iexplore virus

Question

Bonjour,

Je suis sur le PC de ma petite amie, qui a l'air infecté par un virus. Je n'y ai malheureusement pas plein accès vu que toute sa famille s'en sert.

Je cherche donc à supprimer le virus qui lance un iexplore.exe sans avoir à trop poster de rapports ou trop télécharger (je penses aux rapports ijack...)

Elle se sert du navigateur Orange (ils veulent pas s'en séparer '^^) et pourtant il y un iexplore.exe de lancé qui lui prend de la mémoire vive.

Avez vous une solution simple et rapide?

Merci d'avance

Utilisateur anonyme · Answer

salut

telecharge hijackthis fait un scan et colle moi le log

Sildar · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:21:20, on 30/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\system32	askmgr.exe
C:\DOCUME~1\Maeva\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DD7F5F74432D3CCE - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [HotbarOE] C:\Program Files\Hotbar\bin\10.0.342.0\OEAddOn.exe
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\10.0.342.0\HotbarSA.exe"
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Love default global mess] C:\Documents and Settings\All Users\Application Data\great coal love default\online wave.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Bolddownload] C:\DOCUME~1\Maeva\APPLIC~1\SUPPOR~1\Insidestart.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Bootvis.lnk = G:\demarrage rapide\Bootvis_Sleep.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a8c222d840c04c54a9b1865b2a775523
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a8c222d840c04c54a9b1865b2a775523
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 81.253.149.9 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 81.253.149.9 80.10.246.3
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Utilisateur anonyme · Answer

d'apres le rapport tu as 6 virus coches les lignes:

O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DD7F5F74432D3CCE - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll (file missing)

O4 - HKLM\..\Run: [HotbarOE] C:\Program Files\Hotbar\bin\10.0.342.0\OEAddOn.exe
	
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\10.0.342.0\HotbarSA.exe

O4 - HKLM\..\Run: [Love default global mess] C:\Documents and Settings\All Users\Application Data\great coal love default\online wave.exe

O4 - HKCU\..\Run: [Bolddownload] C:\DOCUME~1\Maeva\APPLIC~1\SUPPOR~1\Insidestart.exe

O4 - HKCU\..\Run: [Bolddownload] C:\DOCUME~1\Maeva\APPLIC~1\SUPPOR~1\Insidestart.exe

uis clic sur fixcheked

Sildar · Answer

C'est fait (même si les deux dernières lignes données sont identiques, non?)

Voici le nouveau rapport

iexplore est encore là (il faut reboot je suppose?)

J'ajoute que parfois, des fenêtres iexplore se lancent inopinément et affichent des pubs diverses.

Voilà le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31:18, on 30/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\system32	askmgr.exe
C:\DOCUME~1\Maeva\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Bootvis.lnk = G:\demarrage rapide\Bootvis_Sleep.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a8c222d840c04c54a9b1865b2a775523
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a8c222d840c04c54a9b1865b2a775523
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 81.253.149.9 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 81.253.149.9 80.10.246.3
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Utilisateur anonyme · Answer

telecharge spyware terminator mes le a jours puis fait un scan

Sildar · Answer

Le scan est lancé,

Je poste quand ce sera finis.

Merci pour l'aide et à plus tard...

EDIT: déjà 9 objets de reconnus :S

Utilisateur anonyme · Answer

ok

Sildar · Answer

Il m'a supprimé plusieurs dossiers.

Voici le rapport.

Je précise qu'après avoir arrêté manuellement le processus iexplore.exe , on m'affiche toujours une fenêtre "basculer vers" qui a pour effet d'ouvrir la barre "démarrer". Le même message apparaît une dizaine de fois.

En esperant que ces infos puissent aider.

Voici le rapport

Logfile of Spyware Terminator v2.0.1.224 (db:1.0.064.827)
Scan Time: 30/12/2007 17:47:38 length: 538 s
Platform: Windows XP Home Service Pack 2 (WINNT 5.1.2600)
User: Limited
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 29577 (Critical:7)
Filter: No System items, No Safe items

Running Processes
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
FTRTSVC.exe [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
optproxy.exe [Contrôle Parental] : C:\Program Files\Controle Parental\bin\optproxy.exe
xcommsvr.exe [SOFTWIN S.R.L] : C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
bdss.exe : C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
livesrv.exe [SOFTWIN S.R.L.] : C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
vsserv.exe [SOFTWIN S.R.L.] : C:\Program Files\Softwin\BitDefender10\vsserv.exe
bdmcon.exe [SOFTWIN S.R.L.] : C:\Program Files\Softwin\BitDefender10\bdmcon.exe
bdagent.exe [SOFTWIN S.R.L.] : C:\Program Files\Softwin\BitDefender10\bdagent.exe
CameraFixer.exe : C:\WINDOWS\CameraFixer.exe
vsnpstd3.exe : C:\WINDOWS\vsnpstd3.exe
WMAAD.exe [Sony Corporation] : C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
TaskBarIcon.exe [France Télécom R&D] : C:\Program Files\Wanadoo\TaskBarIcon.exe
GestionnaireInternet.exe [France Télécom R&D] : C:\Program Files\Wanadoo\GestionnaireInternet.exe
ComComp.exe [France Télécom R&D] : C:\Program Files\Wanadoo\ComComp.exe
SonyTray.exe [Sony Corporation] : C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Residence.exe [Sony Corporation.] : C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
wkcalrem.exe [Microsoft® Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
Watch.exe [France Télécom R&D] : C:\Program Files\Wanadoo\Watch.exe
AlertModule.exe : C:\WINDOWS\system32\AlertModule\AlertModule.exe
WOOBrowser.exe : C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe

Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar =
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://resultsmaster.com/...
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found
02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found
02 - BHO: - {{FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
02 - BHO: - {e2e2dd38-d088-4134-82b7-f2ba38496583} - File not found

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOKIT : [France Télécom R&D] : C:\Program Files\Wanadoo\GestMAJ.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BDMCon : [SOFTWIN S.R.L.] : C:\Program Files\Softwin\BitDefender10\bdmcon.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BDAgent : [SOFTWIN S.R.L.] : C:\Program Files\Softwin\BitDefender10\bdagent.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CameraFixer : : C:\WINDOWS\CameraFixer.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, snpstd3 : : C:\WINDOWS\vsnpstd3.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WMAAD : [Sony Corporation] : C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WOOTASKBARICON : [France Télécom R&D] : C:\Program Files\Wanadoo\GestMAJ.exe
04 - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs : : C:\WINDOWS\system32\sockspy.dll
04 - Startup: %START_PROGRAMSALL%\Démarrage\Picture Package Menu.lnk [Sony Corporation] : C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
04 - Startup: %START_PROGRAMSALL%\Démarrage\Picture Package VCD Maker.lnk [Sony Corporation.] : C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
04 - Startup: %START_PROGRAMSALL%\Démarrage\Rappels du Calendrier Microsoft Works.lnk [Microsoft® Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe

Shell Extensions
Extension Affichage Panorama du Panneau de configuration - {42071714-76d4-11d1-8b24-00a0c9068ff3} - : deskpan.dll
- {764BF0E1-F219-11ce-972D-00AA00A14F56} - File not found
- {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - File not found
Barre des tâches et menu Démarrer - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
Comptes d'utilisateurs - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
BDMenu Class - {D653647D-D607-4DF6-A5B8-48D2BA195F7B} - : C:\Program Files\Softwin\BitDefender10\bdshelxt.dll
Outlook File Icon Extension - {0006F045-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office\OLKFSTUB.DLL
- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} - [Sun Microsystems, Inc.] : C:\Program Files\OPENOFFICE.ORG 2.0\PROGRAM\SHLXTHDL.DLL
- {087B3AE3-E237-4467-B8DB-5A38AB959AC9} - [Sun Microsystems, Inc.] : C:\Program Files\OPENOFFICE.ORG 2.0\PROGRAM\SHLXTHDL.DLL
- {63542C48-9552-494A-84F7-73AA6A7C99C1} - [Sun Microsystems, Inc.] : C:\Program Files\OPENOFFICE.ORG 2.0\PROGRAM\SHLXTHDL.DLL
- {3B092F0C-7696-40E3-A80F-68D74DA84210} - [Sun Microsystems, Inc.] : C:\Program Files\OPENOFFICE.ORG 2.0\PROGRAM\SHLXTHDL.DLL
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
Image Converter context menu - {C6643EC0-49AC-4c15-A455-04104DB900A9} - : C:\Program Files\Sony\IMAGE CONVERTER 3\CtxMenu.dll

Protocol Handler
Microsoft Infotech Storage 5.1 Protocol for IE 4.0 - {F6F1E82D-DE4D-11D2-875C-0000F8105754} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\itss51.dll
MSFT RefBU IE4+ Pluggable Protocol - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - : C:\Program Files\Fichiers communs\Microsoft Shared\Reference Titles\msref.dll

Winsock 2
: C:\Program Files\Controle Parental\bin\lsp.dll

Services
23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
23 - : C:\Program Files\SOFTWIN\BITDEFENDER10\BDFDLL.SYS
23 - : C:\Program Files\SOFTWIN\BITDEFENDER10\BDFSDRV.SYS
23 - : C:\Program Files\SOFTWIN\BITDEFENDER10\BDRSDRV.SYS
23 - : C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
23 - [Analog Devices Inc.] : C:\WINDOWS\system32\DRIVERS\e4usbaw.sys
23 - [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
23 - [SOFTWIN S.R.L.] : C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
23 - [Contrôle Parental] : C:\Program Files\Controle Parental\bin\optproxy.exe
23 - [Sonix Co. Ltd.] : C:\WINDOWS\system32\DRIVERS\snpstd3.sys
23 - [AntiCracking] : C:\WINDOWS\system32\STEC3.SYS
23 - [VIA Technologies inc,.ltd] : C:\WINDOWS\system32\DRIVERS\viamraid.sys
23 - [SOFTWIN S.R.L.] : C:\Program Files\Softwin\BitDefender10\vsserv.exe
23 - [SOFTWIN S.R.L] : C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll

IE URL Search Hooks
Search Class - {{08C06D61-F1F3-4799-86F8-BE1A89362C85}} - : C:\Program Files\Wanadoo\SearchPageURL.dll

Threat Files
<AdWare.MailSkinner> : C:\Program Files\MailSkinner\MailSkinner.exe \puninstall

