Click permanent et message d'erreur SVC
Sampe
Messages postés
57
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
est-ce quelqu'un peut m'aider à résoudre un petit problème!!
en fait j'entends des clics permanent sur mon ordi et lorsque je ferme la cession pour redémarer une série de message d'erreur apparait a l'ecran un message SVC a call on... et je n'arrive jamais à lire la fin du message..
j'ai redémaré à plusieurs reprise mon ordi mais rien n'y fait.....
pouvez-vous m'aider
Merci!!!!
est-ce quelqu'un peut m'aider à résoudre un petit problème!!
en fait j'entends des clics permanent sur mon ordi et lorsque je ferme la cession pour redémarer une série de message d'erreur apparait a l'ecran un message SVC a call on... et je n'arrive jamais à lire la fin du message..
j'ai redémaré à plusieurs reprise mon ordi mais rien n'y fait.....
pouvez-vous m'aider
Merci!!!!
A voir également:
- Click permanent et message d'erreur SVC
- Recuperer message whatsapp supprimé - Guide
- Message absence thunderbird - Guide
- Message supprimé whatsapp - Guide
- Epingler un message whatsapp - Accueil - Messagerie instantanée
- Message du pere noel gratuit whatsapp - Accueil - Applis & Sites
6 réponses
bonjour et merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:25, on 04/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\svhoster.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\runsql.exe
C:\WINDOWS\svzip.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\sv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\christophe\Local Settings\Temp\Répertoire temporaire 1 pour HiJackThis[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKLM\..\Run: [StorageGuard] "c:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:25, on 04/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\svhoster.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\runsql.exe
C:\WINDOWS\svzip.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\sv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\christophe\Local Settings\Temp\Répertoire temporaire 1 pour HiJackThis[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKLM\..\Run: [StorageGuard] "c:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
rebonjour ,
scan only ??
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:27, on 04/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\svhoster.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\runsql.exe
C:\WINDOWS\svzip.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\sv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKLM\..\Run: [StorageGuard] "c:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
scan only ??
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:27, on 04/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\svhoster.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\runsql.exe
C:\WINDOWS\svzip.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\sv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKLM\..\Run: [StorageGuard] "c:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\System32\1036t.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
telecharger spyware terminator mes le a jour puis fait un scan en mode sans echec et en mode normale puis supprime tous se qui trouve et recolle moi un log hijackthis
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voila c'était un peu long desole
Spyware Terminator Version: 1.8.7.991
Start time: 04/01/2008 17:43:55
System: Windows XP
User: Limited
Processes Scan
C:\WINDOWS\SYSTEM32\WINLOGON.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL [ATI Technologies Inc.],
C:\WINDOWS\SYSTEM32\IBMPMSVC.EXE [Empty]
C:\PROGRAM FILES\THINKPAD\UTILITIES\TPKMAPMN.EXE [Empty] TPKMAPHK.DLL [Empty], TPKMAPHK.DLL, TPKMAPHK.DLL, SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [ATI Technologies Inc.] C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL [ATI Technologies, Inc.], ATI2EDXX.DLL,
C:\WINDOWS\SYSTEM32\SVCHOST.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ESENT.DLL [Microsoft Corporation
], SYNTPFCS.DLL,
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE [ALWIL Software] ASWCMNS.DLL [ALWIL Software], ASWCMNOS.DLL [ALWIL Software], ASWCMNB.DLL [ALWIL Software],
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE [ALWIL Software] ASWAUX.DLL [ALWIL Software], ASWCMNB.DLL, ASWCMNOS.DLL, ASWENGIN.DLL [ALWIL Software], ASWSCAN.DLL [ALWIL Software], ASWCMNS.DLL, ASHBASE.DLL [ALWIL Software], ASHTASK.DLL [ALWIL Software], ASWINTEG.DLL [ALWIL Software], ASWIDLE.DLL [ALWIL Software], AAVM4H.DLL [ALWIL Software], BASE.DLL [ALWIL Software], C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\UNACEV2.DLL [Empty], AHRESMAI.DLL [ALWIL Software], AHRESMES.DLL [ALWIL Software], AHRESNS.DLL [ALWIL Software], AHRESOUT.DLL [ALWIL Software], AHRESP2P.DLL [ALWIL Software], AHRESSTD.DLL [ALWIL Software], AHRESWS.DLL [ALWIL Software], ASHSSQLT.DLL [ALWIL Software], ASWRES.DLL [ALWIL Software],
C:\WINDOWS\SYSTEM32\FTRTSVC.EXE [France Telecom] C:\WINDOWS\SYSTEM32\IFHELPER.DLL [France Télécom R&D],
C:\WINDOWS\SYSTEM32\QCONSVC.EXE [Empty]
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE [ALWIL Software] ASHBASE.DLL, ASWCMNOS.DLL, ASWCMNB.DLL, ASWCMNS.DLL, AAVM4H.DLL, ASHTASK.DLL, ASWAUX.DLL, AHRESMAI.DLL, BASE.DLL, ASWENGIN.DLL, ASWSCAN.DLL, ASHUINT.DLL [ALWIL Software], C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\XT1922.DLL [Codejock Software], LANG.DLL [ALWIL Software], LANGMAI.DLL [ALWIL Software],
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE [ALWIL Software] ASHBASE.DLL, ASWCMNOS.DLL, ASWCMNB.DLL, ASWCMNS.DLL, AAVM4H.DLL, ASHTASK.DLL, ASWAUX.DLL, BASE.DLL, ASHWSFTR.DLL [ALWIL Software], ASWSCAN.DLL, AhResWS.dll, ASWENGIN.DLL,
C:\WINDOWS\EXPLORER.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL [Synaptics, Inc.], C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL [IBM Corp.], C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX [Empty], C:\WINDOWS\SYSTEM32\DLA\TFSWSHX.DLL [Sonic Solutions], C:\WINDOWS\SYSTEM32\TFSWAPI.DLL [Sonic Solutions], C:\WINDOWS\SYSTEM32\DLA\TFSWCRES.DLL [Sonic Solutions], C:\Program Files\Wanadoo\INACTIVITY.DLL [Empty], C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL [ALWIL Software], C:\Program Files\Softwin\BitDefender10\bdshelxt.dll [file not found],
