB6D0F91 SIZE=172032
%SystemDiskRoot%\HP\KBD\sct.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=E22FDDC4068F231CAD3BFA0A4B7C2323 SIZE=81920
%SystemDiskRoot%\HP\KBD\onl.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=AB529AB0BFD476644A6DB2357C98D1D5 SIZE=61440
%SystemDiskRoot%\HP\KBD\aol.dll [Hewlett-Packard Company] [Hewlett-Packard Company AOL DLL] MD5=3C45D593036FF03305DDC13DA20AF1F4 SIZE=61440
%SystemDiskRoot%\HP\KBD\url.dll [Hewlett-Packard Company] [Hewlett-Packard Company URL DLL] MD5=1EB0B0BC085F75A29AE8AA8B303306D3 SIZE=53248
%SystemDiskRoot%\HP\KBD\cfg.dll [Hewlett-Packard Company] [Hewlett-Packard Company CFG DLL] MD5=261E5E3602941656A1442B255C936B9E SIZE=94208
%SystemDiskRoot%\HP\KBD\MSIKBDIF.DLL [Hewlett-Packard Company] [Hewlett-Packard Company MSIKBDIF DLL] MD5=60DB5561F7B646FA217E9EA6561E6705 SIZE=69632
%PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdsxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=34885122C2D156C5776443259886685F SIZE=241664
%PROGRAMFILES%\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.FRA [ATI Technologies, Inc.] [ATI Desktop Component] MD5=BFAD884175D0D7B2868ED7FC5F57DFF8 SIZE=147456
%PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdxxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=D8080E1A41426B492B439BADFD7CF7E1 SIZE=73728
%PROGRAMFILES%\Google\GoogleToolbarNotifier\1.2.1128.5462\res_fr.dll [Google Inc.] [GoogleToolbarNotifier] MD5=C4D4A57E79646567F6A32EC2806B0FB1 SIZE=48128
%PROGRAMFILES%\eMule\lang\fr_FR.dll https://www.emule-project.net/home/perl/general.cgi?l=1 [eMule] MD5=25568D469C83E13838ABA4C681D5AB0D SIZE=106496
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=DA6B945E561B1D1DA67663BB45B4B868 SIZE=237568
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcxm08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=3EBB3EDCF1A700DA14805B7FD6A288FC SIZE=139264
%PROGRAMFILES%\HP\Digital Imaging\bin\hpquio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CAD04272C5E281AEEB6545C69EBAB0ED SIZE=90112
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=A4EFE0D85855F33E30C1CD486BAB83A0 SIZE=45056
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtao08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=AA5EF983E12A2D5B7AEEFFA98136D80F SIZE=61440
%PROGRAMFILES%\HP\Digital Imaging\Unload\hpiCamTA.dll [Hewlett-Packard] [TrayAppPlugin Module] MD5=B9BFE7B70C626D32C4FCD9BB7175B67F SIZE=135168
%PROGRAMFILES%\HP\Digital Imaging\Unload\HpqUnRes.dll [Hewlett-Packard] [HpqUnRes Dynamic Link Library] MD5=F290659091A0B725575BDCDD0FC84E4E SIZE=106496
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=0F8AB2E5FB7849BCFE387BD6EB21A148 SIZE=192512
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CC0F5B88FC9755E1CD35AEA3FC70C4EC SIZE=45056
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=E543125E68BD8CCD58A943D448362974 SIZE=577536
%PROGRAMFILES%\HP\Digital Imaging\bin\HpqUtil.dll [] [HpqUtil Module] MD5=0EE46AE232B9681770CDBFB230C57788 SIZE=163840
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodvd08.dll [Hewlett-Packard] [Hewlett-Packard hpodvd08] MD5=BDF3EE0F674CD7A58945188D24373A9E SIZE=219136
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSTD08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=3F40CCE88D2BFAA58AA3192AA898B12B SIZE=335872
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtap08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=17C2AB2593D15ADAA1E1B9F63B09A690 SIZE=53248
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSTD08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=F041B453ADEDADF432FE5D78A4F0F39B SIZE=253952
%PROGRAMFILES%\HP\Digital Imaging\bin\hpocxi08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=DF002BBF00D0C3126F1035B2B422C493 SIZE=262144
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcob08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=DD973D5E5B3B24ECCAFB83FD28614F74 SIZE=53248
%SYSDIR%\hpzidr12.dll [HP] [HP Dot4Rtl] MD5=0F2D53A73D27105CA5DBCBDB0AD3BC5B SIZE=266296
%SYSDIR%\hpzipr12.dll [HP] [HP PmlRtl] MD5=8DD12146838BBFA51D78A40EB34BA02B SIZE=196608
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodev08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=90B72E21BE9BAA774F1F3D8B411B6A2A SIZE=69632
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodeb08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=20A57E6E1C9EBBFBF0BF134531280A04 SIZE=200704
%PROGRAMFILES%\HP\Digital Imaging\bin\hposcn08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2447447185DDCE2678F3917151F06368 SIZE=114688
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSCN08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=B0976EBC088303556826D53FEB88C7F8 SIZE=28672
%PROGRAMFILES%\WinZip\WZQKPICK.EXE [WinZip Computing, S.L.] [WinZip] MD5=6D23B8CB307E455428A778535BE6E6D9 SIZE=394856
%PROGRAMFILES%\Wanadoo\GestionnaireInternet.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D17C66B5620142A06B7391BE20C0476 SIZE=819200
%SYSDIR%\AlertModule\AlertClient.dll [] [AlertClient Module] MD5=42893D43DB574778E05AE85C2120984F SIZE=36864
%PROGRAMFILES%\Wanadoo\DetectComponent.dll [] [Bibliothèque de liaison dynamique DetectComponent] MD5=7C0DCEDC849C2780D246977B026AB2E6 SIZE=90112
%PROGRAMFILES%\Wanadoo\SynchroDll.dll [] [Bibliothèque de liaison dynamique SynchroDll] MD5=57F451645CA64B2A3792A1B2F7629724 SIZE=53248
%PROGRAMFILES%\Wanadoo\ComComp.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D589D0436C4C2D285B3418E79E78A21 SIZE=249856
%PROGRAMFILES%\Wanadoo\WLANManager.dll [France Télécom R&D] [WLANManager] MD5=3984A309960D2173D241CB07CEDABB12 SIZE=90112