Advanced Files Report
%SYSDIR%\Ati2evxx.dll [ATI Technologies Inc.] [ATI External Event Utility for NT, W2K and W9X] MD5=FA989584622950706701C1D5CA77704B SIZE=61440
%SYSDIR%\Ati2evxx.exe [ATI Technologies Inc.] [ATI External Event Utility for WindowsNT and Windows9X] MD5=D6C058E35B19F2999966E85433AFD760 SIZE=352256
%SYSDIR%\Ati2edxx.dll [ATI Technologies, Inc.] [ATI External Device Utility] MD5=BBC67A22E3E59E9DB7D7B217FC53B8C9 SIZE=39936
%PROGRAMFILES%\Controle Parental\bin\lsp.dll [] MD5=154BF0950AF37E0B65A979319FD532FC SIZE=75744
%SYSDIR%\FTRTSVC.exe [France Telecom] [FTRTSVC NT Service] MD5=D1261099E03EEE90976EA19002995B89 SIZE=40960
%SYSDIR%\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%PROGRAMFILES%\Controle Parental\bin\optproxy.exe [Contrôle Parental] [Contrôle Parental] MD5=00AE7D2F971DAA51A94E5DBF471BAA38 SIZE=564400
%PROGRAMFILES%\Controle Parental\bin\filtro_dll.dll [] MD5=57E085A873FCD05A9F9C78BA92545CFE SIZE=711872
%PROGRAMFILES%\Controle Parental\bin\pwd.dll [Optenet SA] [pwd Dynamic Link Library] MD5=D3B807D9CC5802F58B8D09FDD052603D SIZE=354672
%SYSDIR%\CNQU70.DLL [CANON INC.] [ScanGear CS] MD5=F808ACD68823F0A0B201090F0C424D87 SIZE=36864
%SYSDIR%\N067UFW.DLL [CANON INC.] [ScanGear] MD5=8AF97042F324ABB2ACD74AEB09FC77D6 SIZE=339968
%COMMONFILES%\Softwin\BitDefender Communicator\xcommsvr.exe [SOFTWIN S.R.L] [Softwin BitDefender Communicator Server] MD5=5DC7B7F1DD7B9ED4066A6B065F0CE329 SIZE=86016
%COMMONFILES%\Softwin\BitDefender Scan Server\bdss.exe [] MD5=A20EB9A2772C8D2130FF10783E9B42EA SIZE=81920
%SYSDIR%\XCOMM.dll [Softwin] [Softwin BitDefender Communicator] MD5=E4BFBEE58C3F20F4A22A206DFD6E21CB SIZE=77824
%COMMONFILES%\Softwin\BitDefender Scan Server\bdcore.dll [SOFTWIN SRL] [bdcore.dll] MD5=24E43F50971EF782CD7565511C6FC52C SIZE=180224
%COMMONFILES%\Softwin\BitDefender Scan Server\bdsubmit.dll [SOFTWIN] [BitDefender Submission] MD5=3DE2E1B30203A2F3DB3E5D1C3B6354EB SIZE=188416
%COMMONFILES%\Softwin\BitDefender Scan Server\libfn.dll [] MD5=39386D1ECA5A53035630FB191E4E91BB SIZE=130560
%COMMONFILES%\Softwin\BitDefender Scan Server\avxdisk.dll [] MD5=686927D99E35411B0EED9E8E9B7134EA SIZE=45056
%COMMONFILES%\Softwin\BitDefender Update Service\livesrv.exe [SOFTWIN S.R.L.] [BitDefender 10] MD5=6BF9E4B716E6A57B811277F51A283EA8 SIZE=233472
%COMMONFILES%\Softwin\BitDefender Update Service\HTTPGETF.dll [] MD5=B1653072CD2F8FFD4D972A9925379541 SIZE=69632
%COMMONFILES%\Softwin\BitDefender Update Service\zlib.dll [] [ZLib.DLL] MD5=87EDDCEB9D22C129E386E652C5CDA521 SIZE=53760
%COMMONFILES%\Softwin\BitDefender Update Service\bdch.dll [SOFTWIN] [BitDefender Crash Handler] MD5=D58A9D9D0110CFA449E9F11221523CDE SIZE=40960
%COMMONFILES%\Softwin\BitDefender Update Service\bdsubmit.dll [SOFTWIN] [BitDefender Submission] MD5=3DE2E1B30203A2F3DB3E5D1C3B6354EB SIZE=188416
%PROGRAMFILES%\ScanSoft\OmniPageSE\ophook32.dll [ScanSoft, Inc] [OmniPage SE] MD5=3DF171C721EF565226F82F6C7E5C408F SIZE=167936
%PROGRAMFILES%\Softwin\BitDefender10\bdoe.dll [SOFTWIN S.R.L.] [Bitdefender 8] MD5=B72C3A420ABA1953563D9B058545BEE5 SIZE=126976
%PROGRAMFILES%\Softwin\BitDefender10\BDUtils.dll [] [BDUtils Dynamic Link Library] MD5=25221CCA34C192EBBAF37497F5018C40 SIZE=40960
%PROGRAMFILES%\Softwin\BitDefender10\vsserv.exe [SOFTWIN S.R.L.] [BitDefender 10] MD5=2086EA85A3E11809F8BE578E459C82A3 SIZE=389120
%PROGRAMFILES%\Softwin\BitDefender10\zlib.dll [] [ZLib.DLL] MD5=87EDDCEB9D22C129E386E652C5CDA521 SIZE=53760
%PROGRAMFILES%\Softwin\BitDefender10\procinf.dll [] MD5=EA8FACB388E45EF8187CC7A997FBC17F SIZE=77824
%PROGRAMFILES%\Softwin\BitDefender10\mimeinf.dll [] MD5=09F3215D2162E6B72C09D1C70FD77735 SIZE=49152