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE [Synaptics, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE [Synaptics, Inc.] SYNTPAPI.DLL [Synaptics, Inc.], SYNTPFCS.DLL,
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [Empty] SYNTPFCS.DLL, TPHK_2K.DLL [Empty], C:\WINDOWS\SYSTEM32\OEMDSPIF.DLL [ATI Technologies, Inc.],
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\QCWLICON.EXE [Empty] QCON.DLL [Empty], C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\MERLINC201.DLL [Novatel Wireless Inc.], SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE [Microsoft Corporation] PWRMONIT.DLL, C:\Program Files\ThinkPad\Utilities\TPPWRW32.DLL [IBM Corp.], SYNTPFCS.DLL,
C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe [IBM Corp.] SYNTPFCS.DLL,
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE [ATI Technologies, Inc.] ATRPUIXX.FRA [ATI Technologies, Inc.], SYNTPFCS.DLL, ATIPDSXX.DLL [ATI Technologies, Inc.],
C:\PROGRAM FILES\SUPPORT.COM\BIN\TGCMD.EXE [SupportSoft, Inc.] C:\PROGRAM FILES\SUPPORT.COM\BIN\1036\TGLOCALE.DLL [Support.com, Inc.], SDCMON.DLL [SupportSoft, Inc.], SYNTPFCS.DLL,
C:\PROGRAM FILES\IBM\MESSAGES BY IBM\IBMMESSAGES.EXE [IBM] C:\WINDOWS\SYSTEM32\AIBMRUNL.DLL [Empty], SYNTPFCS.DLL, C:\PROGRAM FILES\SUPPORT.COM\BIN\TGLIB.DLL [SupportSoft, Inc.], TGLOCALE.DLL,
C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY\TPONSCR.EXE [Empty] SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\DLA\TFSWCTRL.EXE [Sonic Solutions] TFSWAPI.DLL, TFSWCRES.DLL, SYNTPFCS.DLL,
C:\Program Files\Alwil Software\Avast4\ashDisp.exe [ALWIL Software] aswCmnOS.dll, ashBase.dll, aswCmnB.dll, aswCmnS.dll, ashTask.dll, aswAux.dll, Aavm4h.dll, BASE.DLL, LANG.DLL, AavmRpch.dll [ALWIL Software], AHRUIMAI.DLL [ALWIL Software], ashUInt.dll, XT1922.dll, AHRUIMES.DLL [ALWIL Software], AHRUINS.DLL [ALWIL Software], AHRUIOUT.DLL [ALWIL Software], AHRUIP2P.DLL [ALWIL Software], AHRUISTD.DLL [ALWIL Software], AHRUIWS.DLL [ALWIL Software], SYNTPFCS.DLL,
C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\JUSCHED.EXE [Sun Microsystems, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE [RealNetworks, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY_1\TPSCREX.EXE [IBM Corporation] SYNTPFCS.DLL,
C:\WINDOWS\svhoster.exe [file not found] SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\CTFMON.EXE [Microsoft Corporation] SYNTPFCS.DLL,
C:\WINDOWS\runsql.exe [file not found] SYNTPFCS.DLL,
C:\WINDOWS\svzip.exe [file not found] SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE [Microsoft Corporation] SYNTPFCS.DLL, INACTIVITY.DLL,
C:\WINDOWS\sv.exe [file not found] SYNTPFCS.DLL,
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE [Microsoft Corporation] SYNTPFCS.DLL, C:\WINDOWS\SYSTEM32\MSDMO.DLL [Empty],
C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE [Skype Technologies S.A.] SYNTPFCS.DLL, INACTIVITY.DLL,
C:\PROGRAM FILES\SAGEM WIFI MANAGER\WLANUTL.EXE [Empty] C:\WINDOWS\SYSTEM32\W32N50.DLL [Printing Communications Assoc., Inc. (PCAUSA)], SYNTPFCS.DLL,
C:\Program Files\Wanadoo\Toaster.exe [France Telecom R&D] C:\Program Files\Wanadoo\StyleIHM.dll [France Télécom R&D], SYNTPFCS.DLL, C:\WINDOWS\system32\AlertModule\AlertClient.dll [Empty], C:\Program Files\Wanadoo\skin\Default\main\RESOURCESTYLE.DLL [Empty], INACTIVITY.DLL,
C:\Program Files\Wanadoo\INACTIVITY.EXE [Empty] SYNTPFCS.DLL, AlertClient.dll, INACTIVITY.DLL,
C:\Program Files\Wanadoo\POLLINGMODULE.EXE [Empty] C:\Program Files\Wanadoo\OutilsFT.dll [France Télécom R&D], SYNCHRODLL.DLL [Empty], SYNTPFCS.DLL, AlertClient.dll,
C:\WINDOWS\system32\AlertModule\AlertModule.exe [Empty] SYNTPFCS.DLL,
C:\PROGRAM FILES\SKYPE\PLUGIN MANAGER\SKYPEPM.EXE [Skype Technologies] SYNTPFCS.DLL, C:\PROGRAM FILES\SKYPE\PLUGIN MANAGER\EZPMUTILS.DLL [EasyBits Media AS],
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [Microsoft Corporation] SYNTPFCS.DLL, C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.], ACROIEHELPER.OCX, C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL [Skype Technologies S.A.], C:\PROGRAM FILES\SKYPE\TOOLBARS\SHARED\SPHONEPARSER.DLL [Skype Technologies], C:\PROGRAM FILES\REAL\REALPLAYER\RPBROWSERRECORDPLUGIN.DLL [RealPlayer], TFSWSHX.DLL, TFSWAPI.DLL, TFSWCRES.DLL, C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\2.0.301.7164\SWG.DLL [Google Inc.], INACTIVITY.DLL, C:\Program Files\Wanadoo\SearchPageURL.dll [Empty], SYNTPFCS.DLL, GOOGLETOOLBAR1.DLL, ACROIEHELPER.OCX, SKYPEIEPLUGIN.DLL, SPHONEPARSER.DLL, RPBROWSERRECORDPLUGIN.DLL, C:\PROGRAM FILES\REAL\REALPLAYER\LANG\RPBRP_FR.DLL [RealNetworks, Inc.], TFSWSHX.DLL, TFSWAPI.DLL, TFSWCRES.DLL, C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\SSV.DLL [Sun Microsystems, Inc.], SWG.DLL, INACTIVITY.DLL, C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH9D.OCX [Adobe Systems, Inc.], SYNTPFCS.DLL, GOOGLETOOLBAR1.DLL, ACROIEHELPER.OCX, SKYPEIEPLUGIN.DLL, SPHONEPARSER.DLL, RPBROWSERRECORDPLUGIN.DLL, RPBRP_FR.DLL, TFSWSHX.DLL, TFSWAPI.DLL, TFSWCRES.DLL, SSV.DLL, SWG.DLL, INACTIVITY.DLL, FLASH9D.OCX,
C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\JUCHECK.EXE [Sun Microsystems, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE [Lavasoft AB] CEAPI.DLL [Lavasoft AB], C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\PKARCHIVE84CB.DLL [PKWARE, Inc.], C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\UPDATE.DLL [Empty],
C:\Program Files\Softwin\BitDefender10\bdagent.exe [file not found] bdch.dll [file not found], bdsubmit.dll [file not found], bdutils.dll [file not found], XCOMM.dll [file not found], procinf.dll [file not found], BDGUICtl.dll [file not found], txmlx.dll [file not found], sockspy.dll [file not found], SYNTPFCS.DLL,
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE [Google Inc.] GTN.DLL [Google Inc.], SYNTPFCS.DLL, RES_FR.DLL [Google Inc.], SWG.DLL,
