Probleme de virus
Résolu
tomlunik
Messages postés
18
Statut
Membre
-
tomlunik Messages postés 18 Statut Membre -
tomlunik Messages postés 18 Statut Membre -
Bonjour,
j'ai besoin d'aide pour lutter contre un virus. je n'y connais rien en informatique je suis donc limité a des actions simples. j'ai effectué des scans avec avast et spybot. ce dernier me trouve un virus myway_mywebsearch mais ne le supprime pas. pouvez vous m'aider
j'ai besoin d'aide pour lutter contre un virus. je n'y connais rien en informatique je suis donc limité a des actions simples. j'ai effectué des scans avec avast et spybot. ce dernier me trouve un virus myway_mywebsearch mais ne le supprime pas. pouvez vous m'aider
A voir également:
- Probleme de virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
32 réponses
oui !
Avant d'utiliser Hijackthis on va nettoyer le PC :
Il existe un logiciel nommé Ccleaner, qui vous permet de supprimer tout les fichiers inutiles de votre ordinateur, parfois responsables de la lenteur :
https://filehippo.com/download_ccleaner/
Et son Tuto :
http://cofofides.heberg-forum.net/ftopic615_ccleaner-tutoriel-en-image.html
>>>
Télécharges hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.zip
et voici un gif pour bien l'installer : http://pageperso.aol.fr/balltrap34/Hijenr.gif
- une fois installé, le renommer HJT.exe pour contrer une éventuelle infection vundo
- Double-clic dessus
- Clic sur "Do a system scan and save the log"
- Copies le rapport, le coller dans la réponse
Avant d'utiliser Hijackthis on va nettoyer le PC :
Il existe un logiciel nommé Ccleaner, qui vous permet de supprimer tout les fichiers inutiles de votre ordinateur, parfois responsables de la lenteur :
https://filehippo.com/download_ccleaner/
Et son Tuto :
http://cofofides.heberg-forum.net/ftopic615_ccleaner-tutoriel-en-image.html
>>>
Télécharges hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.zip
et voici un gif pour bien l'installer : http://pageperso.aol.fr/balltrap34/Hijenr.gif
- une fois installé, le renommer HJT.exe pour contrer une éventuelle infection vundo
- Double-clic dessus
- Clic sur "Do a system scan and save the log"
- Copies le rapport, le coller dans la réponse
voila j'ai fait comme tu m'as dit j'espere ne pas m'être trompé
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:51, on 24/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\logiciel\OpwareSE4.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\HijackThis.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0A05135A-7E87-46F3-95B5-EE0981D9CFBE} - (no file)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\logiciel\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5620B784-E53C-4620-AF81-BF998EAB1C30} - (no file)
O2 - BHO: (no name) - {61483BC2-DBEF-4D36-A207-3AFC9816DA29} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {D8FFA8AE-BBE8-4D3F-A249-64B2D03EEB25} - (no file)
O3 - Toolbar: (no name) - {3FCAEB7D-F8AE-4A67-AE6C-57EE1416BB6D} - (no file)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\logiciel\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "D:\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "D:\logiciel\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\logiciel\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\logiciel\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nannene.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: rqRIcbYs - rqRIcbYs.dll (file missing)
O21 - SSODL: kvxqmtre - {79650FEF-8C9D-4C97-BDF0-BD99C79E777E} - (no file)
O21 - SSODL: evgratsm - {0BE2A867-21AC-457E-8104-F5B7A2009398} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:51, on 24/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\logiciel\OpwareSE4.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\HijackThis.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0A05135A-7E87-46F3-95B5-EE0981D9CFBE} - (no file)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\logiciel\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5620B784-E53C-4620-AF81-BF998EAB1C30} - (no file)
O2 - BHO: (no name) - {61483BC2-DBEF-4D36-A207-3AFC9816DA29} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {D8FFA8AE-BBE8-4D3F-A249-64B2D03EEB25} - (no file)
O3 - Toolbar: (no name) - {3FCAEB7D-F8AE-4A67-AE6C-57EE1416BB6D} - (no file)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\logiciel\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "D:\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "D:\logiciel\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\logiciel\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\logiciel\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nannene.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: rqRIcbYs - rqRIcbYs.dll (file missing)
O21 - SSODL: kvxqmtre - {79650FEF-8C9D-4C97-BDF0-BD99C79E777E} - (no file)
O21 - SSODL: evgratsm - {0BE2A867-21AC-457E-8104-F5B7A2009398} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Alors Tu vas télécharger la dernière version de Malwarebytes anti malware 1.23 : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Voici un tuto pour bien l'installer et l'utiliser : http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
(N'utilises pas File assassin)
! Il est Important d'être en mode sans échec lors de la recherche ! (Redémarrer l'ordi et tapoter à plusieurs reprises la touche F8 après le bip du PC)
Voici un tuto pour bien l'installer et l'utiliser : http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
(N'utilises pas File assassin)
! Il est Important d'être en mode sans échec lors de la recherche ! (Redémarrer l'ordi et tapoter à plusieurs reprises la touche F8 après le bip du PC)
dsl impossible d'effectuer le scan en mode sans echec est il possible de le faire en mode normal ou non
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salut j ai persiste pour le faire en mode sans echec resultat mon pc ne demarre plus
des que je le lance il s coupe tout seul
vois tu une expliquation
merci pour ta presence
des que je le lance il s coupe tout seul
vois tu une expliquation
merci pour ta presence
fausse alerte le pc redemarre mais il se coupe toujours en plein milieu du scan comment cela est il possible
Télécharge A squared free : https://www.01net.com/telecharger/
Puis son tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/a-squared.htm
Fais un scan Détaillé
Lis bien le tuto dans sa partie Nettoyage... Tu vas sélectionner tous les éléments détectés, puis les supprimer ! N'oublies pas d'enregistrer le rapport et de le poster sur le forum !
A+
Puis son tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/a-squared.htm
Fais un scan Détaillé
Lis bien le tuto dans sa partie Nettoyage... Tu vas sélectionner tous les éléments détectés, puis les supprimer ! N'oublies pas d'enregistrer le rapport et de le poster sur le forum !
A+
Voila le rapport de Malwarebytes anti malware 1.23
je t'envoie celui de A squared free des que possible merci encore
Malwarebytes' Anti-Malware 1.23
Version de la base de données: 986
Windows 5.1.2600 Service Pack 2
12:49:52 25/07/2008
mbam-log-7-25-2008 (12-49-52).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 98359
Temps écoulé: 5 hour(s), 14 minute(s), 26 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SecuriSoft SARL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\evgratsm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kvxqmtre (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\SAVED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\DELETED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\BASE (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\thomas\Local Settings\Application Data\sumwq_navps.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\thomas\Local Settings\Application Data\sumwq_nav.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\thomas\Local Settings\Application Data\sumwq.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\WINDOWS\elxw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP900\A0079971.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP900\A0079975.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP900\A0080011.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP901\A0083234.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP901\A0083235.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP901\A0083236.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083294.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083295.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083296.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083297.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083344.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083350.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083351.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\agpqlrfm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
je t'envoie celui de A squared free des que possible merci encore
Malwarebytes' Anti-Malware 1.23
Version de la base de données: 986
Windows 5.1.2600 Service Pack 2
12:49:52 25/07/2008
mbam-log-7-25-2008 (12-49-52).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 98359
Temps écoulé: 5 hour(s), 14 minute(s), 26 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SecuriSoft SARL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\evgratsm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kvxqmtre (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\SAVED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\DELETED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\BASE (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\thomas\Local Settings\Application Data\sumwq_navps.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\thomas\Local Settings\Application Data\sumwq_nav.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\thomas\Local Settings\Application Data\sumwq.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\WINDOWS\elxw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP900\A0079971.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP900\A0079975.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP900\A0080011.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP901\A0083234.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP901\A0083235.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP901\A0083236.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083294.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083295.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083296.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083297.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083344.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083350.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP902\A0083351.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\agpqlrfm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
voila le nouveau rapport
Version - a-squared Free 3.5
Dernière mise à jour : 25/07/2008 20:59:03
Paramètres des balayages :
Éléments : Mémoire, Traces, Cookies, C:\, D:\
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche
Début du balayage : 25/07/2008 21:10:08
c:\program files\need2find Objets détectés : Trace.Directory.P2PNetworking
c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf Objets détectés : Trace.File.MyWebSearch Toolbar
c:\windows\smdat32m.sys Objets détectés : Trace.File.Twain-Tech
Key: HKEY_CLASSES_ROOT\clsid\{f78b32d6-d6d8-4137-a18f-91ebe1a4aedb} Objets détectés : Trace.Registry.KaZaA
Key: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa Objets détectés : Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa --> tmp Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\cloudload --> sharedir Objets détectés : Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo --> kazaanet Objets détectés : Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> downloaddir Objets détectés : Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa --> tmp Objets détectés : Trace.Registry.KaZaA
Key: HKEY_CLASSES_ROOT\typelib\{05563f82-69a7-40a6-8670-153b635a7ef6} Objets détectés : Trace.Registry.RXToolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\SemanticInsight --> AppDir Objets détectés : Trace.Registry.RXToolbar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_music Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_avatar_num Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_sounds Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-fullscreen Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-volume Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> account Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> advertisercode Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> banner Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> creferer Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> profile Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> referer Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> safemode Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall_lang Objets détectés : Trace.Registry.Titan Poker
c:\program files\need2find Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\1.bin Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\cache Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\history Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\settings Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ffxtbr.jar Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ntstbr.jar Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\partner.dat Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\cache\files.ini Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\history\search Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\settings\prevcfg.htm Objets détectés : Trace.File.Need2Find Bar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Advanced --> Status Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\LocalContent --> DisableListFiles Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> Date Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> UseCount Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Transfer --> NoUploadLimitWhenIdle Objets détectés : Trace.Registry.Kazaa
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Home Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Points Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Redeem Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Settings Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Wallet Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> test Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Build Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CacheDir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CfgUrl Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigDateStamp Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevision Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevisionURL Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CurInstall Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Dir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Flags Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HistoryDir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HTMLMenuRevision Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Id Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pid Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pl Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> PluginPath Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> SettingsDir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ShzmCurInstall Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> sr Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Visible Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Microsoft\Internet Explorer\Extensions\CmdMapping --> {49783ED4-258D-4f9f-BE11-137C18D3E543} Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funaccount Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funnickname Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funusername Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> global_login_hint Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_autologinfun Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_dealervoices Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_finished Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_full Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_inprogress Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_xlslots Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> poker_nickname Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> username Objets détectés : Trace.Registry.Titan Poker