%PROGRAMFILES%\Softwin\BitDefender10\bdch.dll [SOFTWIN] [BitDefender Crash Handler] MD5=D58A9D9D0110CFA449E9F11221523CDE SIZE=40960
%PROGRAMFILES%\Softwin\BitDefender10\bdsubmit.dll [SOFTWIN] [BitDefender Submission] MD5=3DE2E1B30203A2F3DB3E5D1C3B6354EB SIZE=188416
%PROGRAMFILES%\Softwin\BitDefender10\librtvr.dll [Softwin SRL] [librtvr.dll] MD5=7881E13A4B3A4913E23C17F4A6BD2490 SIZE=9216
%PROGRAMFILES%\Softwin\BitDefender10\bdfdll_x86.dll [] MD5=E9E1F4E3C5DB7AE94ACC1B1633CC71DB SIZE=69632
%PROGRAMFILES%\Softwin\BitDefender10\privscan.dll [SOFTWIN S.R.L.] [Bitdefender 10] MD5=0BA7D3955B1A6CBA6F4E2B6C0D3EA755 SIZE=73728
%PROGRAMFILES%\Softwin\BitDefender10\quarcore.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=8D1373B3C6164673A644FCCF6705F2B6 SIZE=86016
%PROGRAMFILES%\Softwin\BitDefender10\as2core.dll [SOFTWIN S.R.L.] [BitDefender] MD5=D477923CFD048DCE950D0FA2E80AC2C2 SIZE=176128
%PROGRAMFILES%\Softwin\BitDefender10\asemlbr.mdl [] MD5=B441E83ACD45F098B82AD73876F327BF SIZE=225280
%PROGRAMFILES%\Softwin\BitDefender10\asemldsp.mdl [] MD5=44D9BE18A1F5D6164A1087D502E4BA4F SIZE=106496
%PROGRAMFILES%\Softwin\BitDefender10\asemlf.mdl [] MD5=FD6DAF9679EE82B179A4A687A263804D SIZE=233472
%PROGRAMFILES%\Softwin\BitDefender10\asemlimg.mdl [] MD5=599912A4D6164EA43C9A2649922FCCBF SIZE=90112
%PROGRAMFILES%\Softwin\BitDefender10\asemlnn.mdl [] MD5=9FBD2C3C166E82FBCCB8D33FC798F722 SIZE=413696
%PROGRAMFILES%\Softwin\BitDefender10\ashttpbr.mdl [] MD5=31585280DEEE591895B8A3942380AAAE SIZE=94208
%PROGRAMFILES%\Softwin\BitDefender10\ashttpdsp.mdl [] MD5=AA5486BBBED9ADE55CABD51B2D70F1FA SIZE=57344
%PROGRAMFILES%\Softwin\BitDefender10\ashttpf.mdl [] MD5=622A6FC274525CC16A30A4A65C9C40D4 SIZE=86016
%PROGRAMFILES%\Softwin\BitDefender10\mimepack.dll [] MD5=55EB720BBB45AF3BDA541B743290D442 SIZE=57344
%SYSDIR%\XRegLib.dll [] MD5=4CA3CE6F4C15B2CBC1B02931033A2998 SIZE=503808
%PROGRAMFILES%\Softwin\BitDefender10\iconv.dll [Free Software Foundation] [libiconv: character set conversion library] MD5=0EFDEADBB051451B3AD664D1434FD847 SIZE=888832
%PROGRAMFILES%\Softwin\BitDefender10\asregex.dll [] MD5=23754ECA702D59DD93C5F0179D0DA8EB SIZE=126976
%PROGRAMFILES%\Softwin\BitDefender10\sch_serv.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=2E4D992E31F48C9361DDDFCCA7649CE7 SIZE=98304
%PROGRAMFILES%\Softwin\BitDefender10\txmlx.dll [Softwin] [txmlx Dynamic Link Library] MD5=514BF8155637C10C4FDEFAE9CCF6E951 SIZE=110592
%PROGRAMFILES%\Softwin\BitDefender10\libmpack.dll [BitDefender] [libmpack Dynamic Link Library] MD5=E60F0A8D9FD4C9C005CC0E9A07404EAF SIZE=102400
%PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdsxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=F38B870F0C35450431B6BD48FFB46CAE SIZE=258048
%PROGRAMFILES%\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.FRA [ATI Technologies, Inc.] [ATI Desktop Component] MD5=844D32F68DB6177612DE361CEEB61579 SIZE=159744
%PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdxxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=2B01897F38E1C19E033FDFA2C89C9CFB SIZE=73728
%PROGRAMFILES%\Google\Google Desktop Search\GoogleDesktopCommon.dll [Google] [Google Desktop] MD5=6711F9E6AFD8847DA19F834CD16A2E60 SIZE=125440
%PROGRAMFILES%\Google\Google Desktop Search\GoogleDesktopResources_fr.dll [Google] [Google Desktop] MD5=F6EF91B461D2D65E71C43ECE9A82BFF7 SIZE=534016
%PROGRAMFILES%\Softwin\BitDefender10\TxTools.dll [SOFTWIN S.R.L] [BitDefender 8] MD5=830F4EB973361F9AA525EAE0D9944003 SIZE=90112
%PROGRAMFILES%\Softwin\BitDefender10\bdGUICtl.dll [Softwin] [BDGUI Dynamic Link Library] MD5=B7F7E53340BEC692EFE081187D9368CA SIZE=421888
