analyse HijackThis
Forum Sécurité - Virus : analyse HijackThis
bonjour,
quelqu'un peut-il analyser ce HijackThis ?
je n'arrive pas à mettre une page par defaut sur IE.
merci
Logfile of HijackThis v1.99.1
Scan saved at 17:11:24, on 11/03/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\Propriétaire\Mes documents\programmes telecharges\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr6.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1073.dll,InstantAccess
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/bina [...] 071_XP.cab
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - http://akamai.downloadv3.com/binar [...] 063_XP.cab
O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - http://scripts.downloadv3.com/bina [...] IV4_XP.cab
O16 - DPF: {1604DF98-D1A5-44FE-844A-98D6FD0518D0} - http://akamai.downloadv3.com/binar [...] 060_XP.cab
O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} - http://akamai.downloadv3.com/binar [...] 059_XP.cab
O16 - DPF: {26D73573-F1B3-48C9-A989-E6CE071957A1} - http://akamai.downloadv3.com/binar [...] 057_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/bina [...] 070_XP.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/09a334f573c3a [...] 601_fr.cab
O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - http://akamai.downloadv3.com/binar [...] IV4_XP.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/bina [...] 068_XP.cab
O16 - DPF: {A1C392A2-B274-46DB-89BE-1FBD476B9C93} - http://scripts.downloadv3.com/bina [...] 065_XP.cab
O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - http://scripts.downloadv3.com/bina [...] 069_XP.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binar [...] 058_XP.cab
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/bina [...] 073_XP.cab
O16 - DPF: {E19AB99F-AEC4-4B40-A5CA-F69D22522D77} - http://scripts.downloadv3.com/bina [...] IV4_XP.cab
O16 - DPF: {E3943A24-2F83-4505-9AE5-F705E81B50CB} - http://akamai.downloadv3.com/binar [...] 055_XP.cab
O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - http://akamai.downloadv3.com/binar [...] IV4_XP.cab
O16 - DPF: {EF4DCD99-D26B-44A4-BA77-CFDCC97E7291} - http://akamai.downloadv3.com/binar [...] 062_XP.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/bina [...] 072_XP.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/conten [...] loader.cab
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} - http://akamai.downloadv3.com/binar [...] 061_XP.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Bonsoir,
0/ Télécharge et installe CCleaner
1/ Télécharge, installe et mets à jour ewido
2/ Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.
3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1073.dll,InstantAccess
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/bina [...] 071_XP.cab
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - http://akamai.downloadv3.com/binar [...] 063_XP.cab
O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - http://scripts.downloadv3.com/bina [...] IV4_XP.cab
O16 - DPF: {1604DF98-D1A5-44FE-844A-98D6FD0518D0} - http://akamai.downloadv3.com/binar [...] 060_XP.cab
O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} - http://akamai.downloadv3.com/binar [...] 059_XP.cab
O16 - DPF: {26D73573-F1B3-48C9-A989-E6CE071957A1} - http://akamai.downloadv3.com/binar [...] 057_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/bina [...] 070_XP.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/09a334f573c3a [...] 601_fr.cab
O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - http://akamai.downloadv3.com/binar [...] IV4_XP.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/bina [...] 068_XP.cab
O16 - DPF: {A1C392A2-B274-46DB-89BE-1FBD476B9C93} - http://scripts.downloadv3.com/bina [...] 065_XP.cab
O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - http://scripts.downloadv3.com/bina [...] 069_XP.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binar [...] 058_XP.cab
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/bina [...] 073_XP.cab
O16 - DPF: {E19AB99F-AEC4-4B40-A5CA-F69D22522D77} - http://scripts.downloadv3.com/bina [...] IV4_XP.cab
O16 - DPF: {E3943A24-2F83-4505-9AE5-F705E81B50CB} - http://akamai.downloadv3.com/binar [...] 055_XP.cab
O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - http://akamai.downloadv3.com/binar [...] IV4_XP.cab
O16 - DPF: {EF4DCD99-D26B-44A4-BA77-CFDCC97E7291} - http://akamai.downloadv3.com/binar [...] 062_XP.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/bina [...] 072_XP.cab
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} - http://akamai.downloadv3.com/binar [...] 061_XP.cab
4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
5/ ensuite supprime les fichiers et/ou dossiers suivants si présents :
EGDACCESS_1073.dll sans doute localisé dans C:\WINDOWS\system32\
6/ Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage
7/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
8/ Redémarre normalement et poste le rapport d'ewido ainsi qu'un nouveau rapport HijackThis.