C:\PROGRAM FILES\CRAWLER\TOOLBAR\CTOOLBAR.EXE [Crawler.com] SYNTPFCS.DLL, ctbcomm.dll [Crawler.com], WebSecurityGuard.dll [Crawler.com],
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATOR.EXE [Crawler.com] SYNTPFCS.DLL, INACTIVITY.DLL,
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE [Crawler.com] SYNTPFCS.DLL,
C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE [Crawler.com]
Startup Scan
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"CTFMON.EXE" = "C:\WINDOWS\SYSTEM32\CTFMON.EXE" [ Microsoft Corporation ]
"ibmmessages" = "C:\PROGRAM FILES\IBM\MESSAGES BY IBM\IBMMESSAGES.EXE" [ IBM ]
"MSMSGS" = "C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE" [ Microsoft Corporation ]
"Skype" = "C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE" [ Skype Technologies S.A. ]
"swg" = "C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE" [ Google Inc. ]
"UpdateWin" = "C:\WINDOWS\SYSTEM32\1036T.EXE" [ Empty ]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"S3TRAY2" = "C:\WINDOWS\system32\S3TRAY2.EXE" [ S3 Graphics, Inc. ]
"SynTPLpr" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE" [ Synaptics, Inc. ]
"SynTPEnh" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE" [ Synaptics, Inc. ]
"BluetoothAuthenticationAgent" = "C:\WINDOWS\system32\IRPROPS.CPL" [ Microsoft Corporation ]
"TPHOTKEY" = "C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe" [ Empty ]
"QCWLICON" = "C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\QCWLICON.EXE" [ Empty ]
"BMMGAG" = "C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL" [ IBM Corp. ]
"BMMLREF" = "C:\PROGRAM FILES\THINKPAD\UTILITIES\BMMLREF.EXE" [ Empty ]
"TPKMAPMN" = "C:\PROGRAM FILES\THINKPAD\UTILITIES\TPKMAPMN.EXE" [ Empty ]
"TP4EX" = "C:\WINDOWS\system32\TP4EX.EXE" [ IBM Corporation ]
"EZEJMNAP" = "C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe" [ IBM Corp. ]
"ATIPTA" = "C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE" [ ATI Technologies, Inc. ]
"tgcmd" = "C:\PROGRAM FILES\SUPPORT.COM\BIN\TGCMD.EXE" [ SupportSoft, Inc. ]
"ibmmessages" = "C:\PROGRAM FILES\IBM\MESSAGES BY IBM\IBMMESSAGES.EXE" [ IBM ]
"StorageGuard" = "C:\PROGRAM FILES\VERITAS SOFTWARE\UPDATE MANAGER\SGTRAY.EXE" [ VERITAS Software, Inc. ]
"dla" = "C:\WINDOWS\SYSTEM32\DLA\TFSWCTRL.EXE" [ Sonic Solutions ]
"WOOWATCH" = "C:\Program Files\Wanadoo\Watch.exe" [ France Télécom R&D ]
"avast!" = "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [ ALWIL Software ]
"SunJavaUpdateSched" = "C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\JUSCHED.EXE" [ Sun Microsystems, Inc. ]
"TkBellExe" = "C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE" [ RealNetworks, Inc. ]
"netc" = "C:\WINDOWS\svc.exe" [ file not found ]
"UpdateWin" = "C:\WINDOWS\SYSTEM32\1036T.EXE" [ Empty ]
"net64" = "C:\WINDOWS\svhoster.exe" [ file not found ]
"netzip" = "C:\WINDOWS\svzip.exe" [ file not found ]
"netsv32" = "C:\WINDOWS\sv.exe" [ file not found ]
"runsql" = "C:\WINDOWS\runsql.exe" [ file not found ]
"SpywareTerminator" = "C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE" [ Crawler.com ]
"BootExecute" = "C:\WINDOWS\system32\LSDELETE.EXE" [INFECTION WARNING!]
Toolbars Scan
&Google {2318C2B1-4965-11d4-9B18-009027A5CD4F} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
&Crawler Toolbar {4B3803EA-5230-4DC3-A7FC-33638F3D3542} C:\Program Files\Crawler\Toolbar\ctbr.dll [Crawler.com]
BHO Scan
AcroIEHlprObj Class {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX [Empty]
{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} C:\Program Files\Crawler\Toolbar\ctbr.dll [Crawler.com]
Skype add-on (mastermind) {22BF413B-C6D2-4d91-82A9-A0F997BA588C} C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL [Skype Technologies S.A.]
RealPlayer Download and Record Plugin for Internet Explorer {3049C3E9-B461-4BC5-8870-4C09146192CA} C:\PROGRAM FILES\REAL\REALPLAYER\RPBROWSERRECORDPLUGIN.DLL [RealPlayer]
DriveLetterAccess {5CA3D70E-1895-11CF-8E15-001234567890} C:\WINDOWS\SYSTEM32\DLA\TFSWSHX.DLL [Sonic Solutions]
SSVHelper Class {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\SSV.DLL [Sun Microsystems, Inc.]
Google Toolbar Helper {AA58ED58-01DD-4d91-8333-CF10577473F7} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
Google Toolbar Notifier BHO {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\2.0.301.7164\SWG.DLL [Google Inc.]
Skype add-on (button) {77BF5300-1474-4EC7-9980-D32B190E9B07} C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL [Skype Technologies S.A.]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} = Extension Affichage Panorama du Panneau de configuration (deskpan.dll) [file not found]
{764BF0E1-F219-11ce-972D-00AA00A14F56} = Extensions de l'environnement de compression de fichiers () [file not found]
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Menu contextuel de cryptage () [file not found]
{88895560-9AA2-1069-930E-00AA0030EBC8} = Extension icône HyperTerminal (C:\WINDOWS\SYSTEM32\HTICONS.DLL) [Hilgraeve, Inc.]
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = Barre des tâches et menu Démarrer () [file not found]
{7A9D77BD-5403-11d2-8785-2E0420524153} = Comptes d'utilisateurs () [file not found]
{5CA3D70E-1895-11CF-8E15-001234567890} = DriveLetterAccess (C:\WINDOWS\SYSTEM32\DLA\TFSWSHX.DLL) [Sonic Solutions]
{472083B0-C522-11CF-8763-00608CC02F24} = avast (C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL) [ALWIL Software]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player (C:\PROGRAM FILES\REAL\REALPLAYER\RPSHELL.DLL) [RealNetworks, Inc.]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL) [Microsoft Corporation]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL) [Microsoft Corporation]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL) [Microsoft Corporation]
{BD88A479-9623-4897-8546-BC62B9628F44} = SPTHandler (C:\PROGRAM FILES\SPYWARE TERMINATOR\SPTCONTMENU.DLL) [Crawler.com]
Winlogon Notify Scan
AtiExtEvent = Ati2evxx.dll (C:\WINDOWS\system32\ATI2EVXX.DLL) [ATI Technologies Inc.]