%PROGRAMFILES%\Softwin\BitDefender10\NAG.dll [TODO: <Company name>] [TODO: <Product name>] MD5=1A87C2840D11800BAA4958D93511AED9 SIZE=53248
%PROGRAMFILES%\Softwin\BitDefender10\popup.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=E15ABC11618B6BEE0891BB694C7E2D46 SIZE=65536
%PROGRAMFILES%\Softwin\BitDefender10\agentreg.dll [TODO: <Company name>] [TODO: <Product name>] MD5=263CD54360D8EB8724D2C6AFA15D3236 SIZE=143360
%PROGRAMFILES%\Softwin\BitDefender10\getfile.dll [] MD5=32DC985508005C8A886EA400D43C71C4 SIZE=68096
%PROGRAMFILES%\Softwin\BitDefender10\bdusers.dll [TODO: <Company name>] [TODO: <Product name>] MD5=D75F9DCD6A1EEEA120F87FD2ABA6232C SIZE=12800
%PROGRAMFILES%\Softwin\BitDefender10\main.dll [SOFTWIN S.R.L.] [Main Dynamic Link Library] MD5=2E6A5C2B12443103DF49232BD777F8C5 SIZE=569344
%PROGRAMFILES%\Softwin\BitDefender10\antivirus.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=423DCDAAC8CC0AD2DEC42C69F2D466ED SIZE=45056
%PROGRAMFILES%\Softwin\BitDefender10\firewall.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=CD142736C11D8ACF006859FB7B67A0A6 SIZE=176128
%PROGRAMFILES%\Softwin\BitDefender10\Wizards.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=56E47E22728497256871006B036A306B SIZE=159744
%PROGRAMFILES%\Softwin\BitDefender10\dbokf.dll [SOFTWIN] [BitDefender] MD5=529D3E717EC8236E7E9173F6647519EA SIZE=57344
%PROGRAMFILES%\Softwin\BitDefender10\antispam.dll [SOFTWIN S.R.L] [BitDefender 10] MD5=702EFDDF3D18336FB9C3496B5005D25D SIZE=118784
%PROGRAMFILES%\Softwin\BitDefender10\antispy.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=AE21139C6837DDB5FD066D2C95BFBABA SIZE=57344
%PROGRAMFILES%\Softwin\BitDefender10\live.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=5601C7590B861729E0009257CD52AA5E SIZE=167936
%PROGRAMFILES%\Softwin\BitDefender10\vshield.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=263F346F9FE428BDBBF6B925EEBBB537 SIZE=307200
%PROGRAMFILES%\Softwin\BitDefender10\vscan.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=A6C5B600286371FD3C881601CEE1F6D3 SIZE=364544
%PROGRAMFILES%\Softwin\BitDefender10\quar.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=7F3B22D0D80CD0311D40589D98936CC4 SIZE=274432
%PROGRAMFILES%\Softwin\BitDefender10\bwlist.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=6338AEFA20187B264F4D92A0828ED58E SIZE=233472
%PROGRAMFILES%\Softwin\BitDefender10\ashield.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=A23477240100905EEB222D3F9F9EC302 SIZE=172032
%PROGRAMFILES%\Softwin\BitDefender10\privintf.dll [SOFTWIN S.R.L.] [Bitdefender 10] MD5=D689FD0018C1FC5D76BF0EAA168B93FF SIZE=110592
%PROGRAMFILES%\Softwin\BitDefender10\sysinfo.dll [SOFTWIN S.R.L.] [BitDefender 10] MD5=3DCBC52E2B22C0D26CBADFEE5FAC2300 SIZE=253952
%PROGRAMFILES%\Wanadoo\TaskBarIcon.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=F9710A77123CC3FD09D062F2AF33E473 SIZE=61440
%PROGRAMFILES%\Wanadoo\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=F0AD5EF11EF655967F3C0A88DF01D5F3 SIZE=24576
%PROGRAMFILES%\Wanadoo\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=CF37736CBAD53E318A683DCA8E669887 SIZE=626688
%PROGRAMFILES%\Wanadoo\skin\Default\main\ResourceStyle.dll [] [Kit Wanadoo] MD5=3D2D10363FA3338A97AC6578FFB25E6A SIZE=1855488
%PROGRAMFILES%\Wanadoo\WooIHMF.dll [France Télécom R&D] [Gestionnaire Internet] MD5=705E58E5E33C66D043B3E7596223CC66 SIZE=278528
%PROGRAMFILES%\Wanadoo\GestionnaireInternet.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D17C66B5620142A06B7391BE20C0476 SIZE=819200
%SYSDIR%\AlertModule\AlertClient.dll [] [AlertClient Module] MD5=42893D43DB574778E05AE85C2120984F SIZE=36864