et pense à mettre ton système à jour via http://windowsupdate.microsoft.com/
merci esteban54,
ci-joint les nouveaux fichiers :
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 22:37:58, 11/03/2006
+ Somme de contrôle: C3000906
+ Résultats du scan:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : Nettoyer et sauvegarder
HKU\S-1-5-21-3238835185-757298511-4166307882-1003\Software\EGDHTML -> Dialer.Generic : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Mes documents\Photo\WinAntiSpyware2006FreeInstall.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Mes documents\programmes telecharges\backups\backup-20060311-205155-982.dll -> Dialer.InstantAccess.m : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Mes documents\programmes telecharges\backups\backup-20060311-205156-422.dll -> Dialer.InstantAccess.f : Nettoyer et sauvegarder
C:\WINDOWS\Downloaded Program Files\imloader.exe -> Not-A-Virus.Downloader.Win32.ImLoader.c : Nettoyer et sauvegarder
C:\WINDOWS\system32\msplock32.dll -> Adware.NaviPromo : Nettoyer et sauvegarder
::Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 22:42:24, on 11/03/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Documents and Settings\Propriétaire\Mes documents\programmes telecharges\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr6.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
as-tu encore des dysfonctionnements ?
j'ai un probleme pour changer ma page par defaut de IE qui est toujours http://fr6.hpwis.com/
est-ce a cause de cette ligne ?
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr6.hpwis.com/
merci
tu peux fixer cette ligne sans problème.
je n'arrive pas a changer la page par defaut dans IE
quand je supprime la ligne dans HijackThis, elle revient toujours,
j'ai même essayer de changer la page dans regedit, mais rien ne marche.
as-tu une solution, stp ?
j'aimerai bien savoir si j'ai des virus aussi
Logfile of HijackThis v1.99.1
Scan saved at 23:47:26, on 11/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\Dvd Famille\Bureau\torrent\Torrents\BitComet.exe
C:\Documents and Settings\Dvd Famille\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\system32\pavdr.exe,C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.ini"
O4 - HKLM\..\Run: [SpyRemover] C:\Program Files\SoftwareDoctor\SpyRemover\SpyRemover.Exe -boot
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\RunServices: [Windows cfg] ascv.exe
O4 - HKLM\..\RunServices: [Media Player Update] xpsp1mfh.exe
O4 - HKLM\..\RunServices: [printer auto startup] printsrv.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [update service] winu32.exe
O4 - HKLM\..\RunServices: [Microsoft Protection Subsystems] msm32.exe
O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
O4 - HKLM\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - HKLM\..\RunServices: [Microsoft-Update] wngard.exe
O4 - HKLM\..\RunServices: [Microsoft NotePad] notepad.exe
O4 - HKLM\..\RunServices: [urx2] dnsSys.exe
O4 - HKLM\..\RunServices: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s
O4 - HKCU\..\Run: [Bun] c:\windows\system32\crack.exe