Analysé
Fichiers : 87818
Traces : 416899
Cookies : 6
Processus : 52
Objets trouvés
Fichiers : 0
Traces : 84
Cookies : 0
Processus : 0
Clés de Registre : 0
Fin du balayage : 25/07/2008 22:28:11
Temps du balayage : 1:18:03
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Home Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Points Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Redeem Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Settings Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Wallet Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> test Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Build Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CacheDir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CfgUrl Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigDateStamp Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevision Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevisionURL Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CurInstall Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Dir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Flags Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HistoryDir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HTMLMenuRevision Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Id Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pid Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pl Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> PluginPath Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> SettingsDir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ShzmCurInstall Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> sr Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Visible Objets Supprimés Trace.Registry.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ffxtbr.jar Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ntstbr.jar Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\partner.dat Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\cache\files.ini Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\history\search Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\settings\prevcfg.htm Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\1.bin Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\cache Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\history Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\settings Objets Supprimés Trace.Directory.Need2Find Bar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_music Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_avatar_num Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_sounds Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-fullscreen Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-volume Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> account Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> advertisercode Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> banner Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> creferer Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> profile Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> referer Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> safemode Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall_lang Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Microsoft\Internet Explorer\Extensions\CmdMapping --> {49783ED4-258D-4f9f-BE11-137C18D3E543} Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funaccount Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funnickname Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funusername Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> global_login_hint Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_autologinfun Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_dealervoices Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_finished Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_full Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_inprogress Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_xlslots Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> poker_nickname Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> username Objets Supprimés Trace.Registry.Titan Poker
Key: HKEY_CLASSES_ROOT\typelib\{05563f82-69a7-40a6-8670-153b635a7ef6} Objets Supprimés Trace.Registry.RXToolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\SemanticInsight --> AppDir Objets Supprimés Trace.Registry.RXToolbar
Key: HKEY_CLASSES_ROOT\clsid\{f78b32d6-d6d8-4137-a18f-91ebe1a4aedb} Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa --> tmp Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\cloudload --> sharedir Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo --> kazaanet Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> downloaddir Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa --> tmp Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Advanced --> Status Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\LocalContent --> DisableListFiles Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> Date Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> UseCount Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Transfer --> NoUploadLimitWhenIdle Objets Supprimés Trace.Registry.KaZaA
c:\windows\smdat32m.sys Objets Supprimés Trace.File.Twain-Tech
c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf Objets Supprimés Trace.File.MyWebSearch Toolbar
c:\program files\need2find Objets Supprimés Trace.Directory.P2PNetworking
Objets Supprimés
Fichiers : 0
Traces : 84
Cookies : 0
Version - a-squared Free 3.5
Dernière mise à jour : 25/07/2008 20:59:03
Paramètres des balayages :
Éléments : Mémoire, Traces, Cookies, C:\, D:\
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche
Début du balayage : 25/07/2008 21:10:08
c:\program files\need2find Objets détectés : Trace.Directory.P2PNetworking
c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf Objets détectés : Trace.File.MyWebSearch Toolbar
c:\windows\smdat32m.sys Objets détectés : Trace.File.Twain-Tech
Key: HKEY_CLASSES_ROOT\clsid\{f78b32d6-d6d8-4137-a18f-91ebe1a4aedb} Objets détectés : Trace.Registry.KaZaA
Key: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa Objets détectés : Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa --> tmp Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\cloudload --> sharedir Objets détectés : Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo --> kazaanet Objets détectés : Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> downloaddir Objets détectés : Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa Objets détectés : Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa --> tmp Objets détectés : Trace.Registry.KaZaA
