Sujet Précédent Sujet Suivant

XP antivirus rapport de rudyvix

Fermé
rudyvix - 24 mars 2008 à 02:13
 rudyvix - 24 mars 2008 à 19:59
Bonjour,

J'ai fait je pense tout ce qui m'était demandé et envoyé les 3 rapports à "générer un rapport"
En espérant que les choses s'arrangent.

Voici le rapport AVG Anti-Spyware:---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 00:39:34 24/03/2008

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\b3d_auto_file -> Adware.BrilliantDigital : Ignoré.
HKLM\SOFTWARE\Classes\b3d_auto_file\shell -> Adware.BrilliantDigital : Ignoré.
HKLM\SOFTWARE\Classes\b3d_auto_file\shell\open -> Adware.BrilliantDigital : Ignoré.
HKLM\SOFTWARE\Classes\b3d_auto_file\shell\open\command -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\AceDID -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\AceFF -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\AceSS -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Blood -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Browser -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\CSwine -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Eggbert -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Eggbert\state -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Evil -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Freak -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\GUI -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Gravity Angels -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Halloween -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Misc -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Movie -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Mummy -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Popeye -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Popeye3 -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Super1 -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\Werewolf -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\XenaDC -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\XenaDW -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\XenaGF -> Adware.BrilliantDigital : Ignoré.
HKU\S-1-5-21-3238593942-1522142496-4240980142-1006\Software\Brilliant Digital Entertainment\PROJECTOR\display -> Adware.BrilliantDigital : Ignoré.
C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP590\A0086907.exe -> Backdoor.Agent.duj : Ignoré.
C:\Program Files\XP Antivirus\xpa.exe -> Not-A-Virus.PUP.XPAntivirus.bh : Ignoré.
C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP587\A0083520.exe -> Not-A-Virus.PUP.XPAntivirus.bh : Ignoré.
C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP587\A0083521.exe -> Not-A-Virus.PUP.XPAntivirus.bh : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@advertising[2].txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@atdmt[1].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@fastclick[2].txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Ignoré.
C:\Documents and Settings\Desvaux Rudy Frédér\Cookies\desvaux_rudy_frédér@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré.


Fin du rapport



Voici le rapport Bitdefender:

BitDefender Online Scanner







Scan report generated at: Mon, Mar 24, 2008 - 01:40:52









Scan path: C:\;D:\;E:\;G:\;H:\;I:\;J:\;















Statistics

Time


00:44:12

Files


200237

Folders


5799

Boot Sectors


3

Archives


7737

Packed Files


12753







Results

Identified Viruses


2

Infected Files


6

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


6







Engines Info

Virus Definitions


1021906

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins


16

Archive plugins


41

Unpack plugins


7

E-mail plugins


6

System plugins


5







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Program Files\XP Antivirus\xpa.exe


Detected with: Adware.XPAntiVirus.H

C:\Program Files\XP Antivirus\xpa.exe


Deleted

C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP587\A0083520.exe


Detected with: Adware.XPAntiVirus.H

C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP587\A0083520.exe


Deleted

C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP587\A0083521.exe


Detected with: Adware.XPAntiVirus.H

C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP587\A0083521.exe


Deleted

C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP591\A0086950.exe


Detected with: Adware.XPAntiVirus.H

C:\System Volume Information\_restore{D69605A8-7EA4-40E2-B401-85BE78E5DEBC}\RP591\A0086950.exe


Deleted

C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006


Detected with: Adware.Navipromo.BYH

C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006


Deleted

C:\WINDOWS\pack.epk=>(NSIS 2g)


Update failed

C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0011=>(NSIS g)=>lzma_solid_nsis0002


Detected with: Adware.Navipromo.BYH

C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0011=>(NSIS g)=>lzma_solid_nsis0002


Deleted

C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0011=>(NSIS g)


Update failed




Voici le rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:07:44, on 23/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Focusrite Saffire PRO\SaffireProService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\DOCUME~1\DESVAU~1\LOCALS~1\Temp\xpa1503_en.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Desvaux Rudy Frédér\Local Settings\Temp\xpa1503_en.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Focusrite Saffire PRO\SaffireControlPro.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Documents and Settings\Desvaux Rudy Frédér\Bureau\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\WINDOWS\system32\spider.exe
C:\Documents and Settings\Desvaux Rudy Frédér\Bureau\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\DESVAU~1\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe -startup -product IncrediMail
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [OneMoreKey] C:\Program Files\XP Antivirus\xpa.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d7 -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d7 -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - .DEFAULT User Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe (User 'Default user')
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Desvaux Rudy Frédér\Bureau\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SaffireProService - Unknown owner - C:\Program Files\Focusrite Saffire PRO\SaffireProService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
A voir également:

6 réponses

Réponse 1 / 6
diocool Messages postés 367 Date d'inscription mardi 26 février 2008 Statut Membre Dernière intervention 21 octobre 2010 12
24 mars 2008 à 02:22
Désinstalles C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe

Pour désinfecter les points de restauration:

Désactives ta restauration systeme :
Clic droit sur Poste de travail / propriétés / onglet restauration du systeme : COCHES la case "désactiver la restauration système sur tous les lecteurs."
Clic sur "Appliquer", et "ok".