O4 - HKCU\..\Run: [BPS Spyware Remover] C:\Program Files\BulletProofSoft.com\BPS Spyware Remover\SpyRem.exe /STARTUP
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\RunServices: [Media Player Update] xpsp1mfh.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKCU\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TrayMin.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winfixer.com
O15 - Trusted Zone: http://*.winnanny.com
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/ [...] scan60.cab
O16 - DPF: {082D9DCB-8E89-4586-8BB9-97EC244920CB} (D11014.Module) - http://elearning.grenoble-em.com/m [...] d11014.cab
O16 - DPF: {0EF130F0-4E08-11D6-8A0A-004033D24DB9} (D31025.Module) - http://elearning.grenoble-em.com/m [...] d31025.cab
O16 - DPF: {1298DB22-B5C5-11D6-8A0B-004033D24DB9} (D21012.Module) - http://elearning.grenoble-em.com/m [...] d21012.cab
O16 - DPF: {1298DB52-B5C5-11D6-8A0B-004033D24DB9} (D21011.Module) - http://elearning.grenoble-em.com/m [...] d21011.cab
O16 - DPF: {1298DB7E-B5C5-11D6-8A0B-004033D24DB9} (D21013.Module) - http://elearning.grenoble-em.com/m [...] d21013.cab
O16 - DPF: {1298DBAE-B5C5-11D6-8A0B-004033D24DB9} (D21014.Module) - http://elearning.grenoble-em.com/m [...] d21014.cab
O16 - DPF: {1298DBDB-B5C5-11D6-8A0B-004033D24DB9} (D21015.Module) - http://elearning.grenoble-em.com/m [...] d21015.cab
O16 - DPF: {1298DC05-B5C5-11D6-8A0B-004033D24DB9} (D21016.Module) - http://elearning.grenoble-em.com/m [...] d21016.cab
O16 - DPF: {1298DC1A-B5C5-11D6-8A0B-004033D24DB9} (D210.Module) - http://elearning.grenoble-em.com/m [...] F/d210.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {16AA190C-D399-11D5-8A01-004033D24DB9} (D31012.Module) - http://elearning.grenoble-em.com/m [...] d31012.cab
O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://elearning.grenoble-em.com/m [...] /inet3.cab
O16 - DPF: {1EF39D74-1AF5-11D6-8A08-004033D24DB9} (D31015.Module) - http://elearning.grenoble-em.com/m [...] d31015.cab
O16 - DPF: {248AB1C0-50DB-4D82-A15D-2E694F30B4E4} (Inet4.CInet4) - http://elearning.grenoble-em.com/m [...] /inet4.cab
O16 - DPF: {272BF969-14B0-11D6-8A05-004033D24DB9} (D31017.Module) - http://elearning.grenoble-em.com/m [...] d31017.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security1.norton.com/SSC/Sh [...] vSniff.cab
O16 - DPF: {2CF24487-4BD5-11D6-8A0A-004033D24DB9} (D41024.Module) - http://elearning.grenoble-em.com/m [...] d41024.cab
O16 - DPF: {2E98B13E-E7CC-11D5-8A02-004033D24DB9} (D31013.Module) - http://elearning.grenoble-em.com/m [...] d31013.cab
O16 - DPF: {2FC95AD7-ED62-11D5-8A02-004033D24DB9} (D31016.Module) - http://elearning.grenoble-em.com/m [...] d31016.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.ya [...] st0401.cab
O16 - DPF: {333DB5BC-21DC-4C64-AA72-5F8BCF5DBB1F} (D11012.Module) - http://elearning.grenoble-em.com/m [...] d11012.cab
O16 - DPF: {34AEE624-1BD1-11D6-8A09-004033D24DB9} (D31018.Module) - http://elearning.grenoble-em.com/m [...] d31018.cab
O16 - DPF: {43BCCB96-BCA1-11D5-89FE-004033D24DB9} (D41011.Module) - http://elearning.grenoble-em.com/m [...] d41011.cab
