Probleme pc + rapport Hijackthis
Milan-ac-1899
Messages postés
46
Statut
Membre
-
E..T Messages postés 6565 Statut Contributeur -
E..T Messages postés 6565 Statut Contributeur -
Bonjour,
depuis quelque jour j'ai plusieurs problème sur mon pc...
Je me connecte à Windows Live Messenger, sa me connecte mais au moment d'ouvrir ma session, sa se referme...
Je n'arrive plus à faire des recherches sur google, sa met un temps... et bizarrement, mes sites qui sont dans mes favoris fonctionnent....
J'ai des virus, dont je ne connais pas la provenance. Un qui vien du dossier Temporary internet file je crois et ca -->
C:\RECYCLER\S-1-5-21-1708537768-2111687655-854245398-1003\Dc60.dll
.
Avec spybot j'ai plusieurs programmes qui se rajoutent auquels on me demander si je dois accepté des modification.
Avast trouve toutes les 2 minutes des cheval de troie. En gros je comprends pas et sa commence à m'enerver. Surtout Google et WLM qui ne fonctionnent pas :s
Voilà mon rapport Hijackthis
Merci pour vos futurs réponses, et j'espère que vous avez la solution à mon problème.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:33, on 15/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fc6f5037] rundll32.exe "C:\WINDOWS\system32\ndidsfsd.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BMff5c63ab] Rundll32.exe "C:\WINDOWS\system32\wwafgxim.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
depuis quelque jour j'ai plusieurs problème sur mon pc...
Je me connecte à Windows Live Messenger, sa me connecte mais au moment d'ouvrir ma session, sa se referme...
Je n'arrive plus à faire des recherches sur google, sa met un temps... et bizarrement, mes sites qui sont dans mes favoris fonctionnent....
J'ai des virus, dont je ne connais pas la provenance. Un qui vien du dossier Temporary internet file je crois et ca -->
C:\RECYCLER\S-1-5-21-1708537768-2111687655-854245398-1003\Dc60.dll
.
Avec spybot j'ai plusieurs programmes qui se rajoutent auquels on me demander si je dois accepté des modification.
Avast trouve toutes les 2 minutes des cheval de troie. En gros je comprends pas et sa commence à m'enerver. Surtout Google et WLM qui ne fonctionnent pas :s
Voilà mon rapport Hijackthis
Merci pour vos futurs réponses, et j'espère que vous avez la solution à mon problème.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:33, on 15/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fc6f5037] rundll32.exe "C:\WINDOWS\system32\ndidsfsd.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BMff5c63ab] Rundll32.exe "C:\WINDOWS\system32\wwafgxim.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- Probleme pc + rapport Hijackthis
- Reinitialiser pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
26 réponses
Je peux aller sur mes favoris, et heureusement que je peux aller sur commentcamarche.com, quand je tape yahoo ou clubic par exemple, sa apparait pas, la page charge mais n'apparait pas.
Bonsoir les nautes,
Milan-ac-1899
Télécharge Vundofix.exe (par Atribune) sur ton Bureau.
http://vundofix.atribune.org/
* Double-clique sur VundoFix.exe afin de le lancer.
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton fix Vundo.
* Une invite de commande demandera si tu souhaites supprimer les fichiers, cliquer sur YES
* Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Une nouvelle invite de commande annoncera que le PC devrai s'éteindre ("shutdown"). Clique sur OK , puis laisse le redémarrer.
* Le contenu du rapport est situé dans C:\vundofix.txt,
Poste le rapport
@++
Milan-ac-1899
Télécharge Vundofix.exe (par Atribune) sur ton Bureau.
http://vundofix.atribune.org/
* Double-clique sur VundoFix.exe afin de le lancer.
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton fix Vundo.
* Une invite de commande demandera si tu souhaites supprimer les fichiers, cliquer sur YES
* Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Une nouvelle invite de commande annoncera que le PC devrai s'éteindre ("shutdown"). Clique sur OK , puis laisse le redémarrer.
* Le contenu du rapport est situé dans C:\vundofix.txt,
Poste le rapport
@++
Voici le rapport, quand j'ai cliké pour les supprimé, ben sa m'a dit que sa a été impossible à faire...