%PROGRAMFILES%\Wanadoo\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%SYSDIR%\W32N50.dll [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CF7F176E5DC77FA95AF30FE913957611 SIZE=94208
%PROGRAMFILES%\Wanadoo\GestAppFT.dll [France Télécom R&D] [Kit de Connexion et de Services] MD5=5E1EF37D7CF6658F453B7CFA268DBEE2 SIZE=151552
%PROGRAMFILES%\Wanadoo\ModifFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B5674B52F1B2026947DC6EF0248F089C SIZE=53248
%PROGRAMFILES%\Wanadoo\PMStub.dll [] [Bibliothèque de liaison dynamique PMStub] MD5=74D2A4D769D31151E1971AD2FCBCFFDA SIZE=36864
%PROGRAMFILES%\Wanadoo\PhoneManager.dll [] [Bibliothèque de liaison dynamique PhoneManager] MD5=FC02BFFAC618F14B9446FF371F92CADC SIZE=188416
%PROGRAMFILES%\Wanadoo\NDIS_Gen.dll [France Télécom R&D] [NDIS_Gen] MD5=9F436877B3566DB2302FC685AADADB0C SIZE=90112
%PROGRAMFILES%\Wanadoo\Toaster.exe [France Telecom R&D] [Application Toaster] MD5=C2D1BD2B433571ECEC29924ACE5D7C62 SIZE=69632
%PROGRAMFILES%\Wanadoo\Inactivity.exe [] [Application Inactivity] MD5=5F6DBF75D05462EED92B42376E89D9FE SIZE=32768
%PROGRAMFILES%\Wanadoo\PollingModule.exe [] [Application PollingModule] MD5=EDF02F58940FD56C12357D150F5397C0 SIZE=69632
%SYSDIR%\AlertModule\AlertModule.exe [] [Application AlertModule] MD5=68E404DB5525373FE0554ED2607F0C82 SIZE=45056
svcnet.exe []
%COMMONFILES%\RTE\RTEGPRS.EXE []
%SystemDiskRoot%\Documents and Settings\Naguib\Application Data\sgrunt\IE4321.exe []
VTTimer.exe []
deskpan.dll []
%PROGRAMFILES%\RecordNow!\shlext.dll [Sonic Solutions] [RecordNow!] MD5=49430D319CF00700CE09FB621D49BA35 SIZE=77824
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=8305E5132173A9E9CE591CAD4EB5C9B4 SIZE=122880
%PROGRAMFILES%\WinZip\wzshlstb.dll [WinZip Computing, Inc.] [WinZip] MD5=E0F4E14D74C5B06F08EA99ABD3F05F13 SIZE=5120
%PROGRAMFILES%\Illustrate\dBpowerAMP\dBShell.dll [] [dBShell Module] MD5=390966C0607669813D3DD06835D09EDA SIZE=110592
%PROGRAMFILES%\Illustrate\dBpowerAMP\dMCShell.dll [] [dMCShell Module] MD5=D796216C4F4DA0B38496E179E67FA745 SIZE=118784
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=9BAA63DABB71CE38C91B4855CC2E6B77 SIZE=204800
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=2407FBDB9CB080E8B05928C7FB935C09 SIZE=229376
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=F7BE7817102BE20FF88E3346EBDD9158 SIZE=352256
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=D8C2B64A3E2867B40BEF26218A06E6F7 SIZE=200704
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=F9193B5DD2235FFC6A326D866F86FB70 SIZE=335872
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=7B2061F41D0A9AEA272F276D585D58D5 SIZE=229376
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLACT.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=D1BE3E13EDC5594148586669686170F4 SIZE=176128
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=9457A8B86B3027CE486A02EDD4A0CB1C SIZE=348160
%PROGRAMFILES%\WinRAR\rarext.dll [] MD5=7801791108C9FA442DD48BCD98869F21 SIZE=126464
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=07B1FF45EDD4845DF545049EAF2CD1BC SIZE=323584
%SYSDIR%\drivers\ALCXSENS.SYS [Sensaura Ltd] MD5=FBBCB95F677CBAA924140B6EA2D9A97B SIZE=391424
%SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows (R) WDM driver for Realtek AC'97 Audio] MD5=ADE678F1AC512A463D5CF73D99A396FC SIZE=538236
%SYSDIR%\DRIVERS\CDAC15BA.SYS [Macrovision Europe Ltd] [Security Windows NT] MD5=08F60F40D1A2A95A1F12EDDBD9F25C1C SIZE=12464
%SYSDIR%\DRIVERS\HSFHWBS2.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=128EF741B2293C36810561092B566B1C SIZE=210304
%SYSDIR%\DRIVERS\HSF_DP.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=9A0D0C461EF2B3D80CB7875B4B995E47 SIZE=1042816
%SYSDIR%\drivers\ikfilesec.sys [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=BB07262041A213FEA5FCCF0A9F90D85A SIZE=41288
%SYSDIR%\drivers\iksysflt.sys [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=1C670FA74A86B3689A314139C67814AE SIZE=56832
%SYSDIR%\drivers\iksyssec.sys [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=DDD207288DD498D6E47A321EC399966B SIZE=74240
%PROGRAMFILES%\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL PRO\KAVSVC.EXE [Kaspersky Lab] [Kaspersky Anti-Virus Personal Pro] MD5=0C2D752D8B08F16F8874DD5D1C1B0493 SIZE=958570
%SYSDIR%\drivers\kl1.sys [Kaspersky Lab] [Kaspersky Anti-Virus Personal] MD5=6D24150141F1CE115552BA3F113B04F3 SIZE=18795
%SYSDIR%\drivers\klif.sys [Kaspersky Labs] [KLIF] MD5=A5FC754236FB0DEC1C370CB545C49D51 SIZE=129808
%SYSDIR%\drivers\klmc.sys [Kaspersky Lab] [Kaspersky Anti-Virus Personal Pro] MD5=4A66C7190B9705384DBB9279B4F2312B SIZE=10995
%SYSDIR%\PCANDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CEEF86CB35ABE95C40A88784F5B631AD SIZE=16128
%SYSDIR%\DRIVERS\PPPoEWin.SYS [Friendly Technologies] [PPPoE Protocol Driver] MD5=8AE03E978BC99F31AE31B183CD373951 SIZE=104375
%SYSDIR%\DRIVERS\PS2.sys [Hewlett-Packard Company] [Hewlett-Packard Company PS2 SYS] MD5=9B793A1FFD480155FE9EE5261153F21B SIZE=23808
%SYSDIR%\DRIVERS\SISAGPX.sys [Silicon Integrated Systems Corporation] [SiS AGPv3.5 Filter for Windows XP] MD5=61CA562DEF09A782D26B3E7EDEC5369A SIZE=36992
%SYSDIR%\DRIVERS\srvkp.sys [Silicon Integrated Systems Corporation] [SiS (R) WindowsXP Display Manager] MD5=7EF8E5C266133638E7E06BE03FCBEFF3 SIZE=11392
%SYSDIR%\DRIVERS\sisnic.sys [SiS Corporation] [NDIS 5.1 NIC Driver] MD5=5529B51AACFF16FBDDE4B34FF0AF2B76 SIZE=32768
%SYSDIR%\DRIVERS\HSF_CNXT.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=CE545A84BF3411E7516FA8DA51AD9D93 SIZE=679808
%SYSDIR%\systray.exe []
End of Report
Logfile of Spyware Terminator v2.0.1.224 (db:1.0.044.807)
Scan Time: 28/12/2007 20:23:38 length: 3429 s
