Quelqu'un pour analyser mon hijackthis svp
Résolu
leelooworld
Messages postés
179
Statut
Membre
-
rafik75018 Messages postés 4 Statut Membre -
rafik75018 Messages postés 4 Statut Membre -
Bonjour,
alors voila, j'avais des problemes et j'ai réussi grace a l'aide de personnes sur ce site à y remedier, enfin je pense.
c pourquoi je voudrai que quelqu'un analyse mon hijackthis pour savoir si maintenant tout et bon,
de plus je voudrai savoir si c possible de garder antivir et Malwarebytes' Anti-Malware (logiciel que l'on ma fais installer et qui ma permit de désinfecter mon ordinateur) en meme temps ou est-ce qu'il faut que j'en desinstalle un?
merci d'avance
voilà mon hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:56, on 13/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\programme\pare feu\zone alarme\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\programme\supercopieur\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\programme\Emule\emule.exe
C:\programme\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\system32\smmss.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\programme\pare feu\zone alarme\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\programme\supercopieur\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [eMuleAutoStart] C:\programme\Emule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {317153FE-B7FB-419B-AC87-0B2EC97D7A04} (VB2S ActiveX Control) - http://www.subdo.com/activex/vb2s.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
alors voila, j'avais des problemes et j'ai réussi grace a l'aide de personnes sur ce site à y remedier, enfin je pense.
c pourquoi je voudrai que quelqu'un analyse mon hijackthis pour savoir si maintenant tout et bon,
de plus je voudrai savoir si c possible de garder antivir et Malwarebytes' Anti-Malware (logiciel que l'on ma fais installer et qui ma permit de désinfecter mon ordinateur) en meme temps ou est-ce qu'il faut que j'en desinstalle un?
merci d'avance
voilà mon hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:56, on 13/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\programme\pare feu\zone alarme\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\programme\supercopieur\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\programme\Emule\emule.exe
C:\programme\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\system32\smmss.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\programme\pare feu\zone alarme\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\programme\supercopieur\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [eMuleAutoStart] C:\programme\Emule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {317153FE-B7FB-419B-AC87-0B2EC97D7A04} (VB2S ActiveX Control) - http://www.subdo.com/activex/vb2s.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\programme\antivir\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
A voir également:
- Quelqu'un pour analyser mon hijackthis svp
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Analyser disque dur externe - Guide
- Analyser clé usb - Guide
- Image analyser - Télécharger - Photo & Graphisme
- Analyser performance pc - Guide
2 réponses
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
Suprime sa et sa sera bon
Suprime sa et sa sera bon
leelooworld
Messages postés
179
Statut
Membre
2
ok merchi
salut mon pc etè lent alors je lè passe a atf cleaner et c cleaner et sur avg anti virus et sur hijackthis et voila le raport de avg anti virus
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 01:07:55 27/09/2008
+ Résultat de l'analyse:
HKLM\SOFTWARE\Gator.com -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Gator -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Gator\stat -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0003 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0004 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0005 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483EE640.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483EE640.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483EE640.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F31EE.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F31EE.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F31EE.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F331B.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F331B.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F331B.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F55BD.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F55BD.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F55BD.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC270.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC270.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC270.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC5EB.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC5EB.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC5EB.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FFEA0.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FFEA0.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FFEA0.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\484028C9.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\484028C9.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\484028C9.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48403AFE.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48403AFE.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48403AFE.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48405AB3.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48405AB3.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48405AB3.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\Bundle -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\Bundle\chk -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\Bundle\dl -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\OemResDll -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\OemResDll\chk -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\OemResDll\dl -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\SilentSetup -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\SilentSetup\chk -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\SilentSetup\dl -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\TricklerInf -> Adware.Gator : Nettoyé.
C:\Downloads\Sub7 v1.1.zip/Server/SubSeven v1.1.exe -> Backdoor.SubSeven.11 : Nettoyé.
C:\Downloads\Sub7 Apocalypse.zip/EditServer/EditServer.exe -> Backdoor.SubSeven.19 : Nettoyé.
C:\Downloads\Sub7 Apocalypse.zip/Server/SubSeven Apocalypse.exe -> Backdoor.SubSeven.19 : Nettoyé.