C:\Windows\system32\imjsmv.dll
C:\Windows\system32\juynwsdt.dll
C:\Windows\system32\mfqqlwkj.dll
C:\Windows\system32\ngxtjlhj.dll
C:\Windows\system32\imjsmv.dll
C:\Windows\system32\juynwsdt.dll
C:\Windows\system32\mfqqlwkj.dll
C:\Windows\system32\ngxtjlhj.dll
Salut,
Télécharge sur le bureau virtumundobegone :
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
déconnecte internet et désactive ton antivirus le temps de la manipulation
=> Double clic sur VirtumundoBeGone.exe
=> Clic Continue ==> clic Start
=> Clic Oui
=> A la fin si Vundo est présent , le PC s’éteint et redémarre
- Si Ecran bleu et message : Erreur fatale .. pas de problème
=> Poster le rapport VBG.TXT qui est sur le bureau
Et refais un nouveau rapport hijackthis stp
++
Télécharge sur le bureau virtumundobegone :
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
déconnecte internet et désactive ton antivirus le temps de la manipulation
=> Double clic sur VirtumundoBeGone.exe
=> Clic Continue ==> clic Start
=> Clic Oui
=> A la fin si Vundo est présent , le PC s’éteint et redémarre
- Si Ecran bleu et message : Erreur fatale .. pas de problème
=> Poster le rapport VBG.TXT qui est sur le bureau
Et refais un nouveau rapport hijackthis stp
++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
[08/16/2008, 13:43:53] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Merita\Bureau\VirtumundoBeGone.exe" )
[08/16/2008, 13:43:58] - Detected System Information:
[08/16/2008, 13:43:58] - Windows Version: 5.1.2600, Service Pack 2
[08/16/2008, 13:43:58] - Current Username: Merita (Admin)
[08/16/2008, 13:43:58] - Windows is in NORMAL mode.
[08/16/2008, 13:43:58] - Searching for Browser Helper Objects:
[08/16/2008, 13:43:58] - BHO 1: {0ccaa298-71aa-41a0-890e-b77781b246a0} ()
[08/16/2008, 13:43:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:58] - Checking for HKLM\...\Winlogon\Notify\fccbCsPI
[08/16/2008, 13:43:58] - Found: HKLM\...\Winlogon\Notify\fccbCsPI - This is probably Virtumundo.
[08/16/2008, 13:43:58] - Assigning {0ccaa298-71aa-41a0-890e-b77781b246a0} MSEvents Object
[08/16/2008, 13:43:58] - BHO list has been changed! Starting over...
[08/16/2008, 13:43:59] - BHO 1: {0ccaa298-71aa-41a0-890e-b77781b246a0} (MSEvents Object)
[08/16/2008, 13:43:59] - ALERT: Found MSEvents Object!
[08/16/2008, 13:43:59] - BHO 2: {522e4b17-6d57-4360-a8a4-b102201041a7} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - Checking for HKLM\...\Winlogon\Notify\hgGvtQJB
[08/16/2008, 13:43:59] - Key not found: HKLM\...\Winlogon\Notify\hgGvtQJB, continuing.
[08/16/2008, 13:43:59] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[08/16/2008, 13:43:59] - BHO 4: {7e853d72-626a-48ec-a868-ba8d5e23e045} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - No filename found. Continuing.
[08/16/2008, 13:43:59] - BHO 5: {80855cd1-24db-4603-9d21-bc0674a7ee85} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - No filename found. Continuing.
[08/16/2008, 13:43:59] - BHO 6: {a0f008da-196e-4ff7-8c6e-21451bbc9569} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - Checking for HKLM\...\Winlogon\Notify\khfFYQhE
[08/16/2008, 13:43:59] - Key not found: HKLM\...\Winlogon\Notify\khfFYQhE, continuing.
[08/16/2008, 13:43:59] - BHO 7: {b81c9454-0362-408c-828a-1e91d927f7de} ()
[08/16/2008, 13:44:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:00] - No filename found. Continuing.
[08/16/2008, 13:44:00] - BHO 8: {f57599b1-a4f3-4671-aa13-c1eb68525220} ()
[08/16/2008, 13:44:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:00] - Checking for HKLM\...\Winlogon\Notify\xocibt
[08/16/2008, 13:44:00] - Key not found: HKLM\...\Winlogon\Notify\xocibt, continuing.
[08/16/2008, 13:44:00] - Finished Searching Browser Helper Objects
[08/16/2008, 13:44:00] - *** Detected MSEvents Object
[08/16/2008, 13:44:00] - Trying to remove MSEvents Object...
[08/16/2008, 13:44:01] - Terminating Process: IEXPLORE.EXE
[08/16/2008, 13:44:03] - Terminating Process: RUNDLL32.EXE
[08/16/2008, 13:44:04] - Disabling Automatic Shell Restart
[08/16/2008, 13:44:04] - Terminating Process: EXPLORER.EXE
[08/16/2008, 13:44:07] - Suspending the NT Session Manager System Service
[08/16/2008, 13:44:08] - Terminating Windows NT Logon/Logoff Manager
[08/16/2008, 13:44:11] - Re-enabling Automatic Shell Restart
[08/16/2008, 13:44:12] - File to disable: C:\WINDOWS\system32\fccbCsPI.dll
[08/16/2008, 13:44:13] - Renaming C:\WINDOWS\system32\fccbCsPI.dll -> C:\WINDOWS\system32\fccbCsPI.dll.vir
[08/16/2008, 13:44:13] - File successfully renamed!