Platform: Windows XP Home Service Pack 2 (WINNT 5.1.2600)
User: Limited
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 146726 (Critical:64)
Filter: No System items, No Safe items
Running Processes
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
aawservice.exe [Lavasoft AB] : C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
CDAC11BA.EXE [Macrovision] : C:\WINDOWS\system32\drivers\CDAC11BA.EXE
FTRTSVC.exe [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
kavsvc.exe ( PID=1528 )
svcntaux.exe [PC Tools] : C:\Program Files\Spyware Doctor\svcntaux.exe
swdsvc.exe [PC Tools] : C:\Program Files\Spyware Doctor\swdsvc.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
SDTrayApp.exe [PC Tools] : C:\Program Files\Spyware Doctor\SDTrayApp.exe
TaskBarIcon.exe [France Télécom R&D] : C:\Program Files\Wanadoo\TaskBarIcon.exe
kav.exe ( PID=2032 )
emule.exe https://www.emule-project.net/home/perl/general.cgi?l=1 : C:\Program Files\eMule\emule.exe
hpqtra08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
WZQKPICK.EXE [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZQKPICK.EXE
GestionnaireInternet.exe [France Télécom R&D] : C:\Program Files\Wanadoo\GestionnaireInternet.exe
ComComp.exe [France Télécom R&D] : C:\Program Files\Wanadoo\ComComp.exe
Toaster.exe [France Telecom R&D] : C:\Program Files\Wanadoo\Toaster.exe
Inactivity.exe : C:\Program Files\Wanadoo\Inactivity.exe
PollingModule.exe : C:\Program Files\Wanadoo\PollingModule.exe
AlertModule.exe : C:\WINDOWS\system32\AlertModule\AlertModule.exe
Watch.exe [France Télécom R&D] : C:\Program Files\Wanadoo\Watch.exe
wuauclt.exe ( PID=3316 )
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://qfr10.hpwis.com/
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride =
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - [My Way] : C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found
02 - BHO: - {{FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
02 - BHO: - {e2e2dd38-d088-4134-82b7-f2ba38496583} - File not found
Toolbars
03 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - [My Way] : C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, I/O Controllers : : svcnet.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RTEGPRS : : C:\Program Files\Fichiers communs\RTE\RTEGPRS.EXE
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOKIT : : C:\Program Files\WANADOO\SHELL.EXE
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eMuleAutoStart : https://www.emule-project.net/home/perl/general.cgi?l=1 : C:\Program Files\eMule\emule.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olympic : : C:\Documents and Settings\Naguib\Application Data\sgrunt\IE4321.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOWATCH : [France Télécom R&D] : C:\Program Files\Wanadoo\Watch.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOTASKBARICON : [France Télécom R&D] : C:\Program Files\Wanadoo\GestMAJ.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VTTimer : : VTTimer.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdateManager : [Sonic Solutions] : C:\Program Files\Fichiers communs\SONIC\UPDATE MANAGER\SGTRAY.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, I/O Controllers : : svcnet.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HPHUPD05 : [Hewlett-Packard] : C:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KAVPersonal50 : [Kaspersky Lab] : C:\Program Files\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL PRO\KAV.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SDTray : [PC Tools] : C:\Program Files\Spyware Doctor\SDTrayApp.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\LSDELETE.EXE
04 - Startup: %START_PROGRAMSALL%\Démarrage\HP Digital Imaging Monitor.lnk [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
04 - Startup: %START_PROGRAMSALL%\Démarrage\WinZip Quick Pick.lnk [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZQKPICK.EXE
Shell Extensions
Extension Affichage Panorama du Panneau de configuration - {42071714-76d4-11d1-8b24-00a0c9068ff3} - : deskpan.dll
- {764BF0E1-F219-11ce-972D-00AA00A14F56} - File not found
- {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - File not found
Barre des tâches et menu Démarrer - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
- {32683183-48a0-441b-a342-7c2a440a9478} - File not found
Comptes d'utilisateurs - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
RecordNow! SendToExt - {DEE12703-6333-4D4E-8F34-738C4DCC2E04} - [Sonic Solutions] : C:\Program Files\RecordNow!\shlext.dll
SampleView - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\WINDOWS\system32\ShellvRTF.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Program Files\WinZip\wzshlstb.dll
dBpShell Class - {FED7043D-346A-414D-ACD7-550D052499A7} - : C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll
dMCIShell Class - {2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} - : C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll
IntelliType Pro Zooming Property Page - {97FA8AA2-EE77-4FF2-9449-424D8924EF21} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL
IntelliType Pro Scrolling Property Page - {111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL
IntelliType Pro Key Settings Property Page - {ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL
IntelliType Pro Wireless Control Panel Property Page - {A2569D1F-4E06-43EC-9825-0088B471BE47} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL
Page de propriétés sans fil - {20082881-FC36-4E47-9A7A-644C95FF749F} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL
Page des propriétés de la roulette - {AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL
Page des propriétés des activités - {653DCCC2-13DB-45B2-A389-427885776CFE} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLACT.DLL
Page des propriétés des boutons - {124597D8-850A-41AE-849C-017A4FA99CA2} - [Microsoft Corporation] : C:\Program Files\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
Services
23 - [Lavasoft AB] : C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
23 - [Sensaura Ltd] : C:\WINDOWS\system32\drivers\ALCXSENS.SYS
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
23 - [Macrovision] : C:\WINDOWS\system32\drivers\CDAC11BA.EXE
23 - [Macrovision Europe Ltd] : C:\WINDOWS\system32\DRIVERS\CDAC15BA.SYS
23 - [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
23 - [Conexant Systems, Inc.] : C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
23 - [Conexant Systems, Inc.] : C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
23 - [PCTools Research Pty Ltd.] : C:\WINDOWS\system32\drivers\ikfilesec.sys
23 - [PCTools Research Pty Ltd.] : C:\WINDOWS\system32\drivers\iksysflt.sys
23 - [PCTools Research Pty Ltd.] : C:\WINDOWS\system32\drivers\iksyssec.sys
23 - [Kaspersky Lab] : C:\Program Files\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL PRO\KAVSVC.EXE
23 - [Kaspersky Lab] : C:\WINDOWS\system32\drivers\kl1.sys
23 - [Kaspersky Labs] : C:\WINDOWS\system32\drivers\klif.sys
23 - [Kaspersky Lab] : C:\WINDOWS\system32\drivers\klmc.sys
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\PCANDIS5.SYS
23 - [Friendly Technologies] : C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS
23 - [Hewlett-Packard Company] : C:\WINDOWS\system32\DRIVERS\PS2.sys
23 - [PC Tools] : C:\Program Files\Spyware Doctor\svcntaux.exe
23 - [PC Tools] : C:\Program Files\Spyware Doctor\swdsvc.exe
23 - [Silicon Integrated Systems Corporation] : C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
23 - [Silicon Integrated Systems Corporation] : C:\WINDOWS\system32\DRIVERS\srvkp.sys
23 - [SiS Corporation] : C:\WINDOWS\system32\DRIVERS\sisnic.sys
23 - [Conexant Systems, Inc.] : C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxsrvc.dll
Threat Files
<180searchAssistant> : C:\StubInstaller.exe
<W95/Bumble> : C:\Program Files\Panda Security\TotalScan\pskavs.dll
<Trojan/Downloader-SPYgame> : C:\WINDOWS\Downloaded Program Files\gsda.dll
Advanced Files Report
%PROGRAMFILES%\Spyware Doctor\smumhook.dll [PC Tools] MD5=EBD7DF944732A7C0B0BD164E95223F5A SIZE=143176
%PROGRAMFILES%\Spyware Doctor\klg.dat [PC Tools] [Spyware Doctor] MD5=6059AAAE94267AAD6A16E0D49F0C22E1 SIZE=99328
%SYSDIR%\Ati2evxx.dll [ATI Technologies Inc.] [ATI External Event Utility for NT, W2K and W9X] MD5=7608E60DBBB49B136823EBA476D72B57 SIZE=86016
%SYSDIR%\Ati2evxx.exe [ATI Technologies Inc.] [ATI External Event Utility for WindowsNT and Windows9X] MD5=74861E44690029BF25A99CF1AADCD8F4 SIZE=385024
%PROGRAMFILES%\Lavasoft\Ad-Aware 2007\aawservice.exe [Lavasoft AB] [Ad-Aware 2007 Service] MD5=25F8546FD40E40EC5A2A23AECAE4FDCA SIZE=587096
%PROGRAMFILES%\Lavasoft\Ad-Aware 2007\Update.dll [] [Update Dynamic Link Library] MD5=B824FE787DE262A9F003F3CA8EFC079D SIZE=525664
%SYSDIR%\hpzsnt09.dll [HP] [HP DeskJet] MD5=40665881B7F7531B2D9BD9C3A537B270 SIZE=204866
%SYSDIR%\drivers\CDAC11BA.EXE [Macrovision] [SafeCast Windows NT] MD5=C10D484A89EE0566D6A7B45A1D1F310C SIZE=54784
%SYSDIR%\FTRTSVC.exe [France Telecom] [FTRTSVC NT Service] MD5=D1261099E03EEE90976EA19002995B89 SIZE=40960
%SYSDIR%\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%PROGRAMFILES%\Spyware Doctor\svcntaux.exe [PC Tools] MD5=4DEB3C0649D82FB3120E9EDD55C7D698 SIZE=311112
%PROGRAMFILES%\Spyware Doctor\rtl100.bpl [Borland Software Corporation] [Borland Package Library] MD5=E016DADBA1DD3C5EF41A8F70D3DC64A0 SIZE=843264
%PROGRAMFILES%\Spyware Doctor\vcl100.bpl [Borland Software Corporation] [Borland Package Library] MD5=74B6B0BEAC3DC80201383B8699AD694E SIZE=1680896
%PROGRAMFILES%\Spyware Doctor\SysAccess.dll [PC Tools] MD5=8B9CDF2F4231FB8A8CF83FFE84505531 SIZE=126976
%PROGRAMFILES%\Spyware Doctor\ikdll.dll [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=4C83EB12080627E59854543330EFAF94 SIZE=128328
%PROGRAMFILES%\Spyware Doctor\swdsvc.exe [PC Tools] MD5=C59D581BC4AD04B6C7476812704C3A0C SIZE=1418056
%PROGRAMFILES%\Spyware Doctor\CommOM.dll [PC Tools] MD5=118A100AD0468C9EACF5B862F9737842 SIZE=705824
%PROGRAMFILES%\Spyware Doctor\CommLib.dll [PC Tools] MD5=8F2E8E3B8F38723CBDA908723912A4F2 SIZE=619808
%PROGRAMFILES%\Spyware Doctor\commhlpr.dll [PC Tools] MD5=6BA93BBA898A34F3B44B52814FD587FA SIZE=82248
%PROGRAMFILES%\Spyware Doctor\RegHelper.dll [PC Tools] [Spyware Doctor] MD5=FEBC953D9260E08543E175CC246E2F29 SIZE=108360
%PROGRAMFILES%\Spyware Doctor\inethlpr.dll [PC Tools] [Spyware Doctor] MD5=5C2A1A1EFF704C95F8E5D9CECE1D8C35 SIZE=139080
%PROGRAMFILES%\Spyware Doctor\filehlpr.dll [PC Tools] [Spyware Doctor] MD5=9DECA5E0EFA346C515E995F3BBB309E7 SIZE=140616
%PROGRAMFILES%\Spyware Doctor\sdcore.dll [PC Tools] MD5=95C4B83AD700FE95A93FE66D04CB7D02 SIZE=117064
%PROGRAMFILES%\Spyware Doctor\FileStorage.sdp [PC Tools] MD5=1F7DE33E4CEB3A62D8C9CE8D792C8563 SIZE=308552
%PROGRAMFILES%\Spyware Doctor\Settings.sdp [PC Tools] MD5=C929B4AD34D1D0AD7DD4E835DE61CDAF SIZE=111432
%PROGRAMFILES%\Spyware Doctor\IDBLib.sdp [PC Tools] MD5=C89EFA74DEFA8B67024976D7778BCF7C SIZE=254280
%PROGRAMFILES%\Spyware Doctor\SDInfo.sdp [PC Tools] MD5=013450CFA74B17244044F4EB6E449823 SIZE=714016
%PROGRAMFILES%\Spyware Doctor\SDExtra.sdp [PC Tools] MD5=3216E635A0D414655392284CFD7B71FB SIZE=158024
%PROGRAMFILES%\Spyware Doctor\PCTWSC.dll [PC Tools] [PCTWSC Dynamic Link Library] MD5=69075BE71CA315CD32C9B44062706E17 SIZE=169288
%PROGRAMFILES%\Spyware Doctor\Immunizer.sdp [PC Tools] MD5=2779BE0D201BACE64FD41595785D7D5E SIZE=110408
%PROGRAMFILES%\Spyware Doctor\Localizer.sdp [PC Tools] MD5=D358AE444820E311D420E1EFFA2B9D75 SIZE=146760
%PROGRAMFILES%\Spyware Doctor\NfyMan.sdp [PC Tools] MD5=A63401825F36D3186466AEC39E7ED243 SIZE=100168
%PROGRAMFILES%\Spyware Doctor\quarantine.sdp [PC Tools] MD5=47EAE707EA776C28EBF28DA304AEA74B SIZE=143688
%PROGRAMFILES%\Spyware Doctor\BH.dll [PC Tools] [Browser Helper] MD5=209EB0448384F1D64470A018CC802B2A SIZE=234312
%PROGRAMFILES%\Spyware Doctor\RebootManager.sdp [PC Tools] MD5=6D9EBF140CEF4E8FB09B7C708B97057F SIZE=125768
%PROGRAMFILES%\Spyware Doctor\scaneng.sdp [PC Tools] MD5=C09D36E45437E9A44C146858D77D7826 SIZE=226632
%PROGRAMFILES%\Spyware Doctor\stasks.sdp [PC Tools] MD5=F75E7756B9E15A028A1A9D067FB96BCC SIZE=128840
%PROGRAMFILES%\Spyware Doctor\SystemMonitor.sdp [PC Tools] MD5=94A97BCBEADD3F888801B738A97B43B2 SIZE=1021240
%PROGRAMFILES%\Spyware Doctor\whitelist.sdp [PC Tools] MD5=F09B38EE6C9454AFE953126B9033EFEB SIZE=126280
%PROGRAMFILES%\Spyware Doctor\plugins\Browsers.SDP [PC Tools] MD5=D5B8EBA9BFD1BE7B7746727CE458E7C3 SIZE=272896
%PROGRAMFILES%\Spyware Doctor\plugins\cookie.sdp [PC Tools] [Spyware Doctor] MD5=4A15D78750B521CA4416281F616983A8 SIZE=181760
%PROGRAMFILES%\Spyware Doctor\plugins\grfiles.SDP [PC Tools] [Spyware Doctor] MD5=C79E9D9524145E66157C4B816344C97E SIZE=266240
%PROGRAMFILES%\Spyware Doctor\plugins\grregistry.SDP [PC Tools] [Spyware Doctor] MD5=4597278E28F6217954AD23D5056A5177 SIZE=159744
%PROGRAMFILES%\Spyware Doctor\PCToolsComponents.bpl [PC Tools] MD5=695E40C941BB4E3C5DBBB72627E345F8 SIZE=373760
%PROGRAMFILES%\Spyware Doctor\SH.dll [PC Tools] MD5=E6E4106C4B16B5CD328B61DEE22A2AC3 SIZE=211272
%PROGRAMFILES%\Spyware Doctor\plugins\KLGuard.SDP [PC Tools] MD5=E31841F2EC0B9A524E58C1EF843C6993 SIZE=467456
%PROGRAMFILES%\Spyware Doctor\plugins\Network.SDP [PC Tools] [Spyware Doctor] MD5=3A0CFCCD052429413D986B9BCA9B0577 SIZE=374784
%PROGRAMFILES%\Spyware Doctor\plugins\Process.SDP [PC Tools] MD5=42D7BAA83CF91A7F1F437A00DE076378 SIZE=441344
%PROGRAMFILES%\Spyware Doctor\plugins\ScriptEngine.SDP [PC Tools] MD5=BCAE7DFBEDCC204A95FE549BAFE88D88 SIZE=750080
%PROGRAMFILES%\Spyware Doctor\plugins\SDNET.SDP [PC Tools] MD5=221294EB81A8364CC80343A6FEFC4EA6 SIZE=527360
%PROGRAMFILES%\Spyware Doctor\plugins\StartUp.SDP [PC Tools] [Spyware Doctor] MD5=62AB06D47164B798E5114D419EB0A510 SIZE=288256
%PROGRAMFILES%\Wanadoo\Inactivity.dll [] [Bibliothèque de liaison dynamique Inactivity] MD5=01516C007C86B7C1FCB31D2CD119FF12 SIZE=28672
%PROGRAMFILES%\Spyware Doctor\cdialogs.dll [PC Tools] MD5=954ED3D3861FF33402C61247EA9D6132 SIZE=651592
%PROGRAMFILES%\Spyware Doctor\pwindow.dll [PC Tools] MD5=C337EDA2060C94B9E601E4671EC8A8AF SIZE=126280
%PROGRAMFILES%\Wanadoo\TaskBarIcon.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=F9710A77123CC3FD09D062F2AF33E473 SIZE=61440
%PROGRAMFILES%\Wanadoo\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=F0AD5EF11EF655967F3C0A88DF01D5F3 SIZE=24576
%PROGRAMFILES%\Wanadoo\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=CF37736CBAD53E318A683DCA8E669887 SIZE=626688
%PROGRAMFILES%\Wanadoo\skin\Default\main\ResourceStyle.dll [] [Kit Wanadoo] MD5=6D66B152B9BC974B9EA979B1306EDE02 SIZE=1855488
%PROGRAMFILES%\Wanadoo\WooIHMF.dll [France Télécom R&D] [Gestionnaire Internet] MD5=FF91F43C73ABF326C4203D3E9C478E72 SIZE=282624
%SystemDiskRoot%\HP\KBD\led.dll [Hewlett-Packard Company] [Hewlett-Packard Company LED DLL] MD5=F68A3F0D63BE926ED65ED1C8C5B03A3D SIZE=49152
%SystemDiskRoot%\HP\KBD\USB.dll [Hewlett-Packard Company] [Hewlett-Packard Company USB DLL] MD5=6B43FBC9887F35D21E6F90A715DB7086 SIZE=77824
%SystemDiskRoot%\HP\KBD\ps2.dll [Hewlett-Packard Company] [Hewlett-Packard Company PS2 DLL] MD5=94F6FEC3F5C5532F264FFE05709DE767 SIZE=61440
%SystemDiskRoot%\HP\KBD\msg.dll [Hewlett-Packard Company] [Hewlett-Packard Company MSG DLL] MD5=BC973071B50CD7624D63628DFD9C8E1F SIZE=61440
%SystemDiskRoot%\HP\KBD\osd.dll [Hewlett-Packard Company] [Hewlett-Packard Company OSD DLL] MD5=A5A7FEB33BACF5FE30A72F6DCB6D0F91 SIZE=172032
%SystemDiskRoot%\HP\KBD\sct.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=E22FDDC4068F231CAD3BFA0A4B7C2323 SIZE=81920
%SystemDiskRoot%\HP\KBD\onl.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=AB529AB0BFD476644A6DB2357C98D1D5 SIZE=61440
%SystemDiskRoot%\HP\KBD\aol.dll [Hewlett-Packard Company] [Hewlett-Packard Company AOL DLL] MD5=3C45D593036FF03305DDC13DA20AF1F4 SIZE=61440
%SystemDiskRoot%\HP\KBD\url.dll [Hewlett-Packard Company] [Hewlett-Packard Company URL DLL] MD5=1EB0B0BC085F75A29AE8AA8B303306D3 SIZE=53248
%SystemDiskRoot%\HP\KBD\cfg.dll [Hewlett-Packard Company] [Hewlett-Packard Company CFG DLL] MD5=261E5E3602941656A1442B255C936B9E SIZE=94208
%SystemDiskRoot%\HP\KBD\MSIKBDIF.DLL [Hewlett-Packard Company] [Hewlett-Packard Company MSIKBDIF DLL] MD5=60DB5561F7B646FA217E9EA6561E6705 SIZE=69632
%PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdsxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=34885122C2D156C5776443259886685F SIZE=241664
%PROGRAMFILES%\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.FRA [ATI Technologies, Inc.] [ATI Desktop Component] MD5=BFAD884175D0D7B2868ED7FC5F57DFF8 SIZE=147456
%PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdxxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=D8080E1A41426B492B439BADFD7CF7E1 SIZE=73728
%PROGRAMFILES%\Google\GoogleToolbarNotifier\1.2.1128.5462\res_fr.dll [Google Inc.] [GoogleToolbarNotifier] MD5=C4D4A57E79646567F6A32EC2806B0FB1 SIZE=48128