O16 - DPF: {43BCCBFB-BCA1-11D5-89FE-004033D24DB9} (D41013.Module) - http://elearning.grenoble-em.com/m [...] d41013.cab
O16 - DPF: {43BCCC20-BCA1-11D5-89FE-004033D24DB9} (D41014.Module) - http://elearning.grenoble-em.com/m [...] d41014.cab
O16 - DPF: {43BCCC4C-BCA1-11D5-89FE-004033D24DB9} (D41015.Module) - http://elearning.grenoble-em.com/m [...] d41015.cab
O16 - DPF: {444EB378-D5D5-4C3F-912C-7D41D9DF497C} (D11015.Module) - http://elearning.grenoble-em.com/m [...] d11015.cab
O16 - DPF: {44F37B4F-6AF0-4BEA-8270-10B97C86B0B1} (D710.Module) - http://elearning.grenoble-em.com/m [...] F/d710.cab
O16 - DPF: {46C3202D-BB41-4583-999A-60778A16B251} (D11013.Module) - http://elearning.grenoble-em.com/m [...] d11013.cab
O16 - DPF: {4C55578E-0FEB-11D6-8A03-004033D24DB9} (D31014.Module) - http://elearning.grenoble-em.com/m [...] d31014.cab
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://mediaplus.grenoble-em.com/D [...] Viewer.CAB
O16 - DPF: {513B7094-3CE3-11D6-8A0A-004033D24DB9} (D41022.Module) - http://elearning.grenoble-em.com/m [...] d41022.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1677e6 [...] 601_fr.cab
O16 - DPF: {56703AD6-E4E0-11D5-8A02-004033D24DB9} (D410.Module) - http://elearning.grenoble-em.com/m [...] F/d410.cab
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://mediaplus.grenoble-em.com/Download/Inet1.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://elearning.grenoble-em.com/m [...] ccinst.cab
O16 - DPF: {7ADEE82D-FC70-40E0-8169-8A0942A08A28} (D71013.Module) - http://elearning.grenoble-em.com/m [...] d71013.cab
O16 - DPF: {7B37B72E-4562-408F-B937-49AABACCEF5B} (D110.Module) - http://elearning.grenoble-em.com/m [...] F/d110.cab
O16 - DPF: {7B7CCAA1-1183-4A5C-82C5-F19DA96AB775} (D11016.Module) - http://elearning.grenoble-em.com/m [...] d11016.cab
O16 - DPF: {86D39A6A-E180-4FC4-970A-F54BCEC22E69} (Inflater Class) - http://bac.m6.fr/InstallDialer/Rep [...] alerV3.cab
O16 - DPF: {8B1541C9-4E00-11D6-8A0A-004033D24DB9} (D41025.Module) - http://elearning.grenoble-em.com/m [...] d41025.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9A88DAFC-4D2B-11D6-8A0A-004033D24DB9} (D31026.Module) - http://elearning.grenoble-em.com/m [...] d31026.cab
O16 - DPF: {9A88DB2A-4D2B-11D6-8A0A-004033D24DB9} (D31023.Module) - http://elearning.grenoble-em.com/m [...] d31023.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://mediaplus.grenoble-em.com/Download/ENIBP.CAB
O16 - DPF: {A046A0DA-B319-4C95-A57A-2E7D5306CFDE} (D71016.Module) - http://elearning.grenoble-em.com/m [...] d71016.cab
O16 - DPF: {A0A1AC62-35DA-11D6-8A0A-004033D24DB9} (D41023.Module) - http://elearning.grenoble-em.com/m [...] d41023.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {BAA23425-3D74-11D6-8A0A-004033D24DB9} (D31027.Module) - http://elearning.grenoble-em.com/m [...] d31027.cab
O16 - DPF: {BBD03DAC-0F59-11D6-8A03-004033D24DB9} (D31011.Module) - http://elearning.grenoble-em.com/m [...] d31011.cab
O16 - DPF: {BD417B41-24BF-478C-A4C1-5968B01C82CF} (Inet8.CInet8) - http://elearning.grenoble-em.com/m [...] /inet8.cab