%PROGRAMFILES%\Wanadoo\DetectComponent.dll [] [Bibliothèque de liaison dynamique DetectComponent] MD5=7C0DCEDC849C2780D246977B026AB2E6 SIZE=90112
%PROGRAMFILES%\Wanadoo\SynchroDll.dll [] [Bibliothèque de liaison dynamique SynchroDll] MD5=57F451645CA64B2A3792A1B2F7629724 SIZE=53248
%PROGRAMFILES%\MSN Messenger\MSIMG32.dll [Patchou] [Messenger Plus! Live] MD5=5F7A347E9D601E767EC69097C1EECDB2 SIZE=59728
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLive.dll [Patchou] [Messenger Plus! Live] MD5=EBAAB228C847F6AFE0FB990514CA2A31 SIZE=3291472
%PROGRAMFILES%\Messenger Plus! Live\Detoured.dll [] MD5=6256684495C499B22DCDBA266E4F2494 SIZE=4096
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLiveRes.dll [Patchou] [Messenger Plus! Live] MD5=364A6C6EF147168AB20E7354DAD01041 SIZE=1815376
%SYSDIR%\vsnpstd3.dll [] MD5=A81396F3D1AB898A8B1BAAAC4AA00253 SIZE=61440
%PROGRAMFILES%\Wanadoo\ComComp.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D589D0436C4C2D285B3418E79E78A21 SIZE=249856
%PROGRAMFILES%\Wanadoo\WLANManager.dll [France Télécom R&D] [WLANManager] MD5=3984A309960D2173D241CB07CEDABB12 SIZE=90112
%PROGRAMFILES%\Wanadoo\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%SYSDIR%\W32N50.dll [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CF7F176E5DC77FA95AF30FE913957611 SIZE=94208
%PROGRAMFILES%\Wanadoo\GestAppFT.dll [France Télécom R&D] [Kit de Connexion et de Services] MD5=5E1EF37D7CF6658F453B7CFA268DBEE2 SIZE=151552
%PROGRAMFILES%\Wanadoo\ModifFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B5674B52F1B2026947DC6EF0248F089C SIZE=53248
%PROGRAMFILES%\Wanadoo\PMStub.dll [] [Bibliothèque de liaison dynamique PMStub] MD5=74D2A4D769D31151E1971AD2FCBCFFDA SIZE=36864
%PROGRAMFILES%\Wanadoo\PhoneManager.dll [] [Bibliothèque de liaison dynamique PhoneManager] MD5=FC02BFFAC618F14B9446FF371F92CADC SIZE=188416
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [Sony Corporation] [SonyTray.exe] MD5=F15FCBB20FE82674F48A60A37E5BA45A SIZE=151552
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.dll [Sony Corporation] [SonyTray.dll] MD5=71202BB43BDCE9D25FA347877B232A2E SIZE=12288
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Menu\Events\iLINK.dll [Sony Corporation] [iLINK.dll] MD5=44478560689E9991F68399334357A4EA SIZE=143360
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Menu\Events\MassStorage.dll [Sony Corporation] [MassStorage.dll] MD5=6D44A8C2EB90C406B22C05C213AAF960 SIZE=143360
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Menu\Events\USB_Streaming.dll [Sony Corporation] [USB_Streaming.dll] MD5=3C584F60C6E66B1CB3C2180AE292811A SIZE=147456
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Menu\SonyMS.dll [Sony Corporation] [SonyMS.dll] MD5=DF41F3F09A56414F7E328A5489E2F7BC SIZE=53248
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [Sony Corporation.] [Residence ?????????] MD5=CD7DB8BF7F82F78E89E0AC0F58DCB3B0 SIZE=106496
%PROGRAMFILES%\Sony Corporation\Picture Package\Picture Package Applications\ResidenceRes.dll [] MD5=550C8242B1FB2AC9440E9E5D03C2E135 SIZE=1032192
%COMMONFILES%\Microsoft Shared\Works Shared\wkcalrem.exe [Microsoft® Corporation] [Microsoft® Works 2000] MD5=4B3228894D9A22FD458A663684CFD8FE SIZE=53317
%PROGRAMFILES%\Wanadoo\Watch.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=9A29592CD135F6262C429152F7A8DD4A SIZE=20480
%SYSDIR%\AlertModule\AlertModule.exe [] [Application AlertModule] MD5=68E404DB5525373FE0554ED2607F0C82 SIZE=45056
%PROGRAMFILES%\Wanadoo\WOOBrowser\WOOBrowser.exe [] [France Telecom Web Browser] MD5=529BE156D65E9330B0932F628D6C92E6 SIZE=344064