%PROGRAMFILES%\eMule\lang\fr_FR.dll https://www.emule-project.net/home/perl/general.cgi?l=1 [eMule] MD5=25568D469C83E13838ABA4C681D5AB0D SIZE=106496
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=DA6B945E561B1D1DA67663BB45B4B868 SIZE=237568
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcxm08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=3EBB3EDCF1A700DA14805B7FD6A288FC SIZE=139264
%PROGRAMFILES%\HP\Digital Imaging\bin\hpquio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CAD04272C5E281AEEB6545C69EBAB0ED SIZE=90112
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=A4EFE0D85855F33E30C1CD486BAB83A0 SIZE=45056
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtao08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=AA5EF983E12A2D5B7AEEFFA98136D80F SIZE=61440
%PROGRAMFILES%\HP\Digital Imaging\Unload\hpiCamTA.dll [Hewlett-Packard] [TrayAppPlugin Module] MD5=B9BFE7B70C626D32C4FCD9BB7175B67F SIZE=135168
%PROGRAMFILES%\HP\Digital Imaging\Unload\HpqUnRes.dll [Hewlett-Packard] [HpqUnRes Dynamic Link Library] MD5=F290659091A0B725575BDCDD0FC84E4E SIZE=106496
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=0F8AB2E5FB7849BCFE387BD6EB21A148 SIZE=192512
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CC0F5B88FC9755E1CD35AEA3FC70C4EC SIZE=45056
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=E543125E68BD8CCD58A943D448362974 SIZE=577536
%PROGRAMFILES%\HP\Digital Imaging\bin\HpqUtil.dll [] [HpqUtil Module] MD5=0EE46AE232B9681770CDBFB230C57788 SIZE=163840
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodvd08.dll [Hewlett-Packard] [Hewlett-Packard hpodvd08] MD5=BDF3EE0F674CD7A58945188D24373A9E SIZE=219136
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSTD08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=3F40CCE88D2BFAA58AA3192AA898B12B SIZE=335872
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtap08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=17C2AB2593D15ADAA1E1B9F63B09A690 SIZE=53248
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSTD08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=F041B453ADEDADF432FE5D78A4F0F39B SIZE=253952
%PROGRAMFILES%\HP\Digital Imaging\bin\hpocxi08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=DF002BBF00D0C3126F1035B2B422C493 SIZE=262144
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcob08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=DD973D5E5B3B24ECCAFB83FD28614F74 SIZE=53248
%SYSDIR%\hpzidr12.dll [HP] [HP Dot4Rtl] MD5=0F2D53A73D27105CA5DBCBDB0AD3BC5B SIZE=266296
%SYSDIR%\hpzipr12.dll [HP] [HP PmlRtl] MD5=8DD12146838BBFA51D78A40EB34BA02B SIZE=196608
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodev08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=90B72E21BE9BAA774F1F3D8B411B6A2A SIZE=69632
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodeb08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=20A57E6E1C9EBBFBF0BF134531280A04 SIZE=200704
%PROGRAMFILES%\HP\Digital Imaging\bin\hposcn08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2447447185DDCE2678F3917151F06368 SIZE=114688
%PROGRAMFILES%\HP\Digital Imaging\bin\hpoSCN08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=B0976EBC088303556826D53FEB88C7F8 SIZE=28672
%PROGRAMFILES%\WinZip\WZQKPICK.EXE [WinZip Computing, S.L.] [WinZip] MD5=6D23B8CB307E455428A778535BE6E6D9 SIZE=394856
%PROGRAMFILES%\Wanadoo\GestionnaireInternet.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D17C66B5620142A06B7391BE20C0476 SIZE=819200
%SYSDIR%\AlertModule\AlertClient.dll [] [AlertClient Module] MD5=42893D43DB574778E05AE85C2120984F SIZE=36864
%PROGRAMFILES%\Wanadoo\DetectComponent.dll [] [Bibliothèque de liaison dynamique DetectComponent] MD5=7C0DCEDC849C2780D246977B026AB2E6 SIZE=90112
%PROGRAMFILES%\Wanadoo\SynchroDll.dll [] [Bibliothèque de liaison dynamique SynchroDll] MD5=57F451645CA64B2A3792A1B2F7629724 SIZE=53248
%PROGRAMFILES%\Wanadoo\ComComp.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D589D0436C4C2D285B3418E79E78A21 SIZE=249856
%PROGRAMFILES%\Wanadoo\WLANManager.dll [France Télécom R&D] [WLANManager] MD5=3984A309960D2173D241CB07CEDABB12 SIZE=90112
%PROGRAMFILES%\Wanadoo\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%SYSDIR%\W32N50.dll [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CF7F176E5DC77FA95AF30FE913957611 SIZE=94208
%PROGRAMFILES%\Wanadoo\GestAppFT.dll [France Télécom R&D] [Kit de Connexion et de Services] MD5=5E1EF37D7CF6658F453B7CFA268DBEE2 SIZE=151552
%PROGRAMFILES%\Wanadoo\ModifFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B5674B52F1B2026947DC6EF0248F089C SIZE=53248
%PROGRAMFILES%\Wanadoo\PMStub.dll [] [Bibliothèque de liaison dynamique PMStub] MD5=74D2A4D769D31151E1971AD2FCBCFFDA SIZE=36864
%PROGRAMFILES%\Wanadoo\PhoneManager.dll [] [Bibliothèque de liaison dynamique PhoneManager] MD5=FC02BFFAC618F14B9446FF371F92CADC SIZE=188416
%PROGRAMFILES%\Wanadoo\NDIS_Gen.dll [France Télécom R&D] [NDIS_Gen] MD5=9F436877B3566DB2302FC685AADADB0C SIZE=90112
%PROGRAMFILES%\Wanadoo\Toaster.exe [France Telecom R&D] [Application Toaster] MD5=C2D1BD2B433571ECEC29924ACE5D7C62 SIZE=69632
%PROGRAMFILES%\Wanadoo\Inactivity.exe [] [Application Inactivity] MD5=5F6DBF75D05462EED92B42376E89D9FE SIZE=32768
%PROGRAMFILES%\Wanadoo\PollingModule.exe [] [Application PollingModule] MD5=EDF02F58940FD56C12357D150F5397C0 SIZE=69632
%SYSDIR%\AlertModule\AlertModule.exe [] [Application AlertModule] MD5=68E404DB5525373FE0554ED2607F0C82 SIZE=45056
svcnet.exe []
%COMMONFILES%\RTE\RTEGPRS.EXE []
%SystemDiskRoot%\Documents and Settings\Naguib\Application Data\sgrunt\IE4321.exe []
VTTimer.exe []
deskpan.dll []