Key: HKEY_CLASSES_ROOT\typelib\{05563f82-69a7-40a6-8670-153b635a7ef6} Objets détectés : Trace.Registry.RXToolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\SemanticInsight --> AppDir Objets détectés : Trace.Registry.RXToolbar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_music Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_avatar_num Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_sounds Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-fullscreen Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-volume Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> account Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> advertisercode Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> banner Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> creferer Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> profile Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> referer Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> safemode Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall_lang Objets détectés : Trace.Registry.Titan Poker
c:\program files\need2find Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\1.bin Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\cache Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\history Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\settings Objets détectés : Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ffxtbr.jar Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ntstbr.jar Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\partner.dat Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\cache\files.ini Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\history\search Objets détectés : Trace.File.Need2Find Bar
c:\program files\need2find\bar\settings\prevcfg.htm Objets détectés : Trace.File.Need2Find Bar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Advanced --> Status Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\LocalContent --> DisableListFiles Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> Date Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> UseCount Objets détectés : Trace.Registry.Kazaa
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Transfer --> NoUploadLimitWhenIdle Objets détectés : Trace.Registry.Kazaa
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Home Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Points Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Redeem Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Settings Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Wallet Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> test Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Build Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CacheDir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CfgUrl Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigDateStamp Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevision Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevisionURL Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CurInstall Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Dir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Flags Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HistoryDir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HTMLMenuRevision Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Id Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pid Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pl Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> PluginPath Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> SettingsDir Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ShzmCurInstall Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> sr Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Visible Objets détectés : Trace.Registry.Need2Find Bar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Microsoft\Internet Explorer\Extensions\CmdMapping --> {49783ED4-258D-4f9f-BE11-137C18D3E543} Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funaccount Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funnickname Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funusername Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> global_login_hint Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_autologinfun Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_dealervoices Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_finished Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_full Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_inprogress Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_xlslots Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> poker_nickname Objets détectés : Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> username Objets détectés : Trace.Registry.Titan Poker
Analysé
Fichiers : 87818
Traces : 416899
Cookies : 6
Processus : 52
Objets trouvés
Fichiers : 0
Traces : 84
Cookies : 0
Processus : 0
Clés de Registre : 0
Fin du balayage : 25/07/2008 22:28:11
Temps du balayage : 1:18:03
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Home Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Points Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Redeem Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Settings Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> PM-Wallet Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner --> test Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Build Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CacheDir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CfgUrl Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigDateStamp Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevision Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ConfigRevisionURL Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> CurInstall Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Dir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Flags Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HistoryDir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> HTMLMenuRevision Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Id Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pid Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> pl Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> PluginPath Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> SettingsDir Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> ShzmCurInstall Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> sr Objets Supprimés Trace.Registry.Need2Find Bar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar --> Visible Objets Supprimés Trace.Registry.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ffxtbr.jar Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\n2ntstbr.jar Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\1.bin\partner.dat Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\cache\files.ini Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\history\search Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find\bar\settings\prevcfg.htm Objets Supprimés Trace.File.Need2Find Bar
c:\program files\need2find Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\1.bin Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\cache Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\history Objets Supprimés Trace.Directory.Need2Find Bar
c:\program files\need2find\bar\settings Objets Supprimés Trace.Directory.Need2Find Bar