F:\mm\Documents and Settings\LocalService\Cookies\system@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
Fin du rapport
et voila le raport de hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:17:42, on 27/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
F:\lang\aswUpdSv.exe
F:\lang\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
F:\lang\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\system32\ctfmon.exe
F:\ADSL Autoconnect.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Bonjour\mDNSResponder.exe
E:\Video Converter 3\spd.exe
D:\Program Files\OneStep\onestep.exe
D:\WINDOWS\system32\svchost.exe
F:\ADSL Autoconnect.exe
F:\lang\ashMaiSv.exe
F:\lang\ashWebSv.exe
D:\Program Files\OneStep\onestep.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
F:\Alien IP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Free Download Manager\iefdm2.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - (no file)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - D:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [avast!] F:\lang\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: .vbs
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B148486-9345-42B3-9417-9943A835545D}: NameServer = 41.221.20.4 208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B148486-9345-42B3-9417-9943A835545D}: NameServer = 41.221.20.4 208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - F:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O23 - Service: ADSLAutoconnect - Unknown owner - F:\ADSL Autoconnect.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - E:\bin\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\lang\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\lang\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\lang\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\lang\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - E:\Video Converter 3\spd.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Unknown owner - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: OneStepSearch Service - OneStepSearch.net, Inc. - D:\Program Files\OneStep\onestep.exe
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 01:07:55 27/09/2008
+ Résultat de l'analyse:
HKLM\SOFTWARE\Gator.com -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Gator -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Gator\stat -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0003 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0004 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483E910F.0005 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483EE640.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483EE640.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483EE640.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F31EE.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F31EE.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F31EE.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F331B.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F331B.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F331B.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F55BD.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F55BD.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483F55BD.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC270.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC270.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC270.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC5EB.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC5EB.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FC5EB.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FFEA0.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FFEA0.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\483FFEA0.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\484028C9.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\484028C9.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\484028C9.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48403AFE.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48403AFE.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48403AFE.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48405AB3.0000 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48405AB3.0001 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\EventCache\48405AB3.0002 -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\Bundle -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\Bundle\chk -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\Bundle\dl -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\OemResDll -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\OemResDll\chk -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\OemResDll\dl -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\SilentSetup -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\SilentSetup\chk -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\SilentSetup\dl -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Gator.com\Trickler\Files\TricklerInf -> Adware.Gator : Nettoyé.
C:\Downloads\Sub7 v1.1.zip/Server/SubSeven v1.1.exe -> Backdoor.SubSeven.11 : Nettoyé.
C:\Downloads\Sub7 Apocalypse.zip/EditServer/EditServer.exe -> Backdoor.SubSeven.19 : Nettoyé.
C:\Downloads\Sub7 Apocalypse.zip/Server/SubSeven Apocalypse.exe -> Backdoor.SubSeven.19 : Nettoyé.
F:\mm\Documents and Settings\LocalService\Cookies\system@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
Fin du rapport
et voila le raport de hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:17:42, on 27/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
F:\lang\aswUpdSv.exe
F:\lang\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
F:\lang\ashDisp.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\system32\ctfmon.exe
F:\ADSL Autoconnect.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Bonjour\mDNSResponder.exe
E:\Video Converter 3\spd.exe
D:\Program Files\OneStep\onestep.exe
D:\WINDOWS\system32\svchost.exe
F:\ADSL Autoconnect.exe
F:\lang\ashMaiSv.exe
F:\lang\ashWebSv.exe
D:\Program Files\OneStep\onestep.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
F:\Alien IP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Free Download Manager\iefdm2.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - (no file)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - D:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [avast!] F:\lang\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: .vbs
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B148486-9345-42B3-9417-9943A835545D}: NameServer = 41.221.20.4 208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B148486-9345-42B3-9417-9943A835545D}: NameServer = 41.221.20.4 208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - F:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O23 - Service: ADSLAutoconnect - Unknown owner - F:\ADSL Autoconnect.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - E:\bin\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\lang\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\lang\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\lang\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\lang\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - E:\Video Converter 3\spd.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Unknown owner - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: OneStepSearch Service - OneStepSearch.net, Inc. - D:\Program Files\OneStep\onestep.exe