%PROGRAMFILES%\RecordNow!\shlext.dll [Sonic Solutions] [RecordNow!] MD5=49430D319CF00700CE09FB621D49BA35 SIZE=77824
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=8305E5132173A9E9CE591CAD4EB5C9B4 SIZE=122880
%PROGRAMFILES%\WinZip\wzshlstb.dll [WinZip Computing, Inc.] [WinZip] MD5=E0F4E14D74C5B06F08EA99ABD3F05F13 SIZE=5120
%PROGRAMFILES%\Illustrate\dBpowerAMP\dBShell.dll [] [dBShell Module] MD5=390966C0607669813D3DD06835D09EDA SIZE=110592
%PROGRAMFILES%\Illustrate\dBpowerAMP\dMCShell.dll [] [dMCShell Module] MD5=D796216C4F4DA0B38496E179E67FA745 SIZE=118784
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLZM.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=9BAA63DABB71CE38C91B4855CC2E6B77 SIZE=204800
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=2407FBDB9CB080E8B05928C7FB935C09 SIZE=229376
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLKEY.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=F7BE7817102BE20FF88E3346EBDD9158 SIZE=352256
%PROGRAMFILES%\MICROSOFT INTELLITYPE PRO\ITCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliType Pro] MD5=D8C2B64A3E2867B40BEF26218A06E6F7 SIZE=200704
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=F9193B5DD2235FFC6A326D866F86FB70 SIZE=335872
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=7B2061F41D0A9AEA272F276D585D58D5 SIZE=229376
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLACT.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=D1BE3E13EDC5594148586669686170F4 SIZE=176128
%PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=9457A8B86B3027CE486A02EDD4A0CB1C SIZE=348160
%PROGRAMFILES%\WinRAR\rarext.dll [] MD5=7801791108C9FA442DD48BCD98869F21 SIZE=126464
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=07B1FF45EDD4845DF545049EAF2CD1BC SIZE=323584
%SYSDIR%\drivers\ALCXSENS.SYS [Sensaura Ltd] MD5=FBBCB95F677CBAA924140B6EA2D9A97B SIZE=391424
%SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows (R) WDM driver for Realtek AC'97 Audio] MD5=ADE678F1AC512A463D5CF73D99A396FC SIZE=538236
%SYSDIR%\DRIVERS\CDAC15BA.SYS [Macrovision Europe Ltd] [Security Windows NT] MD5=08F60F40D1A2A95A1F12EDDBD9F25C1C SIZE=12464
%SYSDIR%\DRIVERS\HSFHWBS2.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=128EF741B2293C36810561092B566B1C SIZE=210304
%SYSDIR%\DRIVERS\HSF_DP.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=9A0D0C461EF2B3D80CB7875B4B995E47 SIZE=1042816
%SYSDIR%\drivers\ikfilesec.sys [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=BB07262041A213FEA5FCCF0A9F90D85A SIZE=41288
%SYSDIR%\drivers\iksysflt.sys [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=1C670FA74A86B3689A314139C67814AE SIZE=56832
%SYSDIR%\drivers\iksyssec.sys [PCTools Research Pty Ltd.] [Spyware Doctor] MD5=DDD207288DD498D6E47A321EC399966B SIZE=74240
%PROGRAMFILES%\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL PRO\KAVSVC.EXE [Kaspersky Lab] [Kaspersky Anti-Virus Personal Pro] MD5=0C2D752D8B08F16F8874DD5D1C1B0493 SIZE=958570
%SYSDIR%\drivers\kl1.sys [Kaspersky Lab] [Kaspersky Anti-Virus Personal] MD5=6D24150141F1CE115552BA3F113B04F3 SIZE=18795
%SYSDIR%\drivers\klif.sys [Kaspersky Labs] [KLIF] MD5=A5FC754236FB0DEC1C370CB545C49D51 SIZE=129808
%SYSDIR%\drivers\klmc.sys [Kaspersky Lab] [Kaspersky Anti-Virus Personal Pro] MD5=4A66C7190B9705384DBB9279B4F2312B SIZE=10995
%SYSDIR%\PCANDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CEEF86CB35ABE95C40A88784F5B631AD SIZE=16128
%SYSDIR%\DRIVERS\PPPoEWin.SYS [Friendly Technologies] [PPPoE Protocol Driver] MD5=8AE03E978BC99F31AE31B183CD373951 SIZE=104375
%SYSDIR%\DRIVERS\PS2.sys [Hewlett-Packard Company] [Hewlett-Packard Company PS2 SYS] MD5=9B793A1FFD480155FE9EE5261153F21B SIZE=23808
%SYSDIR%\DRIVERS\SISAGPX.sys [Silicon Integrated Systems Corporation] [SiS AGPv3.5 Filter for Windows XP] MD5=61CA562DEF09A782D26B3E7EDEC5369A SIZE=36992
%SYSDIR%\DRIVERS\srvkp.sys [Silicon Integrated Systems Corporation] [SiS (R) WindowsXP Display Manager] MD5=7EF8E5C266133638E7E06BE03FCBEFF3 SIZE=11392
%SYSDIR%\DRIVERS\sisnic.sys [SiS Corporation] [NDIS 5.1 NIC Driver] MD5=5529B51AACFF16FBDDE4B34FF0AF2B76 SIZE=32768
%SYSDIR%\DRIVERS\HSF_CNXT.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=CE545A84BF3411E7516FA8DA51AD9D93 SIZE=679808
%SYSDIR%\systray.exe []
End of Report
Salut,bonjour,
Si j'ai bien interprété votre rapport de "Spyware Terminator" vous faites du P2P (de pire en pire) [Peer to Peer] avec e-mule et vous vous intéressez beaucoup à la musique (dBpowerAmp). L'échange de fichiers (P2P) implique que l'on installe un logiciel sur son disque dur qui permets que d'autres utilisateurs se connectent sur votre ordinateur (disque dur) en l'employant comme plate-forme d'échanges. Tel que vous faites aussi avec les autres utilisateurs d'e-mule.
Il se peut que vous ayez tellement de visites sur votre ordinateur que votre ordinateur cède sous cette grande utilisation et n'est plus capable de travailler convenablement.
Ma proposition :
A: Télécharger et installer "HijackThis" à l'adresse URL : https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
B: Didacticiel "HijackThis" ici (à imprimer svp) : http://www.internetmonitor.lu/download/hijackthis_24082006.pdf
Dans le didacticiel, au lieu de faire vous même l'analyse comme montré, envoyez svp le rapport ici sur le forum. J'essayerais de l'interpréter.
Après faites ceci svp :
1.) Débrancher Internet.
2.) Passer en mode sans échec (décrit ci-dessus comment faire / lien).
3.) Essayer de lancer "CCleaner" et faire le ménage.
4.) Relancer "Spyware Terminator" et liquider tout ce qu'il trouve.
5.) Relancer " as quared" et mettre en quarantaine tout ce qu'il trouve.
6.) Donnez-moi les résultats obtenus svp.