Services Scan
"aawservice" = C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE [Lavasoft AB]
"ac97intc" = C:\WINDOWS\SYSTEM32\DRIVERS\AC97INTC.SYS [Intel Corporation]
"Adobe LM Service" = C:\PROGRAM FILES\FICHIERS COMMUNS\ADOBE SYSTEMS SHARED\SERVICE\ADOBELMSVC.EXE [Empty]
"aeaudio" = C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS [Andrea Electronics Corporation]
"AliIde" = C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS [Acer Laboratories Inc.]
"amdagp" = C:\WINDOWS\SYSTEM32\DRIVERS\AMDAGP.SYS [Advanced Micro Devices, Inc.]
"asc" = C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS [Advanced System Products, Inc.]
"asc3550" = C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS [Advanced System Products, Inc.]
"aswUpdSv" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE [ALWIL Software]
"Ati HotKey Poller" = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [ATI Technologies Inc.]
"ati2mtag" = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS [ATI Technologies Inc.]
"avast! Antivirus" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE [ALWIL Software]
"avast! Mail Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE [ALWIL Software]
"avast! Web Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE [ALWIL Software]
"bdfdll" = C:\Program Files\Softwin\BitDefender10\bdfdll.sys [file not found]
"BDFsDrv" = C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [file not found]
"BDRsDrv" = C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [file not found]
"CmdIde" = C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS [CMD Technology, Inc.]
"dac2w2k" = C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS [Mylex Corporation]
"dmboot" = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS [Microsoft Corp., Veritas Software]
"dmio" = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS [Microsoft Corp., Veritas Software]
"dmload" = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS [Microsoft Corp., Veritas Software.]
"drvmcdb" = C:\WINDOWS\SYSTEM32\DRIVERS\DRVMCDB.SYS [Sonic Solutions]
"drvnddm" = C:\WINDOWS\SYSTEM32\DRIVERS\DRVNDDM.SYS [Sonic Solutions]
"E1000" = C:\WINDOWS\SYSTEM32\DRIVERS\E1000325.SYS [Intel Corporation]
"E100B" = C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS [Intel Corporation]
"FTRTSVC" = C:\WINDOWS\SYSTEM32\FTRTSVC.EXE [France Telecom]
"gusvc" = C:\PROGRAM FILES\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE [Google]
"IBMPMDRV" = C:\WINDOWS\SYSTEM32\DRIVERS\IBMPMDRV.SYS [Empty]
"IBMPMSVC" = C:\WINDOWS\SYSTEM32\IBMPMSVC.EXE [Empty]
"IBMTPCHK" = C:\WINDOWS\SYSTEM32\DRIVERS\IBMBLDID.SYS [Empty]
"ltmodem5" = C:\WINDOWS\SYSTEM32\DRIVERS\LTMDMNT.SYS [LT]
"MDC8021X" = C:\WINDOWS\SYSTEM32\DRIVERS\MDC8021X.SYS [Meetinghouse Data Communications]
"mraid35x" = C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS [American Megatrends Inc.]
"MSSQLServerADHelper" = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [file not found]
"NSCIRDA" = C:\WINDOWS\SYSTEM32\DRIVERS\NSCIRDA.SYS [National Semiconductor Corporation]
"PCAMPR5" = C:\WINDOWS\System32\PCAMPR5.SYS [file not found]
"PCANDIS5" = C:\WINDOWS\SYSTEM32\PCANDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)]
"Ptilink" = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Parallel Technologies, Inc.]
"PxHelp20" = C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS [Sonic Solutions]
"QCONSVC" = C:\WINDOWS\SYSTEM32\QCONSVC.EXE [Empty]
"ql1080" = C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS [QLogic Corporation]
"ql12160" = C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS [QLogic Corporation]
"ql1280" = C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS [QLogic Corporation]
"S3SSavage" = C:\WINDOWS\SYSTEM32\DRIVERS\S3SSAVM.SYS [S3 Graphics, Inc.]
"Secdrv" = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS [Empty]
"sisagp" = C:\WINDOWS\SYSTEM32\DRIVERS\SISAGP.SYS [Silicon Integrated Systems Corporation]
"smwdm" = C:\WINDOWS\SYSTEM32\DRIVERS\SMWDM.SYS [Analog Devices, Inc.]
"Sparrow" = C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS [Adaptec, Inc.]
"sp_rsdrv2" = C:\WINDOWS\SYSTEM32\DRIVERS\SP_RSDRV2.SYS [Empty]
"sp_rssrv" = C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE [Crawler.com]
"sscdbhk5" = C:\WINDOWS\SYSTEM32\DRIVERS\SSCDBHK5.SYS [Sonic Solutions]
"ssrtln" = C:\WINDOWS\SYSTEM32\DRIVERS\SSRTLN.SYS [Sonic Solutions]
"symc810" = C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS [Symbios Logic Inc.]
"symc8xx" = C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS [LSI Logic]
"sym_hi" = C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS [LSI Logic]
"sym_u3" = C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS [LSI Logic]
"SynTP" = C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS [Synaptics, Inc.]
"TDSMAPI" = C:\WINDOWS\SYSTEM32\DRIVERS\TDSMAPI.SYS [Empty]
"tfsnboio" = C:\WINDOWS\SYSTEM32\DLA\TFSNBOIO.SYS [Sonic Solutions]
"tfsncofs" = C:\WINDOWS\SYSTEM32\DLA\TFSNCOFS.SYS [Sonic Solutions]
"tfsndrct" = C:\WINDOWS\SYSTEM32\DLA\TFSNDRCT.SYS [Sonic Solutions]
"tfsndres" = C:\WINDOWS\SYSTEM32\DLA\TFSNDRES.SYS [Sonic Solutions]
"tfsnifs" = C:\WINDOWS\SYSTEM32\DLA\TFSNIFS.SYS [Sonic Solutions]
"tfsnopio" = C:\WINDOWS\SYSTEM32\DLA\TFSNOPIO.SYS [Sonic Solutions]
"tfsnpool" = C:\WINDOWS\SYSTEM32\DLA\TFSNPOOL.SYS [Sonic Solutions]
"tfsnudf" = C:\WINDOWS\SYSTEM32\DLA\TFSNUDF.SYS [Sonic Solutions]
"tfsnudfa" = C:\WINDOWS\SYSTEM32\DLA\TFSNUDFA.SYS [Sonic Solutions]
"TPPWR" = C:\WINDOWS\SYSTEM32\DRIVERS\TPPWR.SYS [IBM Corp.]
"TSMAPIP" = C:\WINDOWS\SYSTEM32\DRIVERS\TSMAPIP.SYS [Empty]
"TwoTrack" = C:\WINDOWS\SYSTEM32\DRIVERS\TWOTRACK.SYS [IBM Corporation]
"ultra" = C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS [Promise Technology, Inc.]
"WlanUIG" = C:\WINDOWS\SYSTEM32\DRIVERS\WLANUIG.SYS [Conexant Systems, Inc.]
