et voici la 3ième
************************************************************
20:55:25: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:
************************************************************
20:55:26: Scanning ----- WINLOGON\NOTIFY DLLS -----
Key : AtiExtEvent
DLLName: Ati2evxx.dll
C:\WINDOWS\system32\Ati2evxx.dll
86016 bytes
Created: 01/01/2004
Modified: 25/06/2004
Company:
----------
Key : igfxcui
DLLName: igfxsrvc.dll
C:\WINDOWS\system32\igfxsrvc.dll
344064 bytes
Created: 01/01/2004
Modified: 03/08/2004
Company: Intel Corporation
----------
************************************************************
20:55:27: Scanning ----- CONTEXTMENUHANDLERS -----
Key: {9E96C1F5-0EFA-4348-9460-15D6802C70AA}
Path: C:\Program Files\BitDefender\BitDefender 2009\bdfvsctx.dll
C:\Program Files\BitDefender\BitDefender 2009\bdfvsctx.dll
134656 bytes
Created: 12/08/2008
Modified: 12/08/2008
Company: BitDefender S.R.L.
----------
Key: {D653647D-D607-4df6-A5B8-48D2BA195F7B}
Path: C:\Program Files\BitDefender\BitDefender 2009\bdshelxt.dll
C:\Program Files\BitDefender\BitDefender 2009\bdshelxt.dll
143360 bytes
Created: 10/08/2008
Modified: 10/08/2008
Company: BitDefender S.R.L
----------
************************************************************
20:55:28: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {9E96C1F5-0EFA-4348-9460-15D6802C70AA}
File: C:\Program Files\BitDefender\BitDefender 2009\bdfvsctx.dll
C:\Program Files\BitDefender\BitDefender 2009\bdfvsctx.dll
134656 bytes
Created: 12/08/2008
Modified: 12/08/2008
Company: BitDefender S.R.L.
----------
Key: {F9DB5320-233E-11D1-9F84-707F02C10627}
File: C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
372736 bytes
Created: 10/05/2007
Modified: 10/05/2007
Company: Adobe Systems, Inc.
----------
************************************************************
20:55:28: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
62080 bytes
Created: 22/10/2006
Modified: 22/10/2006
Company: Adobe Systems Incorporated
----------
Key: {50449082-832b-2c27-59ea-092def8bb136}
BHO: C:\WINDOWS\system32\pjripzrfghck.dll
C:\WINDOWS\system32\pjripzrfghck.dll
479232 bytes
Created: 08/10/2008
Modified: 08/10/2008
Company:
----------
Key: {53707962-6F74-2D53-2644-206D7942484F}
BHO: C:\PROGRA~1\SPYBOT~1\SDHelper.dll
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
1562448 bytes
Created: 08/09/2008
Modified: 07/07/2008
Company: Safer Networking Limited
----------
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
509328 bytes
Created: 07/09/2008
Modified: 10/06/2008
Company: Sun Microsystems, Inc.
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar1.dll
c:\program files\google\googletoolbar1.dll
-R- 2436160 bytes
Created: 12/10/2007
Modified: 12/10/2007
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
737776 bytes
Created: 08/10/2008
Modified: 08/10/2008
Company: Google Inc.
----------
Key: {ecdee021-0d17-467f-a1ff-c7a115230949}
BHO: C:\Program Files\free-downloads.net\tbfree.dll
C:\Program Files\free-downloads.net\tbfree.dll
1555480 bytes
Created: 05/03/2008
Modified: 14/02/2008
Company: Conduit Ltd.
----------
************************************************************
20:55:30: Scanning ----- SHELLSERVICEOBJECTS -----
Key: WPDShServiceObj
CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Path: C:\WINDOWS\system32\WPDShServiceObj.dll
C:\WINDOWS\system32\WPDShServiceObj.dll
133632 bytes
Created: 18/10/2006
Modified: 18/10/2006
Company: Microsoft Corporation
----------
************************************************************
20:55:31: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
************************************************************
20:55:31: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.
************************************************************
20:55:31: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank or does not exist
************************************************************
20:55:33: Scanning ----- SECURITY PROVIDER DLLS -----
************************************************************
20:55:33: Scanning ------ COMMON STARTUP GROUP ------
[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
-HS- 84 bytes
Created: 01/01/2004
Modified: 01/01/2004
Company:
--------------------
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
241664 bytes
Created: 29/05/2004
Modified: 29/05/2004
Company: Hewlett-Packard Co.