[08/16/2008, 13:44:13] - Removing HKLM\...\Browser Helper Objects\{0ccaa298-71aa-41a0-890e-b77781b246a0}
[08/16/2008, 13:44:14] - Removing HKCR\CLSID\{0ccaa298-71aa-41a0-890e-b77781b246a0}
[08/16/2008, 13:44:15] - Adding Kill Bit for ActiveX for GUID: {0ccaa298-71aa-41a0-890e-b77781b246a0}
[08/16/2008, 13:44:16] - Deleting ATLEvents/MSEvents Registry entries
[08/16/2008, 13:44:16] - Removing HKLM\...\Winlogon\Notify\fccbCsPI
[08/16/2008, 13:44:16] - Searching for Browser Helper Objects:
[08/16/2008, 13:44:16] - BHO 1: {522e4b17-6d57-4360-a8a4-b102201041a7} ()
[08/16/2008, 13:44:16] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:16] - Checking for HKLM\...\Winlogon\Notify\hgGvtQJB
[08/16/2008, 13:44:16] - Key not found: HKLM\...\Winlogon\Notify\hgGvtQJB, continuing.
[08/16/2008, 13:44:16] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[08/16/2008, 13:44:17] - BHO 3: {7e853d72-626a-48ec-a868-ba8d5e23e045} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - No filename found. Continuing.
[08/16/2008, 13:44:17] - BHO 4: {80855cd1-24db-4603-9d21-bc0674a7ee85} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - No filename found. Continuing.
[08/16/2008, 13:44:17] - BHO 5: {a0f008da-196e-4ff7-8c6e-21451bbc9569} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - Checking for HKLM\...\Winlogon\Notify\khfFYQhE
[08/16/2008, 13:44:17] - Key not found: HKLM\...\Winlogon\Notify\khfFYQhE, continuing.
[08/16/2008, 13:44:17] - BHO 6: {b81c9454-0362-408c-828a-1e91d927f7de} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - No filename found. Continuing.
[08/16/2008, 13:44:17] - BHO 7: {f57599b1-a4f3-4671-aa13-c1eb68525220} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - Checking for HKLM\...\Winlogon\Notify\xocibt
[08/16/2008, 13:44:17] - Key not found: HKLM\...\Winlogon\Notify\xocibt, continuing.
[08/16/2008, 13:44:17] - Finished Searching Browser Helper Objects
[08/16/2008, 13:44:17] - Finishing up...
[08/16/2008, 13:44:17] - A restart is needed.
[08/16/2008, 13:45:21] - Attempting to Restart via STOP error (Blue Screen!)
Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:01:50, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BMff5c63ab] Rundll32.exe "C:\WINDOWS\system32\wwafgxim.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[08/16/2008, 13:43:58] - Detected System Information:
[08/16/2008, 13:43:58] - Windows Version: 5.1.2600, Service Pack 2
[08/16/2008, 13:43:58] - Current Username: Merita (Admin)
[08/16/2008, 13:43:58] - Windows is in NORMAL mode.
[08/16/2008, 13:43:58] - Searching for Browser Helper Objects:
[08/16/2008, 13:43:58] - BHO 1: {0ccaa298-71aa-41a0-890e-b77781b246a0} ()
[08/16/2008, 13:43:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:58] - Checking for HKLM\...\Winlogon\Notify\fccbCsPI
[08/16/2008, 13:43:58] - Found: HKLM\...\Winlogon\Notify\fccbCsPI - This is probably Virtumundo.
[08/16/2008, 13:43:58] - Assigning {0ccaa298-71aa-41a0-890e-b77781b246a0} MSEvents Object
[08/16/2008, 13:43:58] - BHO list has been changed! Starting over...
[08/16/2008, 13:43:59] - BHO 1: {0ccaa298-71aa-41a0-890e-b77781b246a0} (MSEvents Object)
[08/16/2008, 13:43:59] - ALERT: Found MSEvents Object!
[08/16/2008, 13:43:59] - BHO 2: {522e4b17-6d57-4360-a8a4-b102201041a7} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - Checking for HKLM\...\Winlogon\Notify\hgGvtQJB
[08/16/2008, 13:43:59] - Key not found: HKLM\...\Winlogon\Notify\hgGvtQJB, continuing.
[08/16/2008, 13:43:59] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[08/16/2008, 13:43:59] - BHO 4: {7e853d72-626a-48ec-a868-ba8d5e23e045} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - No filename found. Continuing.
[08/16/2008, 13:43:59] - BHO 5: {80855cd1-24db-4603-9d21-bc0674a7ee85} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - No filename found. Continuing.