Protocol Filters Scan
Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (C:\WINDOWS\SYSTEM32\URLMON.DLL) [Microsoft Corporation]
text/xml = {807553E5-5146-11D5-A672-00B0D022E945} (C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSOXMLMF.DLL) [Microsoft Corporation]
Hosts Scan
LOCALHOST mapping = 1
IE Scan
IERESET.INF missing Signature="$CHICAGO$"
IERESET.INF missing AdvancedINF=2.5,"You need a new version of advpack.dll"
IERESET.INF missing AddReg=RestoreHomePage.reg
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","Provider",0,""
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89*"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","AutoSearch"
IERESET.INF missing SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
IERESET.INF missing AddReg=RestoreBrowserSettings.reg
IERESET.INF missing DelReg=DeleteTemplates.reg or DelReg=DeleteTemplates.reg, DeleteAutosearch.reg
IERESET.INF missing START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" or START_PAGE_URL="https://www.msn.com/fr-fr/"
IERESET.INF missing SAFESITE_VALUE="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2fbr%2faccess%2fallinone.asp%3f" or SAFESITE_VALUE="ie.search.msn.com"
IERESET.INF missing MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" or MS_START_PAGE_URL="https://www.msn.com/fr-fr/"
URLSearchHook = {08C06D61-F1F3-4799-86F8-BE1A89362C85} (C:\Program Files\Wanadoo\SearchPageURL.dll) [Empty] HIJACK WARNING!
Spyware Terminator Version: 1.8.7.991
Start time: 04/01/2008 17:43:55
System: Windows XP
User: Limited
Processes Scan
C:\WINDOWS\SYSTEM32\WINLOGON.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL [ATI Technologies Inc.],
C:\WINDOWS\SYSTEM32\IBMPMSVC.EXE [Empty]
C:\PROGRAM FILES\THINKPAD\UTILITIES\TPKMAPMN.EXE [Empty] TPKMAPHK.DLL [Empty], TPKMAPHK.DLL, TPKMAPHK.DLL, SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [ATI Technologies Inc.] C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL [ATI Technologies, Inc.], ATI2EDXX.DLL,
C:\WINDOWS\SYSTEM32\SVCHOST.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ESENT.DLL [Microsoft Corporation
], SYNTPFCS.DLL,
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE [ALWIL Software] ASWCMNS.DLL [ALWIL Software], ASWCMNOS.DLL [ALWIL Software], ASWCMNB.DLL [ALWIL Software],
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE [ALWIL Software] ASWAUX.DLL [ALWIL Software], ASWCMNB.DLL, ASWCMNOS.DLL, ASWENGIN.DLL [ALWIL Software], ASWSCAN.DLL [ALWIL Software], ASWCMNS.DLL, ASHBASE.DLL [ALWIL Software], ASHTASK.DLL [ALWIL Software], ASWINTEG.DLL [ALWIL Software], ASWIDLE.DLL [ALWIL Software], AAVM4H.DLL [ALWIL Software], BASE.DLL [ALWIL Software], C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\UNACEV2.DLL [Empty], AHRESMAI.DLL [ALWIL Software], AHRESMES.DLL [ALWIL Software], AHRESNS.DLL [ALWIL Software], AHRESOUT.DLL [ALWIL Software], AHRESP2P.DLL [ALWIL Software], AHRESSTD.DLL [ALWIL Software], AHRESWS.DLL [ALWIL Software], ASHSSQLT.DLL [ALWIL Software], ASWRES.DLL [ALWIL Software],
C:\WINDOWS\SYSTEM32\FTRTSVC.EXE [France Telecom] C:\WINDOWS\SYSTEM32\IFHELPER.DLL [France Télécom R&D],
C:\WINDOWS\SYSTEM32\QCONSVC.EXE [Empty]
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE [ALWIL Software] ASHBASE.DLL, ASWCMNOS.DLL, ASWCMNB.DLL, ASWCMNS.DLL, AAVM4H.DLL, ASHTASK.DLL, ASWAUX.DLL, AHRESMAI.DLL, BASE.DLL, ASWENGIN.DLL, ASWSCAN.DLL, ASHUINT.DLL [ALWIL Software], C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\XT1922.DLL [Codejock Software], LANG.DLL [ALWIL Software], LANGMAI.DLL [ALWIL Software],
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE [ALWIL Software] ASHBASE.DLL, ASWCMNOS.DLL, ASWCMNB.DLL, ASWCMNS.DLL, AAVM4H.DLL, ASHTASK.DLL, ASWAUX.DLL, BASE.DLL, ASHWSFTR.DLL [ALWIL Software], ASWSCAN.DLL, AhResWS.dll, ASWENGIN.DLL,
C:\WINDOWS\EXPLORER.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL [Synaptics, Inc.], C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL [IBM Corp.], C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX [Empty], C:\WINDOWS\SYSTEM32\DLA\TFSWSHX.DLL [Sonic Solutions], C:\WINDOWS\SYSTEM32\TFSWAPI.DLL [Sonic Solutions], C:\WINDOWS\SYSTEM32\DLA\TFSWCRES.DLL [Sonic Solutions], C:\Program Files\Wanadoo\INACTIVITY.DLL [Empty], C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL [ALWIL Software], C:\Program Files\Softwin\BitDefender10\bdshelxt.dll [file not found],
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE [Synaptics, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE [Synaptics, Inc.] SYNTPAPI.DLL [Synaptics, Inc.], SYNTPFCS.DLL,
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [Empty] SYNTPFCS.DLL, TPHK_2K.DLL [Empty], C:\WINDOWS\SYSTEM32\OEMDSPIF.DLL [ATI Technologies, Inc.],
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\QCWLICON.EXE [Empty] QCON.DLL [Empty], C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\MERLINC201.DLL [Novatel Wireless Inc.], SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE [Microsoft Corporation] PWRMONIT.DLL, C:\Program Files\ThinkPad\Utilities\TPPWRW32.DLL [IBM Corp.], SYNTPFCS.DLL,
C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe [IBM Corp.] SYNTPFCS.DLL,
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE [ATI Technologies, Inc.] ATRPUIXX.FRA [ATI Technologies, Inc.], SYNTPFCS.DLL, ATIPDSXX.DLL [ATI Technologies, Inc.],
C:\PROGRAM FILES\SUPPORT.COM\BIN\TGCMD.EXE [SupportSoft, Inc.] C:\PROGRAM FILES\SUPPORT.COM\BIN\1036\TGLOCALE.DLL [Support.com, Inc.], SDCMON.DLL [SupportSoft, Inc.], SYNTPFCS.DLL,
C:\PROGRAM FILES\IBM\MESSAGES BY IBM\IBMMESSAGES.EXE [IBM] C:\WINDOWS\SYSTEM32\AIBMRUNL.DLL [Empty], SYNTPFCS.DLL, C:\PROGRAM FILES\SUPPORT.COM\BIN\TGLIB.DLL [SupportSoft, Inc.], TGLOCALE.DLL,
C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY\TPONSCR.EXE [Empty] SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\DLA\TFSWCTRL.EXE [Sonic Solutions] TFSWAPI.DLL, TFSWCRES.DLL, SYNTPFCS.DLL,
C:\Program Files\Alwil Software\Avast4\ashDisp.exe [ALWIL Software] aswCmnOS.dll, ashBase.dll, aswCmnB.dll, aswCmnS.dll, ashTask.dll, aswAux.dll, Aavm4h.dll, BASE.DLL, LANG.DLL, AavmRpch.dll [ALWIL Software], AHRUIMAI.DLL [ALWIL Software], ashUInt.dll, XT1922.dll, AHRUIMES.DLL [ALWIL Software], AHRUINS.DLL [ALWIL Software], AHRUIOUT.DLL [ALWIL Software], AHRUIP2P.DLL [ALWIL Software], AHRUISTD.DLL [ALWIL Software], AHRUIWS.DLL [ALWIL Software], SYNTPFCS.DLL,
C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\JUSCHED.EXE [Sun Microsystems, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE [RealNetworks, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY_1\TPSCREX.EXE [IBM Corporation] SYNTPFCS.DLL,
C:\WINDOWS\svhoster.exe [file not found] SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\CTFMON.EXE [Microsoft Corporation] SYNTPFCS.DLL,
C:\WINDOWS\runsql.exe [file not found] SYNTPFCS.DLL,
C:\WINDOWS\svzip.exe [file not found] SYNTPFCS.DLL,
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE [Microsoft Corporation] SYNTPFCS.DLL, INACTIVITY.DLL,
C:\WINDOWS\sv.exe [file not found] SYNTPFCS.DLL,
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE [Microsoft Corporation] SYNTPFCS.DLL, C:\WINDOWS\SYSTEM32\MSDMO.DLL [Empty],
C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE [Skype Technologies S.A.] SYNTPFCS.DLL, INACTIVITY.DLL,
C:\PROGRAM FILES\SAGEM WIFI MANAGER\WLANUTL.EXE [Empty] C:\WINDOWS\SYSTEM32\W32N50.DLL [Printing Communications Assoc., Inc. (PCAUSA)], SYNTPFCS.DLL,
C:\Program Files\Wanadoo\Toaster.exe [France Telecom R&D] C:\Program Files\Wanadoo\StyleIHM.dll [France Télécom R&D], SYNTPFCS.DLL, C:\WINDOWS\system32\AlertModule\AlertClient.dll [Empty], C:\Program Files\Wanadoo\skin\Default\main\RESOURCESTYLE.DLL [Empty], INACTIVITY.DLL,
C:\Program Files\Wanadoo\INACTIVITY.EXE [Empty] SYNTPFCS.DLL, AlertClient.dll, INACTIVITY.DLL,
C:\Program Files\Wanadoo\POLLINGMODULE.EXE [Empty] C:\Program Files\Wanadoo\OutilsFT.dll [France Télécom R&D], SYNCHRODLL.DLL [Empty], SYNTPFCS.DLL, AlertClient.dll,
C:\WINDOWS\system32\AlertModule\AlertModule.exe [Empty] SYNTPFCS.DLL,
C:\PROGRAM FILES\SKYPE\PLUGIN MANAGER\SKYPEPM.EXE [Skype Technologies] SYNTPFCS.DLL, C:\PROGRAM FILES\SKYPE\PLUGIN MANAGER\EZPMUTILS.DLL [EasyBits Media AS],
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [Microsoft Corporation] SYNTPFCS.DLL, C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.], ACROIEHELPER.OCX, C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL [Skype Technologies S.A.], C:\PROGRAM FILES\SKYPE\TOOLBARS\SHARED\SPHONEPARSER.DLL [Skype Technologies], C:\PROGRAM FILES\REAL\REALPLAYER\RPBROWSERRECORDPLUGIN.DLL [RealPlayer], TFSWSHX.DLL, TFSWAPI.DLL, TFSWCRES.DLL, C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\2.0.301.7164\SWG.DLL [Google Inc.], INACTIVITY.DLL, C:\Program Files\Wanadoo\SearchPageURL.dll [Empty], SYNTPFCS.DLL, GOOGLETOOLBAR1.DLL, ACROIEHELPER.OCX, SKYPEIEPLUGIN.DLL, SPHONEPARSER.DLL, RPBROWSERRECORDPLUGIN.DLL, C:\PROGRAM FILES\REAL\REALPLAYER\LANG\RPBRP_FR.DLL [RealNetworks, Inc.], TFSWSHX.DLL, TFSWAPI.DLL, TFSWCRES.DLL, C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\SSV.DLL [Sun Microsystems, Inc.], SWG.DLL, INACTIVITY.DLL, C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH9D.OCX [Adobe Systems, Inc.], SYNTPFCS.DLL, GOOGLETOOLBAR1.DLL, ACROIEHELPER.OCX, SKYPEIEPLUGIN.DLL, SPHONEPARSER.DLL, RPBROWSERRECORDPLUGIN.DLL, RPBRP_FR.DLL, TFSWSHX.DLL, TFSWAPI.DLL, TFSWCRES.DLL, SSV.DLL, SWG.DLL, INACTIVITY.DLL, FLASH9D.OCX,
C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\JUCHECK.EXE [Sun Microsystems, Inc.] SYNTPFCS.DLL,
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE [Lavasoft AB] CEAPI.DLL [Lavasoft AB], C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\PKARCHIVE84CB.DLL [PKWARE, Inc.], C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\UPDATE.DLL [Empty],
C:\Program Files\Softwin\BitDefender10\bdagent.exe [file not found] bdch.dll [file not found], bdsubmit.dll [file not found], bdutils.dll [file not found], XCOMM.dll [file not found], procinf.dll [file not found], BDGUICtl.dll [file not found], txmlx.dll [file not found], sockspy.dll [file not found], SYNTPFCS.DLL,
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE [Google Inc.] GTN.DLL [Google Inc.], SYNTPFCS.DLL, RES_FR.DLL [Google Inc.], SWG.DLL,
C:\PROGRAM FILES\CRAWLER\TOOLBAR\CTOOLBAR.EXE [Crawler.com] SYNTPFCS.DLL, ctbcomm.dll [Crawler.com], WebSecurityGuard.dll [Crawler.com],
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATOR.EXE [Crawler.com] SYNTPFCS.DLL, INACTIVITY.DLL,
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE [Crawler.com] SYNTPFCS.DLL,
C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE [Crawler.com]
Startup Scan
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"CTFMON.EXE" = "C:\WINDOWS\SYSTEM32\CTFMON.EXE" [ Microsoft Corporation ]
"ibmmessages" = "C:\PROGRAM FILES\IBM\MESSAGES BY IBM\IBMMESSAGES.EXE" [ IBM ]
"MSMSGS" = "C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE" [ Microsoft Corporation ]
"Skype" = "C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE" [ Skype Technologies S.A. ]
"swg" = "C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE" [ Google Inc. ]
"UpdateWin" = "C:\WINDOWS\SYSTEM32\1036T.EXE" [ Empty ]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"S3TRAY2" = "C:\WINDOWS\system32\S3TRAY2.EXE" [ S3 Graphics, Inc. ]
"SynTPLpr" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE" [ Synaptics, Inc. ]
"SynTPEnh" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE" [ Synaptics, Inc. ]
"BluetoothAuthenticationAgent" = "C:\WINDOWS\system32\IRPROPS.CPL" [ Microsoft Corporation ]
"TPHOTKEY" = "C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe" [ Empty ]
"QCWLICON" = "C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\QCWLICON.EXE" [ Empty ]
"BMMGAG" = "C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL" [ IBM Corp. ]
"BMMLREF" = "C:\PROGRAM FILES\THINKPAD\UTILITIES\BMMLREF.EXE" [ Empty ]
"TPKMAPMN" = "C:\PROGRAM FILES\THINKPAD\UTILITIES\TPKMAPMN.EXE" [ Empty ]
"TP4EX" = "C:\WINDOWS\system32\TP4EX.EXE" [ IBM Corporation ]
"EZEJMNAP" = "C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe" [ IBM Corp. ]
"ATIPTA" = "C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE" [ ATI Technologies, Inc. ]
"tgcmd" = "C:\PROGRAM FILES\SUPPORT.COM\BIN\TGCMD.EXE" [ SupportSoft, Inc. ]
"ibmmessages" = "C:\PROGRAM FILES\IBM\MESSAGES BY IBM\IBMMESSAGES.EXE" [ IBM ]
"StorageGuard" = "C:\PROGRAM FILES\VERITAS SOFTWARE\UPDATE MANAGER\SGTRAY.EXE" [ VERITAS Software, Inc. ]
"dla" = "C:\WINDOWS\SYSTEM32\DLA\TFSWCTRL.EXE" [ Sonic Solutions ]
"WOOWATCH" = "C:\Program Files\Wanadoo\Watch.exe" [ France Télécom R&D ]
"avast!" = "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [ ALWIL Software ]
"SunJavaUpdateSched" = "C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\JUSCHED.EXE" [ Sun Microsystems, Inc. ]
"TkBellExe" = "C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE" [ RealNetworks, Inc. ]
"netc" = "C:\WINDOWS\svc.exe" [ file not found ]
"UpdateWin" = "C:\WINDOWS\SYSTEM32\1036T.EXE" [ Empty ]
"net64" = "C:\WINDOWS\svhoster.exe" [ file not found ]
"netzip" = "C:\WINDOWS\svzip.exe" [ file not found ]
"netsv32" = "C:\WINDOWS\sv.exe" [ file not found ]
"runsql" = "C:\WINDOWS\runsql.exe" [ file not found ]
"SpywareTerminator" = "C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE" [ Crawler.com ]
"BootExecute" = "C:\WINDOWS\system32\LSDELETE.EXE" [INFECTION WARNING!]
Toolbars Scan
&Google {2318C2B1-4965-11d4-9B18-009027A5CD4F} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
&Crawler Toolbar {4B3803EA-5230-4DC3-A7FC-33638F3D3542} C:\Program Files\Crawler\Toolbar\ctbr.dll [Crawler.com]
BHO Scan
AcroIEHlprObj Class {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX [Empty]
{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} C:\Program Files\Crawler\Toolbar\ctbr.dll [Crawler.com]
Skype add-on (mastermind) {22BF413B-C6D2-4d91-82A9-A0F997BA588C} C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL [Skype Technologies S.A.]
RealPlayer Download and Record Plugin for Internet Explorer {3049C3E9-B461-4BC5-8870-4C09146192CA} C:\PROGRAM FILES\REAL\REALPLAYER\RPBROWSERRECORDPLUGIN.DLL [RealPlayer]
DriveLetterAccess {5CA3D70E-1895-11CF-8E15-001234567890} C:\WINDOWS\SYSTEM32\DLA\TFSWSHX.DLL [Sonic Solutions]
SSVHelper Class {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\SSV.DLL [Sun Microsystems, Inc.]
Google Toolbar Helper {AA58ED58-01DD-4d91-8333-CF10577473F7} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
Google Toolbar Notifier BHO {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\2.0.301.7164\SWG.DLL [Google Inc.]
Skype add-on (button) {77BF5300-1474-4EC7-9980-D32B190E9B07} C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL [Skype Technologies S.A.]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} = Extension Affichage Panorama du Panneau de configuration (deskpan.dll) [file not found]
{764BF0E1-F219-11ce-972D-00AA00A14F56} = Extensions de l'environnement de compression de fichiers () [file not found]
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Menu contextuel de cryptage () [file not found]
{88895560-9AA2-1069-930E-00AA0030EBC8} = Extension icône HyperTerminal (C:\WINDOWS\SYSTEM32\HTICONS.DLL) [Hilgraeve, Inc.]
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = Barre des tâches et menu Démarrer () [file not found]
{7A9D77BD-5403-11d2-8785-2E0420524153} = Comptes d'utilisateurs () [file not found]
{5CA3D70E-1895-11CF-8E15-001234567890} = DriveLetterAccess (C:\WINDOWS\SYSTEM32\DLA\TFSWSHX.DLL) [Sonic Solutions]
{472083B0-C522-11CF-8763-00608CC02F24} = avast (C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL) [ALWIL Software]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player (C:\PROGRAM FILES\REAL\REALPLAYER\RPSHELL.DLL) [RealNetworks, Inc.]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL) [Microsoft Corporation]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL) [Microsoft Corporation]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL) [Microsoft Corporation]
{BD88A479-9623-4897-8546-BC62B9628F44} = SPTHandler (C:\PROGRAM FILES\SPYWARE TERMINATOR\SPTCONTMENU.DLL) [Crawler.com]
Winlogon Notify Scan
AtiExtEvent = Ati2evxx.dll (C:\WINDOWS\system32\ATI2EVXX.DLL) [ATI Technologies Inc.]
Services Scan
"aawservice" = C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE [Lavasoft AB]
"ac97intc" = C:\WINDOWS\SYSTEM32\DRIVERS\AC97INTC.SYS [Intel Corporation]
"Adobe LM Service" = C:\PROGRAM FILES\FICHIERS COMMUNS\ADOBE SYSTEMS SHARED\SERVICE\ADOBELMSVC.EXE [Empty]
"aeaudio" = C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS [Andrea Electronics Corporation]
"AliIde" = C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS [Acer Laboratories Inc.]
"amdagp" = C:\WINDOWS\SYSTEM32\DRIVERS\AMDAGP.SYS [Advanced Micro Devices, Inc.]
"asc" = C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS [Advanced System Products, Inc.]
"asc3550" = C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS [Advanced System Products, Inc.]
"aswUpdSv" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE [ALWIL Software]
"Ati HotKey Poller" = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [ATI Technologies Inc.]
"ati2mtag" = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS [ATI Technologies Inc.]
"avast! Antivirus" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE [ALWIL Software]
"avast! Mail Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE [ALWIL Software]
"avast! Web Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE [ALWIL Software]
"bdfdll" = C:\Program Files\Softwin\BitDefender10\bdfdll.sys [file not found]
"BDFsDrv" = C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [file not found]
"BDRsDrv" = C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [file not found]
"CmdIde" = C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS [CMD Technology, Inc.]