P.S.: N'oubliez pas non plus de télécharger la dernière mise à jour de FIREFOX qui est 2.0.0.11 et vous êtes à la version 2.0.0.2 !!!
A+
Cordialement :
Webwizard
Si j'ai bien interprété votre rapport de "Spyware Terminator" vous faites du P2P (de pire en pire) [Peer to Peer] avec e-mule et vous vous intéressez beaucoup à la musique (dBpowerAmp). L'échange de fichiers (P2P) implique que l'on installe un logiciel sur son disque dur qui permets que d'autres utilisateurs se connectent sur votre ordinateur (disque dur) en l'employant comme plate-forme d'échanges. Tel que vous faites aussi avec les autres utilisateurs d'e-mule.
Il se peut que vous ayez tellement de visites sur votre ordinateur que votre ordinateur cède sous cette grande utilisation et n'est plus capable de travailler convenablement.
Ma proposition :
A: Télécharger et installer "HijackThis" à l'adresse URL : https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
B: Didacticiel "HijackThis" ici (à imprimer svp) : http://www.internetmonitor.lu/download/hijackthis_24082006.pdf
Dans le didacticiel, au lieu de faire vous même l'analyse comme montré, envoyez svp le rapport ici sur le forum. J'essayerais de l'interpréter.
Après faites ceci svp :
1.) Débrancher Internet.
2.) Passer en mode sans échec (décrit ci-dessus comment faire / lien).
3.) Essayer de lancer "CCleaner" et faire le ménage.
4.) Relancer "Spyware Terminator" et liquider tout ce qu'il trouve.
5.) Relancer " as quared" et mettre en quarantaine tout ce qu'il trouve.
6.) Donnez-moi les résultats obtenus svp.
P.S.: N'oubliez pas non plus de télécharger la dernière mise à jour de FIREFOX qui est 2.0.0.11 et vous êtes à la version 2.0.0.2 !!!
A+
Cordialement :
Webwizard
Bonsoir a Vous
Le fameux rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:50:10, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\windows\system\hpsysdrv.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Evaluation Service - Evalution Customer - C:\Program Files\Fichiers communs\Evalution Customer Shared\Service\Evaluation Service FileName.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
Le fameux rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:50:10, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\windows\system\hpsysdrv.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Evaluation Service - Evalution Customer - C:\Program Files\Fichiers communs\Evalution Customer Shared\Service\Evaluation Service FileName.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
Pardon je veux dire
Le Hijackthis de intermonitor a les effets similaire a CCleaner ...
Mon ordinateur est posseder docteur ?
Le Hijackthis de intermonitor a les effets similaire a CCleaner ...
Mon ordinateur est posseder docteur ?
Salut, bonjour,
Il faut absolument "fixer" ceci :
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
Cela veut dire que tu relances encore une fois "HijackThis" et qu'ensuite tu recherches l'entrée mentionnée ci-dessus (023-....). Ensuite tu coches la case à gauche de cette entrée et tu clicques sur le bouton "Fix checked".
Même chose pour :
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
Ensuite n'oublies pas de désinstaller "Spyware Terminator" sinon son antivirus sera en concurrence directe avec ton autre antivirus.
Bon, je vais faire "dodo" maintenant. Chez moi il fait maintenant 01:00 am. À demiain.
Cordialement :
Webwizard
Il faut absolument "fixer" ceci :
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
Cela veut dire que tu relances encore une fois "HijackThis" et qu'ensuite tu recherches l'entrée mentionnée ci-dessus (023-....). Ensuite tu coches la case à gauche de cette entrée et tu clicques sur le bouton "Fix checked".
Même chose pour :
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
Ensuite n'oublies pas de désinstaller "Spyware Terminator" sinon son antivirus sera en concurrence directe avec ton autre antivirus.
Bon, je vais faire "dodo" maintenant. Chez moi il fait maintenant 01:00 am. À demiain.
Cordialement :
Webwizard
Rapport du scan apres que j'ai fixé
-O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
-O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) -
Mon anti-virus n'a plus ses mises a jours quotidienne je suis obligé de désisntaller spyware terminator ?
-O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
-O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) -
Mon anti-virus n'a plus ses mises a jours quotidienne je suis obligé de désisntaller spyware terminator ?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:37, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Evaluation Service - Evalution Customer - C:\Program Files\Fichiers communs\Evalution Customer Shared\Service\Evaluation Service FileName.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
Scan saved at 11:27:37, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Evaluation Service - Evalution Customer - C:\Program Files\Fichiers communs\Evalution Customer Shared\Service\Evaluation Service FileName.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
B'jour
Hum sinon pour CCleaner j'ai remarqué que C'est internet explorere qui bloque et m'ouvre une nouvelle fenetre
J'ai cliqué sur telechargé le fichier mais il n'en tient pas compte et m'ouvre une nouvelle fenetre
Cordialement :
Menfire
Hum sinon pour CCleaner j'ai remarqué que C'est internet explorere qui bloque et m'ouvre une nouvelle fenetre
J'ai cliqué sur telechargé le fichier mais il n'en tient pas compte et m'ouvre une nouvelle fenetre
Cordialement :
Menfire
Salut, bonjour,
"Fixe" encore ceci et refais un test :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Il me semble que tu es victime d'un "détournement de navigateur" (browser hijacking) !!!
Si tu n'arrives toujours pas après ça à ouvrir un fichier et un document téléchargé, je te suggères d'utiliser "Firefox" pour le faire. Et après contacte-moi svp.
!!!! Et Spyware Terminator" il faut le désinstaller maintenant !!!
Bonne continuation.
Cordialement :
Webwizard
"Fixe" encore ceci et refais un test :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Il me semble que tu es victime d'un "détournement de navigateur" (browser hijacking) !!!
Si tu n'arrives toujours pas après ça à ouvrir un fichier et un document téléchargé, je te suggères d'utiliser "Firefox" pour le faire. Et après contacte-moi svp.
!!!! Et Spyware Terminator" il faut le désinstaller maintenant !!!
Bonne continuation.
Cordialement :
Webwizard
Bonsoir mon sauveur !
Oui en effet lors du scan il a detecté (browser hijacking) !
Tu as télécharger des jeux crakés, c'est bien ça ?
Effectivement un ami ma installer un jeu craké ainsi que mon anti-virus Kaspersky , mais il y a de cela un petit moment .
Voila le rapport de Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40:10, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Evaluation Service - Evalution Customer - C:\Program Files\Fichiers communs\Evalution Customer Shared\Service\Evaluation Service FileName.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
Oui en effet lors du scan il a detecté (browser hijacking) !
Tu as télécharger des jeux crakés, c'est bien ça ?
Effectivement un ami ma installer un jeu craké ainsi que mon anti-virus Kaspersky , mais il y a de cela un petit moment .
Voila le rapport de Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40:10, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qfr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Evaluation Service - Evalution Customer - C:\Program Files\Fichiers communs\Evalution Customer Shared\Service\Evaluation Service FileName.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