HP Digital Imaging Monitor.lnk - links to C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
--------------------
C:\Program Files\Microsoft Office\Office10\OSA.EXE
83360 bytes
Created: 13/02/2001
Modified: 13/02/2001
Company: Microsoft Corporation
Microsoft Office.lnk - links to C:\Program Files\Microsoft Office\Office10\OSA.EXE
--------------------
************************************************************
No User Startup Groups were located to check
************************************************************
20:55:35: Scanning ----- SCHEDULED TASKS -----
No Scheduled Tasks found to scan
************************************************************
20:55:35: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
************************************************************
20:55:35: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
==============================
Restrictive Windows Explorer Policies found in force on this computer:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value: NoDrives
Value: StartMenuLogOff
All Policy Values listed have been removed
==============================
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
21233718 bytes
Created: 19/10/2008
Modified: 29/10/2008
Company:
----------
Web Desktop Wallpaper: %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
21233718 bytes
Created: 19/10/2008
Modified: 29/10/2008
Company:
----------
Bogus "VIRUS ALERT!" label found in Time Format registry entry
This bogus entry has been removed
----------
Default Start Menu options restored
----------
Additional checks completed
************************************************************
21:00:23: Scanning ----- RUNNING PROCESSES -----
C:\WINDOWS\System32\smss.exe
--------------------
C:\WINDOWS\system32\csrss.exe
--------------------
C:\WINDOWS\system32\winlogon.exe
--------------------
C:\WINDOWS\system32\services.exe
--------------------
C:\WINDOWS\system32\lsass.exe
--------------------
C:\WINDOWS\system32\Ati2evxx.exe - file already scanned
--------------------
C:\WINDOWS\system32\svchost.exe
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe - file already scanned
--------------------
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe - file already scanned
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\spoolsv.exe
--------------------
C:\Program Files\Bonjour\mDNSResponder.exe - file already scanned
--------------------
C:\Program Files\Tele2\Common\FSMA32.EXE - file already scanned
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\Program Files\Tele2\Common\FSMB32.EXE
--------------------
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe - file already scanned
--------------------
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
--------------------
C:\Program Files\Tele2\Common\FCH32.EXE
--------------------
C:\WINDOWS\System32\alg.exe
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
--------------------
C:\Program Files\Tele2\Common\FAMEH32.EXE
--------------------
C:\Program Files\Tele2\FSAUA\program\fsaua.exe - file already scanned
--------------------
C:\Program Files\Tele2\FSPC\fspc.exe
--------------------
C:\Program Files\Tele2\FSAUA\program\fsus.exe
--------------------
C:\WINDOWS\system32\Ati2evxx.exe - file already scanned
--------------------
C:\WINDOWS\Explorer.EXE - file already scanned
--------------------
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe - file already scanned
--------------------
C:\windows\system\hpsysdrv.exe - file already scanned
--------------------
C:\HP\KBD\KBD.EXE - file already scanned
--------------------
C:\WINDOWS\system32\keyhook.exe - file already scanned
--------------------
C:\WINDOWS\AGRSMMSG.exe - file already scanned
--------------------
C:\WINDOWS\SOUNDMAN.EXE - file already scanned
--------------------
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe - file already scanned
--------------------
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe - file already scanned
--------------------
C:\Program Files\Tele2\Common\FSM32.EXE - file already scanned
--------------------
C:\Program Files\Tele2\FSGUI\fsguidll.exe
--------------------
C:\WINDOWS\ALCWZRD.EXE - file already scanned
--------------------
C:\WINDOWS\ALCMTR.EXE - file already scanned
--------------------
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe - file already scanned
--------------------
C:\WINDOWS\system32\ctfmon.exe - file already scanned
--------------------
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - file already scanned
--------------------
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
--------------------
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
--------------------
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
--------------------
C:\WINDOWS\system32\wuauclt.exe
--------------------
C:\Program Files\Internet Explorer\iexplore.exe
--------------------
C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
--------------------
C:\Documents and Settings\HP_Propriétaire\Application Data\Simply Super Software\Trojan Remover\opv23.exe
FileSize: 2618232
[This is a Trojan Remover component]
--------------------
--------------------
************************************************************
21:00:32: Checking AUTOEXEC.BAT file
AUTOEXEC.BAT found in C:\
No malicious entries were found in the AUTOEXEC.BAT file
************************************************************
21:00:32: Checking AUTOEXEC.NT file
AUTOEXEC.NT found in C:\WINDOWS\system32
No malicious entries were found in the AUTOEXEC.NT file
************************************************************
21:00:32: Checking HOSTS file
No malicious entries were found in the HOSTS file
************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\windows\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 21:00:33 29 oct. 2008
Total Scan time: 00:05:41
************************************************************