%PROGRAMFILES%\Wanadoo\WOOBrowser\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B4B0DF4B41A938693FFF2F22088DBFDC SIZE=24576
%PROGRAMFILES%\Wanadoo\WOOBrowser\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=B56B882E0FF096B5D338FE69F8C44E6B SIZE=626688
%PROGRAMFILES%\Wanadoo\WOOBrowser\IHMBrowser.dll [] [Bibliothèque de liaison dynamique IHMBrowser] MD5=7866584CA7D7D600A637405F91F42501 SIZE=49152
%PROGRAMFILES%\Wanadoo\WOOBrowser\skin\Default\main\ResourceStyle.dll [] [Kit Wanadoo] MD5=47CCD4C2AF8A0C2AE851EAC97B526300 SIZE=270336
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginbubble.dll [] [Bibliothèque de liaison dynamique plugindll] MD5=0AF3211851269F872469F75BC2BB9CF6 SIZE=40960
%PROGRAMFILES%\Wanadoo\WOOBrowser\plugincore.dll [] [Bibliothèque de liaison dynamique plugindll] MD5=1A0D86AC680FEDB5F7C1A6E07B744E94 SIZE=180224
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginDashboard.dll [] [Bibliothèque de liaison dynamique plugindll] MD5=19AB1C1C4B907078066F08CA1215E810 SIZE=155648
%PROGRAMFILES%\Wanadoo\WOOBrowser\PluginDownload.dll [] [Bibliothèque de liaison dynamique plugindll] MD5=6817CABEBD402EAE5734E4E814DC55A9 SIZE=217088
%PROGRAMFILES%\Wanadoo\WOOBrowser\Ifhelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginFavorites.dll [] [Bibliothèque de liaison dynamique plugindll] MD5=9B4502FC40C951F44C1B38492107370D SIZE=335872
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginpopup.dll [] [Bibliothèque de liaison dynamique plugindll] MD5=7E0C298BD0D4ADA92EA49BD7E7770E3A SIZE=180224
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginsearch.dll [] [Bibliothèque de liaison dynamique plugindll] MD5=721F2BD1FECA605C052992EE6D36C063 SIZE=167936
%PROGRAMFILES%\Wanadoo\WOOBrowser\DashBoard\TotoAtlMod.dll [] [TotoATLMod Module] MD5=F30A061B2D268175FA8A5451BE1CFC0C SIZE=249856
%PROGRAMFILES%\Wanadoo\SearchPageURL.dll [] [SearchPageURL Module] MD5=4AF0DECA1AC2C25009E15A3D7377503F SIZE=57344
deskpan.dll []
%PROGRAMFILES%\Softwin\BitDefender10\bdshelxt.dll [] [BDShellExt Module] MD5=F0DB5B73F531F02A7F6873AB8F8A3794 SIZE=58368
%PROGRAMFILES%\Microsoft Office\Office\OLKFSTUB.DLL [Microsoft Corporation] [Microsoft Outlook] MD5=1B2CA3D3F1124C8B289B8CAA37368096 SIZE=49202
%PROGRAMFILES%\OPENOFFICE.ORG 2.0\PROGRAM\SHLXTHDL.DLL [Sun Microsystems, Inc.] MD5=C9659827CE24594541B3EB37E71EF3C5 SIZE=327680
%PROGRAMFILES%\WinRAR\rarext.dll [] MD5=7801791108C9FA442DD48BCD98869F21 SIZE=126464
%PROGRAMFILES%\Sony\IMAGE CONVERTER 3\CtxMenu.dll [] [CtxMenu] MD5=3324F90311D85AC917D4F75E0B1F7EDD SIZE=172032
%PROGRAMFILES%\SOFTWIN\BITDEFENDER10\BDFDLL.SYS [] MD5=ED2179E5CD86EABFDC227601C3094C64 SIZE=7808
%PROGRAMFILES%\SOFTWIN\BITDEFENDER10\BDFSDRV.SYS [] MD5=09144A34A6BC8C1228DB81995BACC0F8 SIZE=14145
%PROGRAMFILES%\SOFTWIN\BITDEFENDER10\BDRSDRV.SYS [] MD5=6F85116C3A51C2C07EFBE957B69F1199 SIZE=10768
%SYSDIR%\DRIVERS\e4usbaw.sys [Analog Devices Inc.] [ADSL USB WAN Driver] MD5=3E1971E0F64FCF2FBE05CE4AB0132963 SIZE=114616
%SYSDIR%\DRIVERS\snpstd3.sys [Sonix Co. Ltd.] [USB PC Camera] MD5=11BB0E11D42CC3A43D741D9B30839BE1 SIZE=10252544
%SYSDIR%\STEC3.SYS [AntiCracking] [SVKP driver for NT] MD5=E4EBF293D1F612BDA19B646C36715B20 SIZE=2368
%SYSDIR%\DRIVERS\viamraid.sys [VIA Technologies inc,.ltd] [VIA RAID driver] MD5=44056E9FEE477F512EE58BCFEE949621 SIZE=60672
%COMMONFILES%\Microsoft Shared\Information Retrieval\itss51.dll [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=3D84111D76AFE0218B1C50D38DF4F3DB SIZE=295744
%COMMONFILES%\Microsoft Shared\Reference Titles\msref.dll [] [msref Module] MD5=54BDEC5CF0CC2B9A3C83DF1DE544DD4A SIZE=102400
%SYSDIR%\systray.exe []

