Analyse hijack this et avg
Dernière réponse : dans Sécurité
Salut à tous!!
Voilà j'ai effectué toutes les démarches préliminaires pour vous faciliter l'analyse.
(Mon pc rame severe sur internet)
alors j'ai bien effectuer les analyses (avg, antivir, avast, spybot, bitdefender, kapersky en ligne...) ensuite recherche et destruction navilog
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\PartyGaming\"
tentative de suppression de "C:\Program Files\PokerStars\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et la j'en suis à la fin donc voilà:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 12:10:15 08/08/2007
+ Résultat de l'analyse:
:mozilla.49:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.15:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.17:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.18:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.19:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.38:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.16:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.55:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.89:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.59:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.10:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.11:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.12:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.60:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.61:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.100:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
Fin du rapport
CCLEANER EFFECTUE
Et rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:37, on 08/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: HP00187101DC6B HP00187101DC6B
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender Free Edition\bdnagent.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
Quelles lignes supprimer ?
Voilà j'ai effectué toutes les démarches préliminaires pour vous faciliter l'analyse.
(Mon pc rame severe sur internet)
alors j'ai bien effectuer les analyses (avg, antivir, avast, spybot, bitdefender, kapersky en ligne...) ensuite recherche et destruction navilog
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\PartyGaming\"
tentative de suppression de "C:\Program Files\PokerStars\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et la j'en suis à la fin donc voilà:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 12:10:15 08/08/2007
+ Résultat de l'analyse:
:mozilla.49:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.15:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.17:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.18:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.19:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.38:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.16:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.55:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.89:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.59:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.10:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.11:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.12:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.60:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.61:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.100:C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Application Data\Mozilla\Firefox\Profiles\vwhw7jqa.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Alejandro.ALEJANDR-F6EAD3\Cookies\alejandro@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
Fin du rapport
CCLEANER EFFECTUE
Et rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:37, on 08/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: HP00187101DC6B HP00187101DC6B
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender Free Edition\bdnagent.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
Quelles lignes supprimer ?
Autres pages sur : analyse hijack this avg
Lassé par la pub ? Créez un compte
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus et analyse de mon hijack this
- ForumInterpretation analyse hijack this
- ForumSvp - analyse hijack this
- ForumPc bloque au demarrage analyse hijack this
- ForumSvp analyse hijack this log
- ForumPc infecte et analyse hijack this
- ForumDemande analyse hijack this log
- ForumAnalyse scan hijack this
- ForumAnalyse resultats hijack this
- ForumAnalyse log hijack this
- Voir plus