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_music Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_avatar_num Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_sounds Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-fullscreen Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options-volume Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> account Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> advertisercode Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> banner Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> creferer Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> profile Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> referer Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> safemode Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall_lang Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Microsoft\Internet Explorer\Extensions\CmdMapping --> {49783ED4-258D-4f9f-BE11-137C18D3E543} Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funaccount Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funnickname Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> funusername Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> global_login_hint Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_autologinfun Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_dealervoices Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_finished Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_full Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_poker_filter_inprogress Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> options_xlslots Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> poker_nickname Objets Supprimés Trace.Registry.Titan Poker
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Titan Poker --> username Objets Supprimés Trace.Registry.Titan Poker
Key: HKEY_CLASSES_ROOT\typelib\{05563f82-69a7-40a6-8670-153b635a7ef6} Objets Supprimés Trace.Registry.RXToolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\SemanticInsight --> AppDir Objets Supprimés Trace.Registry.RXToolbar
Key: HKEY_CLASSES_ROOT\clsid\{f78b32d6-d6d8-4137-a18f-91ebe1a4aedb} Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\software\kazaa --> tmp Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\cloudload --> sharedir Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo --> kazaanet Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> downloaddir Objets Supprimés Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\kazaa Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\software\kazaa --> tmp Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Advanced --> Status Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\LocalContent --> DisableListFiles Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> Date Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Settings --> UseCount Objets Supprimés Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-933343326-1517495225-2530461786-1006\Software\Kazaa\Transfer --> NoUploadLimitWhenIdle Objets Supprimés Trace.Registry.KaZaA
c:\windows\smdat32m.sys Objets Supprimés Trace.File.Twain-Tech
c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf Objets Supprimés Trace.File.MyWebSearch Toolbar
c:\program files\need2find Objets Supprimés Trace.Directory.P2PNetworking
Objets Supprimés
Fichiers : 0
Traces : 84
Cookies : 0
Voila nouveau log Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:43:51, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\logiciel\OpwareSE4.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0A05135A-7E87-46F3-95B5-EE0981D9CFBE} - (no file)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\logiciel\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5620B784-E53C-4620-AF81-BF998EAB1C30} - (no file)
O2 - BHO: (no name) - {61483BC2-DBEF-4D36-A207-3AFC9816DA29} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {D8FFA8AE-BBE8-4D3F-A249-64B2D03EEB25} - (no file)
O3 - Toolbar: (no name) - {3FCAEB7D-F8AE-4A67-AE6C-57EE1416BB6D} - (no file)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\logiciel\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "D:\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "D:\logiciel\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\logiciel\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\logiciel\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nannene.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: rqRIcbYs - rqRIcbYs.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:43:51, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\logiciel\OpwareSE4.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0A05135A-7E87-46F3-95B5-EE0981D9CFBE} - (no file)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\logiciel\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5620B784-E53C-4620-AF81-BF998EAB1C30} - (no file)
O2 - BHO: (no name) - {61483BC2-DBEF-4D36-A207-3AFC9816DA29} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {D8FFA8AE-BBE8-4D3F-A249-64B2D03EEB25} - (no file)
O3 - Toolbar: (no name) - {3FCAEB7D-F8AE-4A67-AE6C-57EE1416BB6D} - (no file)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\logiciel\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "D:\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "D:\logiciel\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\logiciel\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\logiciel\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nannene.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: rqRIcbYs - rqRIcbYs.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Ouvre Hijackthis et coche les lignes suivantes :
O2 - BHO: (no name) - {0A05135A-7E87-46F3-95B5-EE0981D9CFBE} - (no file)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - (no file)
O2 - BHO: (no name) - {5620B784-E53C-4620-AF81-BF998EAB1C30} - (no file)
O2 - BHO: (no name) - {61483BC2-DBEF-4D36-A207-3AFC9816DA29} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {D8FFA8AE-BBE8-4D3F-A249-64B2D03EEB25} - (no file)
O3 - Toolbar: (no name) - {3FCAEB7D-F8AE-4A67-AE6C-57EE1416BB6D} - (no file)
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: rqRIcbYs - rqRIcbYs.dll (file missing)
Puis FIX CHECKED
Et reposte un log hijackthis que j'étudirai demain, bonne nuit !
O2 - BHO: (no name) - {0A05135A-7E87-46F3-95B5-EE0981D9CFBE} - (no file)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - (no file)
O2 - BHO: (no name) - {5620B784-E53C-4620-AF81-BF998EAB1C30} - (no file)
O2 - BHO: (no name) - {61483BC2-DBEF-4D36-A207-3AFC9816DA29} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {D8FFA8AE-BBE8-4D3F-A249-64B2D03EEB25} - (no file)
O3 - Toolbar: (no name) - {3FCAEB7D-F8AE-4A67-AE6C-57EE1416BB6D} - (no file)
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: rqRIcbYs - rqRIcbYs.dll (file missing)
Puis FIX CHECKED
Et reposte un log hijackthis que j'étudirai demain, bonne nuit !
bonne nuit a demain
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:58:35, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\logiciel\OpwareSE4.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\logiciel\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\logiciel\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "D:\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "D:\logiciel\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\logiciel\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\logiciel\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nannene.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:58:35, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\logiciel\OpwareSE4.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\logiciel\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\logiciel\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "D:\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "D:\logiciel\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\logiciel\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\logiciel\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\logiciel\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\logiciel\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nannene.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