[08/16/2008, 13:43:59] - BHO 6: {a0f008da-196e-4ff7-8c6e-21451bbc9569} ()
[08/16/2008, 13:43:59] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:43:59] - Checking for HKLM\...\Winlogon\Notify\khfFYQhE
[08/16/2008, 13:43:59] - Key not found: HKLM\...\Winlogon\Notify\khfFYQhE, continuing.
[08/16/2008, 13:43:59] - BHO 7: {b81c9454-0362-408c-828a-1e91d927f7de} ()
[08/16/2008, 13:44:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:00] - No filename found. Continuing.
[08/16/2008, 13:44:00] - BHO 8: {f57599b1-a4f3-4671-aa13-c1eb68525220} ()
[08/16/2008, 13:44:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:00] - Checking for HKLM\...\Winlogon\Notify\xocibt
[08/16/2008, 13:44:00] - Key not found: HKLM\...\Winlogon\Notify\xocibt, continuing.
[08/16/2008, 13:44:00] - Finished Searching Browser Helper Objects
[08/16/2008, 13:44:00] - *** Detected MSEvents Object
[08/16/2008, 13:44:00] - Trying to remove MSEvents Object...
[08/16/2008, 13:44:01] - Terminating Process: IEXPLORE.EXE
[08/16/2008, 13:44:03] - Terminating Process: RUNDLL32.EXE
[08/16/2008, 13:44:04] - Disabling Automatic Shell Restart
[08/16/2008, 13:44:04] - Terminating Process: EXPLORER.EXE
[08/16/2008, 13:44:07] - Suspending the NT Session Manager System Service
[08/16/2008, 13:44:08] - Terminating Windows NT Logon/Logoff Manager
[08/16/2008, 13:44:11] - Re-enabling Automatic Shell Restart
[08/16/2008, 13:44:12] - File to disable: C:\WINDOWS\system32\fccbCsPI.dll
[08/16/2008, 13:44:13] - Renaming C:\WINDOWS\system32\fccbCsPI.dll -> C:\WINDOWS\system32\fccbCsPI.dll.vir
[08/16/2008, 13:44:13] - File successfully renamed!
[08/16/2008, 13:44:13] - Removing HKLM\...\Browser Helper Objects\{0ccaa298-71aa-41a0-890e-b77781b246a0}
[08/16/2008, 13:44:14] - Removing HKCR\CLSID\{0ccaa298-71aa-41a0-890e-b77781b246a0}
[08/16/2008, 13:44:15] - Adding Kill Bit for ActiveX for GUID: {0ccaa298-71aa-41a0-890e-b77781b246a0}
[08/16/2008, 13:44:16] - Deleting ATLEvents/MSEvents Registry entries
[08/16/2008, 13:44:16] - Removing HKLM\...\Winlogon\Notify\fccbCsPI
[08/16/2008, 13:44:16] - Searching for Browser Helper Objects:
[08/16/2008, 13:44:16] - BHO 1: {522e4b17-6d57-4360-a8a4-b102201041a7} ()
[08/16/2008, 13:44:16] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:16] - Checking for HKLM\...\Winlogon\Notify\hgGvtQJB
[08/16/2008, 13:44:16] - Key not found: HKLM\...\Winlogon\Notify\hgGvtQJB, continuing.
[08/16/2008, 13:44:16] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[08/16/2008, 13:44:17] - BHO 3: {7e853d72-626a-48ec-a868-ba8d5e23e045} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - No filename found. Continuing.
[08/16/2008, 13:44:17] - BHO 4: {80855cd1-24db-4603-9d21-bc0674a7ee85} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - No filename found. Continuing.
[08/16/2008, 13:44:17] - BHO 5: {a0f008da-196e-4ff7-8c6e-21451bbc9569} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - Checking for HKLM\...\Winlogon\Notify\khfFYQhE
[08/16/2008, 13:44:17] - Key not found: HKLM\...\Winlogon\Notify\khfFYQhE, continuing.
[08/16/2008, 13:44:17] - BHO 6: {b81c9454-0362-408c-828a-1e91d927f7de} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - No filename found. Continuing.
[08/16/2008, 13:44:17] - BHO 7: {f57599b1-a4f3-4671-aa13-c1eb68525220} ()
[08/16/2008, 13:44:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/16/2008, 13:44:17] - Checking for HKLM\...\Winlogon\Notify\xocibt
[08/16/2008, 13:44:17] - Key not found: HKLM\...\Winlogon\Notify\xocibt, continuing.
[08/16/2008, 13:44:17] - Finished Searching Browser Helper Objects
[08/16/2008, 13:44:17] - Finishing up...
[08/16/2008, 13:44:17] - A restart is needed.
[08/16/2008, 13:45:21] - Attempting to Restart via STOP error (Blue Screen!)
Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:01:50, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BMff5c63ab] Rundll32.exe "C:\WINDOWS\system32\wwafgxim.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