O16 - DPF: {C2441399-6C44-4FB3-A69D-4BA9BEA61EFF} (D71015.Module) - http://elearning.grenoble-em.com/m [...] d71015.cab
O16 - DPF: {C2DBF08D-A6EC-4C00-A242-0E9589CF3399} (D71012.Module) - http://elearning.grenoble-em.com/m [...] d71012.cab
O16 - DPF: {CAB400AF-4BB7-11D6-8A0A-004033D24DB9} (D41021.Module) - http://elearning.grenoble-em.com/m [...] d41021.cab
O16 - DPF: {CDCB9DBC-3728-11D6-8A0A-004033D24DB9} (D31021.Module) - http://elearning.grenoble-em.com/m [...] d31021.cab
O16 - DPF: {CDCB9E5A-3728-11D6-8A0A-004033D24DB9} (D31024.Module) - http://elearning.grenoble-em.com/m [...] d31024.cab
O16 - DPF: {CE120CF8-5E84-4245-A1A4-DD5FC86EDAE6} (D71011.Module) - http://elearning.grenoble-em.com/m [...] d71011.cab
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://mediaplus.grenoble-em.com/D [...] tTools.CAB
O16 - DPF: {E4F5143B-E4D9-11D5-8A02-004033D24DB9} (D41016.Module) - http://elearning.grenoble-em.com/m [...] d41016.cab
O16 - DPF: {E4F5145E-E4D9-11D5-8A02-004033D24DB9} (D41017.Module) - http://elearning.grenoble-em.com/m [...] d41017.cab
O16 - DPF: {E4F51484-E4D9-11D5-8A02-004033D24DB9} (D41018.Module) - http://elearning.grenoble-em.com/m [...] d41018.cab
O16 - DPF: {E54AB981-BCD6-11D5-8A00-004033D24DB9} (D41012.Module) - http://elearning.grenoble-em.com/m [...] d41012.cab
O16 - DPF: {E728511D-40D8-11D6-8A0A-004033D24DB9} (D41026.Module) - http://elearning.grenoble-em.com/m [...] d41026.cab
O16 - DPF: {ED34B65B-2A98-4125-88E7-F142692E60E4} (D11011.Module) - http://elearning.grenoble-em.com/m [...] d11011.cab
O16 - DPF: {F24754AF-E3BF-414E-BF88-4612047F86FE} (D71014.Module) - http://elearning.grenoble-em.com/m [...] d71014.cab
O16 - DPF: {F3CF31B9-4C73-11D6-8A0A-004033D24DB9} (D31022.Module) - http://elearning.grenoble-em.com/m [...] d31022.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {F70E0C89-1B1A-11D6-8A08-004033D24DB9} (D310.Module) - http://elearning.grenoble-em.com/m [...] F/d310.cab
O16 - DPF: {FA0C386E-1A08-4629-A267-B40C1624E94A} (Inet6.CInet6) - http://elearning.grenoble-em.com/m [...] /inet6.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: flw084 SCSI Adapter (flw084) - Unknown owner - C:\WINDOWS\System32\flw.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Unknown owner - C:\Documents and Settings\Dvd Famille\Bureau\Norton AntiVirus 2004 Pro\ADVTOOLS\NPROTECT.EXE (file missing)
O23 - Service: Network Service (ntvid) - Unknown owner - C:\WINDOWS\System32\ntvda.exe" -service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Procedure Call (RPC) Manager (RpcMgr) - Unknown owner - C:\WINDOWS\System32\setver32.exe (file missing)
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: Web Security (websec) - Unknown owner - C:\WINDOWS\System32\setver32c2.exe (file missing)
O23 - Service: Win32 Configuration (Windows Manage) - Unknown owner - C:\WINDOWS\System32\videosd32.exe" -netsvcs (file missing)
O23 - Service: Windows Security Update - Unknown owner - C:\WINDOWS\System32\secupd.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Il y a 303 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