"dac2w2k" = C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS [Mylex Corporation]
"dmboot" = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS [Microsoft Corp., Veritas Software]
"dmio" = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS [Microsoft Corp., Veritas Software]
"dmload" = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS [Microsoft Corp., Veritas Software.]
"drvmcdb" = C:\WINDOWS\SYSTEM32\DRIVERS\DRVMCDB.SYS [Sonic Solutions]
"drvnddm" = C:\WINDOWS\SYSTEM32\DRIVERS\DRVNDDM.SYS [Sonic Solutions]
"E1000" = C:\WINDOWS\SYSTEM32\DRIVERS\E1000325.SYS [Intel Corporation]
"E100B" = C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS [Intel Corporation]
"FTRTSVC" = C:\WINDOWS\SYSTEM32\FTRTSVC.EXE [France Telecom]
"gusvc" = C:\PROGRAM FILES\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE [Google]
"IBMPMDRV" = C:\WINDOWS\SYSTEM32\DRIVERS\IBMPMDRV.SYS [Empty]
"IBMPMSVC" = C:\WINDOWS\SYSTEM32\IBMPMSVC.EXE [Empty]
"IBMTPCHK" = C:\WINDOWS\SYSTEM32\DRIVERS\IBMBLDID.SYS [Empty]
"ltmodem5" = C:\WINDOWS\SYSTEM32\DRIVERS\LTMDMNT.SYS [LT]
"MDC8021X" = C:\WINDOWS\SYSTEM32\DRIVERS\MDC8021X.SYS [Meetinghouse Data Communications]
"mraid35x" = C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS [American Megatrends Inc.]
"MSSQLServerADHelper" = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [file not found]
"NSCIRDA" = C:\WINDOWS\SYSTEM32\DRIVERS\NSCIRDA.SYS [National Semiconductor Corporation]
"PCAMPR5" = C:\WINDOWS\System32\PCAMPR5.SYS [file not found]
"PCANDIS5" = C:\WINDOWS\SYSTEM32\PCANDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)]
"Ptilink" = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Parallel Technologies, Inc.]
"PxHelp20" = C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS [Sonic Solutions]
"QCONSVC" = C:\WINDOWS\SYSTEM32\QCONSVC.EXE [Empty]
"ql1080" = C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS [QLogic Corporation]
"ql12160" = C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS [QLogic Corporation]
"ql1280" = C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS [QLogic Corporation]
"S3SSavage" = C:\WINDOWS\SYSTEM32\DRIVERS\S3SSAVM.SYS [S3 Graphics, Inc.]
"Secdrv" = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS [Empty]
"sisagp" = C:\WINDOWS\SYSTEM32\DRIVERS\SISAGP.SYS [Silicon Integrated Systems Corporation]
"smwdm" = C:\WINDOWS\SYSTEM32\DRIVERS\SMWDM.SYS [Analog Devices, Inc.]
"Sparrow" = C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS [Adaptec, Inc.]
"sp_rsdrv2" = C:\WINDOWS\SYSTEM32\DRIVERS\SP_RSDRV2.SYS [Empty]
"sp_rssrv" = C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE [Crawler.com]
"sscdbhk5" = C:\WINDOWS\SYSTEM32\DRIVERS\SSCDBHK5.SYS [Sonic Solutions]
"ssrtln" = C:\WINDOWS\SYSTEM32\DRIVERS\SSRTLN.SYS [Sonic Solutions]
"symc810" = C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS [Symbios Logic Inc.]
"symc8xx" = C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS [LSI Logic]
"sym_hi" = C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS [LSI Logic]
"sym_u3" = C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS [LSI Logic]
"SynTP" = C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS [Synaptics, Inc.]
"TDSMAPI" = C:\WINDOWS\SYSTEM32\DRIVERS\TDSMAPI.SYS [Empty]
"tfsnboio" = C:\WINDOWS\SYSTEM32\DLA\TFSNBOIO.SYS [Sonic Solutions]
"tfsncofs" = C:\WINDOWS\SYSTEM32\DLA\TFSNCOFS.SYS [Sonic Solutions]
"tfsndrct" = C:\WINDOWS\SYSTEM32\DLA\TFSNDRCT.SYS [Sonic Solutions]
"tfsndres" = C:\WINDOWS\SYSTEM32\DLA\TFSNDRES.SYS [Sonic Solutions]
"tfsnifs" = C:\WINDOWS\SYSTEM32\DLA\TFSNIFS.SYS [Sonic Solutions]
"tfsnopio" = C:\WINDOWS\SYSTEM32\DLA\TFSNOPIO.SYS [Sonic Solutions]
"tfsnpool" = C:\WINDOWS\SYSTEM32\DLA\TFSNPOOL.SYS [Sonic Solutions]
"tfsnudf" = C:\WINDOWS\SYSTEM32\DLA\TFSNUDF.SYS [Sonic Solutions]
"tfsnudfa" = C:\WINDOWS\SYSTEM32\DLA\TFSNUDFA.SYS [Sonic Solutions]
"TPPWR" = C:\WINDOWS\SYSTEM32\DRIVERS\TPPWR.SYS [IBM Corp.]
"TSMAPIP" = C:\WINDOWS\SYSTEM32\DRIVERS\TSMAPIP.SYS [Empty]
"TwoTrack" = C:\WINDOWS\SYSTEM32\DRIVERS\TWOTRACK.SYS [IBM Corporation]
"ultra" = C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS [Promise Technology, Inc.]
"WlanUIG" = C:\WINDOWS\SYSTEM32\DRIVERS\WLANUIG.SYS [Conexant Systems, Inc.]
Protocol Filters Scan
Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (C:\WINDOWS\SYSTEM32\URLMON.DLL) [Microsoft Corporation]
text/xml = {807553E5-5146-11D5-A672-00B0D022E945} (C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSOXMLMF.DLL) [Microsoft Corporation]
Hosts Scan
LOCALHOST mapping = 1
IE Scan
IERESET.INF missing Signature="$CHICAGO$"
IERESET.INF missing AdvancedINF=2.5,"You need a new version of advpack.dll"
IERESET.INF missing AddReg=RestoreHomePage.reg
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","Provider",0,""
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89*"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","AutoSearch"
IERESET.INF missing SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
IERESET.INF missing AddReg=RestoreBrowserSettings.reg
IERESET.INF missing DelReg=DeleteTemplates.reg or DelReg=DeleteTemplates.reg, DeleteAutosearch.reg
IERESET.INF missing START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" or START_PAGE_URL="https://www.msn.com/fr-fr/"
IERESET.INF missing SAFESITE_VALUE="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2fbr%2faccess%2fallinone.asp%3f" or SAFESITE_VALUE="ie.search.msn.com"
IERESET.INF missing MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" or MS_START_PAGE_URL="https://www.msn.com/fr-fr/"
URLSearchHook = {08C06D61-F1F3-4799-86F8-BE1A89362C85} (C:\Program Files\Wanadoo\SearchPageURL.dll) [Empty] HIJACK WARNING!