Puis,réactives ta restauration systeme :

Clic droit poste de travail / Propriétés / onglet restauration du systeme : DECOCHES la case "désactiver la restauration système sur tous les lecteurs."
Clic sur "Appliquer", et "ok".

Ensuite,crée un nouveau point de restauration :
Menu démarrer / tous les programmes / accessoires / outils système / restauration du système / "créer un nouveau point de restauration"

Postes un nouveau rapport Hijackthis.
0
Réponse 2 / 6
rudyvix
24 mars 2008 à 10:29
Salut
Avant de désactiver la restauration système, je suppose qu'il me faut donc désactiver: C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe, mais ne trouve pas CToolbar.exe (Que veut dire "exe"?)
Ai bien trouvé C:\PROGRA~1\Crawler\Toolbar, nom du programme CToolbar -Taille 1936 ko- Type Application- Date de modif 13/03/2008 07:01 est-ce celui-ci qu'il me faut désactiver?
J'attends ta réponse avant d'aller plus loin afin d'éviter les erreurs
Merci
Rudy
0
diocool Messages postés 367 Date d'inscription mardi 26 février 2008 Statut Membre Dernière intervention 21 octobre 2010 12
24 mars 2008 à 10:52
Oui c'est celui qu'il faut désactiver.
0
Réponse 3 / 6
rudyvix
24 mars 2008 à 12:03
Dans Créer un point de restauration on me demande la "description du point de restauration" que dois-je faire?
Merci
0
diocool Messages postés 367 Date d'inscription mardi 26 février 2008 Statut Membre Dernière intervention 21 octobre 2010 12
24 mars 2008 à 12:25
Mets un mot que tu retiendras, au cas où tu voudras restaurer ton ordinateur s'il a un problème.
0
Réponse 4 / 6
rudyvix
24 mars 2008 à 13:02
Si je comprends bien il y a un risque de perdre toutes mes données..?
Dois-je sauvegarder sur CD mes écrits et compositions musicales avant ces opétations?
0
diocool Messages postés 367 Date d'inscription mardi 26 février 2008 Statut Membre Dernière intervention 21 octobre 2010 12
24 mars 2008 à 13:11
Non, il n'y a pas de risque, c'est pour désinfecter les points de restaurations car votre PC en créant automatiquement des points de restaurations peut y sauvegarder des virus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
rudyvix
24 mars 2008 à 16:55
Désactives ta restauration systeme : OK

Puis,réactives ta restauration systeme : OK

Ensuite,crée un nouveau point de restauration : OK

Postes un nouveau rapport Hijackthis : me répond "Always running" et ne lance pas le scan
0
diocool Messages postés 367 Date d'inscription mardi 26 février 2008 Statut Membre Dernière intervention 21 octobre 2010 12
24 mars 2008 à 17:05
Tutoriel Hijackthis---> https://www.bleepingcomputer.com/tutorials/comment-utiliser-hijackthis/
0
rudyvix > diocool Messages postés 367 Date d'inscription mardi 26 février 2008 Statut Membre Dernière intervention 21 octobre 2010
24 mars 2008 à 19:59
Pas réussi à refaire l'analyse avec HijackThis.
HijackThis est bien sur l'ordi mais impossible d'ouvrir, toujours même réponse
Pas trouvé dans tutorials (en anglais de plus) comment faire ce nouveau scan
Par les liens de HijackThis ai scanné avec Spyware doctor dont voici le résultat
6 Sur menace(s) et 361Sur infection(s) trouvées
Nom de la menace Infections Niveau de risques
Adware.adversiting 23 Faible
Application.TrackingCoockies 26 Faible
Spyware.Known_Bad_Sites 2 Faible
RogueAntiSpyware.AntiVirusPro 1 Faible
Trojan.PurityScan 2 Haut
Adware.Brillant_Digital 307 Faible

Vais continuer à tenter l'analyse avec HijackThis

Si cela peut déjà t'être utile...

Merci

Rudyvix

PS: me suis apperçu que rapport envoyé de HijackThis datait d'hier soir donc certainement Has Been
0
Réponse 6 / 6
rudyvix
24 mars 2008 à 19:04
Voici le rapport de HijackThis trouvé sur l'ordi dans bloc notes (c'est bien çà?):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:07:44, on 23/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Focusrite Saffire PRO\SaffireProService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\DOCUME~1\DESVAU~1\LOCALS~1\Temp\xpa1503_en.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Desvaux Rudy Frédér\Local Settings\Temp\xpa1503_en.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Focusrite Saffire PRO\SaffireControlPro.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Documents and Settings\Desvaux Rudy Frédér\Bureau\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\WINDOWS\system32\spider.exe
C:\Documents and Settings\Desvaux Rudy Frédér\Bureau\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\DESVAU~1\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe -startup -product IncrediMail
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [OneMoreKey] C:\Program Files\XP Antivirus\xpa.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d7 -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d7 -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - .DEFAULT User Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe (User 'Default user')
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Desvaux Rudy Frédér\Bureau\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SaffireProService - Unknown owner - C:\Program Files\Focusrite Saffire PRO\SaffireProService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses