pourriez-vous analyser un rapport de panda activescan5?
Dernière réponse : dans Sécurité
J'ai scaner mon pc avec panda activescan 5 , si quelqu'un pourait l'analyser et me dire quoi faire, voila le resultat:
Incident Statut Analyse
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\AtomCoal.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\burn mix.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\cast gpl.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\city poll.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Drv This.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\help build.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\joygpl.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Loudexit.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Mail Cash.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\mapi bend.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\send scr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Vc Amok.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\castmpegvc\Hold32.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\1sign.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\aznenyym.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\Cakeamokmess.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\Dash defy two free.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\deyrcbcs.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\httbdagx.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\jkdlhyae.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\kbtjrvul.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\lmqpybgf.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\loesawve.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\lwbigorv.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\muiaewba.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\nuoaomcs.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\skejllpx.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\vqdtiwrp.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\112e2e.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\2e8e4.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c04273.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c09165.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c13988.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ca5d86.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cc1beb.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cdf9d3.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ed2fa3.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\ausopymw.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\cotwmwrp.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\cqedmbdd.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\drzfdaqr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\dwyngzua.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\dxkrobys.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\fuhhrxzd.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\fxstomtm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\getletgr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\gyzafubm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\hfagrkuj.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\jblubmkr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\luhpnjsx.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\nnbzblij.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\pumqxnou.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\pxhycprp.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rbsczitz.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rgubdkez.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rizdjuwz.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rsrmczui.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\skwvwekk.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\thdaycsv.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\txhuclte.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\uckfjnvt.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\uiehaajm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\xtfdofhd.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\yauzsmpc.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\yskwjrti.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\yzaaujsm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\zbjwqqwb.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\zdcczjid.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\zytrdtnz.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Butterfly Oasis Screensaver\BO1Helper.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Fichiers communs\llttpcle\aefpjnhc\dhdlanlb.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Fichiers communs\llttpcle\lfapheclnd\lndnanjnl.exe
Adware:adware/quicksearch No Désinfecté C:\WINDOWS\Downloaded Program Files\Install.inf
Incident Statut Analyse
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\AtomCoal.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\burn mix.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\cast gpl.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\city poll.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Drv This.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\help build.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\joygpl.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Loudexit.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Mail Cash.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\mapi bend.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\send scr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\All Users\Application Data\FLAW LIVE PURE BROWSE\Vc Amok.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\castmpegvc\Hold32.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\1sign.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\aznenyym.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\Cakeamokmess.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\Dash defy two free.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\deyrcbcs.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\httbdagx.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\jkdlhyae.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\kbtjrvul.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\lmqpybgf.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\loesawve.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\lwbigorv.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\muiaewba.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\nuoaomcs.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\skejllpx.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Application Data\junkflawtool\vqdtiwrp.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\112e2e.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\2e8e4.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c04273.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c09165.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c13988.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ca5d86.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cc1beb.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cdf9d3.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ed2fa3.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\ausopymw.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\cotwmwrp.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\cqedmbdd.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\drzfdaqr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\dwyngzua.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\dxkrobys.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\fuhhrxzd.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\fxstomtm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\getletgr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\gyzafubm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\hfagrkuj.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\jblubmkr.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\luhpnjsx.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\nnbzblij.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\pumqxnou.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\pxhycprp.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rbsczitz.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rgubdkez.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rizdjuwz.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\rsrmczui.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\skwvwekk.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\thdaycsv.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\txhuclte.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\uckfjnvt.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\uiehaajm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\xtfdofhd.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\yauzsmpc.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\yskwjrti.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\yzaaujsm.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\zbjwqqwb.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\zdcczjid.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\zytrdtnz.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Butterfly Oasis Screensaver\BO1Helper.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Fichiers communs\llttpcle\aefpjnhc\dhdlanlb.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Fichiers communs\llttpcle\lfapheclnd\lndnanjnl.exe
Adware:adware/quicksearch No Désinfecté C:\WINDOWS\Downloaded Program Files\Install.inf
Autres pages sur : pourriez analyser rapport panda activescan5
Lassé par la pub ? Créez un compte
Salut,
N'aurais-tu pas installé msn+ ?
Si c'est le cas désinstalle-le.
Télécharge le programme >>Hijackthis 1.99.1<<
Dézippe-le et mets le dans un dossier specifique (exemple : ..\Bureau\Hijackthis\Hijackthis.exe )
Lance-le
Clique sur "Do a system scan and save a logfile" et poste le rapport avec copier/coller
N'aurais-tu pas installé msn+ ?
Si c'est le cas désinstalle-le.
Télécharge le programme >>Hijackthis 1.99.1<<
Dézippe-le et mets le dans un dossier specifique (exemple : ..\Bureau\Hijackthis\Hijackthis.exe )
Lance-le
Clique sur "Do a system scan and save a logfile" et poste le rapport avec copier/coller
J'ai desinstallé msn plus et fait une analyse avec HijackThis comme vous me l'avez demandé, voici le resultat:
Logfile of HijackThis v1.99.1
Scan saved at 14:27:27, on 16/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\DRIVERS\WtSrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\WService.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\yohann\LOCALS~1\Temp\Rar$EX01.547\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB002" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\yohann\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O17 - HKLM\System\CCS\Services\Tcpip\..\{9174B292-4DDA-4718-A74D-9896F53B7FF4}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe (file missing)
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\DRIVERS\WtSrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 14:27:27, on 16/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\DRIVERS\WtSrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\WService.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\yohann\LOCALS~1\Temp\Rar$EX01.547\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB002" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\yohann\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O17 - HKLM\System\CCS\Services\Tcpip\..\{9174B292-4DDA-4718-A74D-9896F53B7FF4}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe (file missing)
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\DRIVERS\WtSrv.exe
Voila le nouveau resultat de l'analyse avec panda:
Incident Statut Analyse
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c04273.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c09165.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c13988.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ca5d86.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cc1beb.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cdf9d3.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ed2fa3.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Butterfly Oasis Screensaver\BO1Helper.exe
Adware:Adware/Lop No Désinfecté C:\Program Files\C2Media\Setup.exe
Incident Statut Analyse
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c04273.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c09165.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5c13988.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ca5d86.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cc1beb.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5cdf9d3.exe
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\yohann\Local Settings\Temp\5ed2fa3.exe
Adware:Adware/Gator No Désinfecté C:\Program Files\Butterfly Oasis Screensaver\BO1Helper.exe
Adware:Adware/Lop No Désinfecté C:\Program Files\C2Media\Setup.exe
J'ai suprimer tout les adwares que panda a trouvé, il n'y en a que 1 que je ne peut pas supprimer, c'est:
Adware:Adware/Gator No Désinfecté C:\Program Files\Butterfly Oasis Screensaver\BO1Helper.exe
Lorsque j'essaye de le supprime, il y a un message " impossible de supprimer B01Helper : acces refusé
Verifiez que le disque n'est pas plein ou protegé en ecriture, et que le fichier n'est pas utilisé actuellement. "
Adware:Adware/Gator No Désinfecté C:\Program Files\Butterfly Oasis Screensaver\BO1Helper.exe
Lorsque j'essaye de le supprime, il y a un message " impossible de supprimer B01Helper : acces refusé
Verifiez que le disque n'est pas plein ou protegé en ecriture, et que le fichier n'est pas utilisé actuellement. "
J'ai retirer le fichier en mode sans echec, pus de trace de ce fichier, je pense que maintenant je suis debarasé de ses sales bestioles, je remercie toutes les personnes qui m'ont aidés, une derniere chose, pouvez vous me dire si mes procesus sont normaux,(j'utilise un windows xp edition familial) les voici :
tackmgr.exe
iexplore.exe
Watch.exe
ComComp.exe
EspaceWanadoo...
osd.exe
Traymon.exe
msmsgs.exe
ctfmon.exe
mdm.exe
CCSETMGR.EXE
CDANTSRV.EXE
CDAC11BA.EXE
nhsrv.exe
E_FATI9CE.EXE
Wservice.exe
MMKeybd.exe
alg.exe
explorer.exe
iexplore.exe
spoolsv.exe
CCEVTMGR.EXE
svchost.exe
WTSrv.exe
svchost.exe
svchost.exe
wdfmgr.exe
svchost.exe
symlcsvc.exe
svchost.exe
CnxMon.exe
svchost.exe
CCAPP.EXE
lsass.exe
services.exe
winlogon.exe
csrss.exe
SPBBCSvs.exe
smss.exe
SNDSrvc.exe
slserv.exe
nvvc32.exe
NPFMNTOR.EXE
NAVAPSVC.EXE
System
Processus inactif...
tackmgr.exe
iexplore.exe
Watch.exe
ComComp.exe
EspaceWanadoo...
osd.exe
Traymon.exe
msmsgs.exe
ctfmon.exe
mdm.exe
CCSETMGR.EXE
CDANTSRV.EXE
CDAC11BA.EXE
nhsrv.exe
E_FATI9CE.EXE
Wservice.exe
MMKeybd.exe
alg.exe
explorer.exe
iexplore.exe
spoolsv.exe
CCEVTMGR.EXE
svchost.exe
WTSrv.exe
svchost.exe
svchost.exe
wdfmgr.exe
svchost.exe
symlcsvc.exe
svchost.exe
CnxMon.exe
svchost.exe
CCAPP.EXE
lsass.exe
services.exe
winlogon.exe
csrss.exe
SPBBCSvs.exe
smss.exe
SNDSrvc.exe
slserv.exe
nvvc32.exe
NPFMNTOR.EXE
NAVAPSVC.EXE
System
Processus inactif...
voila le nouveau rapport de HijackThis, si il faut autre chose, n'hesites surtout pas a me le demander:
Logfile of HijackThis v1.99.1
Scan saved at 10:50:42, on 17/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\DRIVERS\WtSrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WService.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\yohann\LOCALS~1\Temp\Rar$EX00.641\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB002" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O17 - HKLM\System\CCS\Services\Tcpip\..\{9174B292-4DDA-4718-A74D-9896F53B7FF4}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\DRIVERS\WtSrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 10:50:42, on 17/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\DRIVERS\WtSrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WService.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\yohann\LOCALS~1\Temp\Rar$EX00.641\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB002" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O17 - HKLM\System\CCS\Services\Tcpip\..\{9174B292-4DDA-4718-A74D-9896F53B7FF4}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\DRIVERS\WtSrv.exe
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumResultat du rapport de panda
- ForumRapport panda
- ForumRapport panda secure hikack
- ForumRapport hijackthis et panda analyse svp
- ForumSavoir analyser un rapport hijackthis
- ForumAide pour analyser un rapport otl
- ForumSvp.quelqu un analyser mon rapport hijackthis
- ForumAnalyser mon rapport smitfraudfix
- ForumQuelqu'un pour analyser mon rapport zhpdiag
- ForumAidez moi pour analyser mon rapport hijack
- Voir plus