End of Report

Suppression:

Préparation...
Création d'un point de restauration
Supprimer AdWare.MailSkinner
Suppression de la clé registre : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MailSkinner
Supprimer HotBar.1
Suppression de la clé registre : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA
Supprimer Hotbar Toolbar
Supprimer MovieLand
Suppression de la clé registre : HKCR\AppID\DownloadManager.EXE
Supprimer Affiliate tracking cookie
Les fichiers sélectionnés ont été supprimés.: C:\Documents and Settings\Maeva\cookies\maeva@advertising[1].txt
Les fichiers sélectionnés ont été supprimés.: C:\Documents and Settings\Maeva\cookies\maeva@apmebf[2].txt
Les fichiers sélectionnés ont été supprimés.: C:\Documents and Settings\Maeva\cookies\maeva@atdmt[2].txt
Les fichiers sélectionnés ont été supprimés.: C:\Documents and Settings\Maeva\cookies\maeva@doubleclick[1].txt
Les fichiers sélectionnés ont été supprimés.: C:\Documents and Settings\Maeva\cookies\maeva@emjcd[2].txt
Les fichiers sélectionnés ont été supprimés.: C:\Documents and Settings\Maeva\cookies\maeva@fastclick[2].txt
Les fichiers sélectionnés ont été supprimés.: C:\Documents and Settings\Maeva\cookies\maeva@serving-sys[2].txt
Fermeture du point de restauration système
Analyse(s) terminée(s)

Utilisateur anonyme · Answer

recolle moi un log hijackthis stp

Sildar · Answer

Voilà

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:20, on 30/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\system32	askmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Maeva\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Bolddownload] C:\DOCUME~1\Maeva\APPLIC~1\SUPPOR~1\Insidestart.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Bootvis.lnk = G:\demarrage rapide\Bootvis_Sleep.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a8c222d840c04c54a9b1865b2a775523
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a8c222d840c04c54a9b1865b2a775523
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 81.253.149.9 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 81.253.149.9 80.10.246.3
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Utilisateur anonyme · Answer

d'apres le rapport tu n'a plus que 1 virus coche la ligne

O4 - HKCU\..\Run: [Bolddownload] C:\DOCUME~1\Maeva\APPLIC~1\SUPPOR~1\Insidestart.exe

puis telecharge zone alarm free

puis refais le scan avec ton antivirus et spyware terminator en mode sans echec F11 puis supprime tous se qu'ils trouvent et recolle moi un log hijackthis

Sildar · Answer

D'accord je fais tout ça.

A tout à l'heure.

Utilisateur anonyme · Answer

a+

Sildar · Answer

Impossible de lancer mon antivirus en mode sans echec. Un spyware supprimé.

Voici le log Hijack pendant le mode sans echec.

J'en remet un après fait maintenant.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:06, on 30/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32	askmgr.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\DOCUME~1\Maeva\LOCALS~1\Temp\Répertoire temporaire 4 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [sadiotrfjh] c:\windows\system32\sadiotrfjh.exe sadiotrfjh
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Bolddownload] C:\DOCUME~1\Maeva\APPLIC~1\SUPPOR~1\Insidestart.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Bootvis.lnk = G:\demarrage rapide\Bootvis_Sleep.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a8c222d840c04c54a9b1865b2a775523
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a8c222d840c04c54a9b1865b2a775523
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Utilisateur anonyme · Answer

fait oui

Utilisateur anonyme · Answer

d'apres le rapport il te reste un virus coche la case

O4 - HKCU\..\Run: [Bolddownload] C:\DOCUME~1\Maeva\APPLIC~1\SUPPOR~1\Insidestart.exe

et clic sur fixcheked

Sildar · Answer

C'est fait, ça fait plusieurs fois qu'on le supprime celui là non? :S


EDIT : j'accepte de bloquer iexplore.exe ou pas avec zone alarm?

Utilisateur anonyme · Answer

tu le bloque mes avant telecharge mozilla firefox a la place d'internet explorer

Sildar · Answer

J'ai dit au départ que c'est le navigateur d'orange qui est utilisé sur ce PC. Je sais que c'est pas la joie mais c'est un ordi famillial et je doute que les parents de mon amie soient près à en changer :/.

Donc firefox => inutile.

Ceci dit, le processus est toujours là....

Utilisateur anonyme · Answer

bon ok bloque iexplorer

Sildar · Answer

OK, c'est fait.

Une autre idée pour supprimer ce processus?

Utilisateur anonyme · Answer

tu peut pas sa fait parti d'internet explorer
recolle moi un log hijackthis stp

Sildar · Answer

Voici le log.

Le processus, même s'il a le même nom, fait vraiement partie d'IE? Parce qu'un processus qui se relance dès qu'on le supprime, c'est louche :/

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:47, on 30/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\DOCUME~1\Maeva\LOCALS~1\Temp\Répertoire temporaire 7 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Bootvis.lnk = G:\demarrage rapide\Bootvis_Sleep.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a8c222d840c04c54a9b1865b2a775523
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a8c222d840c04c54a9b1865b2a775523
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 80.10.246.1 81.253.149.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{15E75FC6-1987-4E9D-94DD-FB968AF92EDD}: NameServer = 80.10.246.1 81.253.149.10
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Utilisateur anonyme · Answer

d'apres le rapport tu n'a pu rien

va dans le gestionnaire des taches processus cherche iexplorer clic droit dessus terminer le processus puis supprime le

Sildar · Answer

Le processus revient toujours.

Je retrouve la fenêtre "serveur occupé" -> "basculer vers" qui m'ouvre la barre démarrer.

Une fois que "basculer vers" n'apparaît plus, le processus se calme et diminue mais est toujorus présent. 44000 ko environ.

Un ptit lien pour la capture d'image :
https://www.hiboox.com

Utilisateur anonyme · Answer

essai juste de telecharger kaspersky internet security et de fair un scan

Iexplore virus

26 réponses

Votre réponse

Discussions similaires

Newsletters