Aller au contenu

cyrilou

Membres
  • Compteur de contenus

    12
  • Inscription

  • Dernière visite

cyrilou's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. salut charles voici le rapport (un peu à la bourre je l'avoue) j'ai l'impression que shoppermachin est viré ! au passage j'ai viré norton antivirus pour mettre antivir à la place Logfile of HijackThis v1.99.1 Scan saved at 22:20:24, on 18/09/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Securite\Antivir\AVGUARD.EXE C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Securite\Antivir\AVWUPSRV.EXE C:\Securite\ewido\security suite\ewidoctrl.exe C:\Securite\Firewall\Kerio\persfw.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe C:\Securite\Antivir\AVGNT.EXE C:\WINDOWS\System32\devldr32.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Microsoft Money\System\urlmap.exe C:\Securite\hijackthis\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe" O4 - HKLM\..\Run: [AVGCtrl] "C:\Securite\Antivir\AVGNT.EXE" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Securite\Antivir\AVGUARD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Securite\Antivir\AVWUPSRV.EXE O23 - Service: ewido security suite control - ewido networks - C:\Securite\ewido\security suite\ewidoctrl.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Securite\Firewall\Kerio\persfw.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
  2. salut charles inglas, alors voila les rapports pour Ewido et REGSEARCH. apparemment ewido a fait du ménage mais j'ai pas encore relancé hijackthis... ---------------------------------------------------------਍ഀ ewido security suite - Scan report਍ഀ ---------------------------------------------------------਍ഀ ਍ഀ + Created on: 07:14:05, 05/09/2005਍ഀ + Report-Checksum: 97E6B144਍ഀ ਍ഀ + Scan result:਍ഀ ਍ഀ HKLM\SOFTWARE\Classes\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\Interface\{8578D35E-C6C0-4808-9A80-0F6C29A2C423} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{45397063-D7D0-47C2-9508-26487608A298} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{71EFE583-62FE-4419-9918-CA3B683F7B36} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{793AF621-5CD0-4B92-B765-6712F6AAF48E} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{842D315A-7E1E-448B-96E8-9E76D1820BE2} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{9967A873-40F3-4C7E-9239-6C8760F19F61} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{B5901229-25CC-43C9-B604-3BB6AC2B48A5} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{B9F51D42-CCA0-4408-BB02-D433D1865A3A} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{C83DAED4-0611-4F7A-978E-7FEAFCB2F91B} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Classes\TypeLib\{F8EE014F-B34C-4544-8E45-95A7971D323B} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\HbTools\Mail -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\HbTools\Updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\Hotbar -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\Hotbar\Install -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\Install -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\HbTools\Install\CmpMap -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} -> Spyware.HotBar : Cleaned with backup਍ഀ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Common -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Common\Time -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Common\Updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\dynamic -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\dynamicFail -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\EUI -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\HtmlPPP -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\ImagesHistory -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\links -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\mail -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\options -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg800 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg801 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg802 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg803 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg807 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg808 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg810 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg811 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg812 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg818 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg819 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg827 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg828 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg829 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg830 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg842 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg843 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg844 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Sample\Hist\sg845 -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\UserInfo -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HbTools\Weather -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HostOI -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\HostOI\Updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\hostol -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\hostol\Mail -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\hostol\soho -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\hostol\Updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\hotbar -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\hotbar\MultiUrl -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Time -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Time\HostIE -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Time\HostIE\Updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Time\HostOI -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Time\HostOI\Updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Time\HostOL -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\HbTools\Time\HostOL\Updates -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\Microsoft\Internet Explorer\Explorer Bars\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup਍ഀ HKU\S-1-5-21-1715567821-1801674531-682003330-500\Software\Microsoft\Internet Explorer\Explorer Bars\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} -> Spyware.HotBar : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@estat[1].txt -> Spyware.Cookie.Estat : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Comclick : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@overture[2].txt -> Spyware.Cookie.Overture : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@revenue[2].txt -> Spyware.Cookie.Revenue : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Advertising : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@sexlist[2].txt -> Spyware.Cookie.Sexlist : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@valueclick[2].txt -> Spyware.Cookie.Valueclick : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\administrator@weborama[1].txt -> Spyware.Cookie.Weborama : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Smartadserver : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup਍ഀ C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Smartadserver : Cleaned with backup਍ഀ C:\Securite\hijackthis\backups\backup-20050818-215824-756.dll -> Spyware.Hotbar : Cleaned with backup਍ഀ ::Report EndREGEDIT4 ; Registry Search by Bobbi Flekman ; Version: 1.0.2.1 ; Results at 05/09/2005 07:52:27 for strings: ; 'shopperreports' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand.1] @="ShopperReports – Price Comparison" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand.1] @="ShopperReports – Price Comparison" ; End Of The Log...
  3. salut je reviens un peu tard mais j'étais en vacances ! charles inglas, j'ai fait ce que tu m'as dit mais dans le rapport Hijack, j'ai toujours les ShopperReports !!! Iln'y a aucune trace dans ajout/suppr de prog j'ai fini par virer Norton pour mettre Antivir , j'espère que c'est une bonne idée rapport : Logfile of HijackThis v1.99.1 Scan saved at 00:16:46, on 03/09/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Securite\Firewall\Kerio\persfw.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\devldr32.exe C:\WINDOWS\System32\wuauclt.exe C:\Securite\Antivir\AVWUPSRV.EXE C:\Securite\Antivir\AVGNT.EXE C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Common Files\Aol\aoltpspd.exe C:\Securite\Antivir\AVGUARD.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Securite\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe" O4 - HKLM\..\Run: [AVGCtrl] "C:\Securite\Antivir\AVGNT.EXE" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll (file missing) O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D98335A3-F463-44F3-B668-BB300406E9E4}: NameServer = 205.188.146.145 O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Securite\Antivir\AVGUARD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Securite\Antivir\AVWUPSRV.EXE O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Securite\Firewall\Kerio\persfw.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
  4. salut charles ingals j'ai fait ce quu tu as dit et voici le nouveau log : Logfile of HijackThis v1.99.1 Scan saved at 22:24:24, on 18/08/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Securite\Antivir\AVGUARD.EXE C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Securite\Antivir\AVWUPSRV.EXE C:\Securite\Norton Antivirus\navapsvc.exe C:\Securite\Norton Antivirus\IWP\NPFMntor.exe C:\Securite\Firewall\Kerio\persfw.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\devldr32.exe C:\Securite\Antivir\AVGNT.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wuauclt.exe C:\Securite\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Securite\Norton Antivirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Securite\Norton Antivirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Securite\Antivir\AVGNT.EXE /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Securite\Antivir\AVGUARD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Securite\Antivir\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Securite\Norton Antivirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Securite\Norton Antivirus\IWP\NPFMntor.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Securite\Firewall\Kerio\persfw.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Securite\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe et il y a toujours shopper reports qui veut pas s'enlever ! en tout cas le fait d'avoir désinstaller un des 2 antivirus , ca a remis mon pc a sa vitesse normale. En fait il faudrait surtout que je rachete de la RAM pour changer qq chose. En tout cas merci pour tout !!!!!!
  5. je vais essayer ca ce soir ! en tout cas encore merci pour votre aide et ca fait plaisir de voir des réponses aussi rapides et aussi détaillées !!
  6. j'ai fait tout ce qu'on m'a dit mais mon pc rame toujours . j'ai fait un nouveau log hijack : Logfile of HijackThis v1.99.1 Scan saved at 22:24:24, on 18/08/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Securite\Antivir\AVGUARD.EXE C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Securite\Antivir\AVWUPSRV.EXE C:\Securite\Norton Antivirus\navapsvc.exe C:\Securite\Norton Antivirus\IWP\NPFMntor.exe C:\Securite\Firewall\Kerio\persfw.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\devldr32.exe C:\Securite\Antivir\AVGNT.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wuauclt.exe C:\Securite\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Securite\Norton Antivirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Securite\Norton Antivirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Securite\Antivir\AVGNT.EXE /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Securite\Antivir\AVGUARD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Securite\Antivir\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Securite\Norton Antivirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Securite\Norton Antivirus\IWP\NPFMntor.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Securite\Firewall\Kerio\persfw.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Securite\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
  7. je fais tout ca ce soir ! mais le fait de faire un "fix checked" ne va pas bloquer les applications en question , hein ?
  8. Voici un log de Hij en mode sans échec après nettoyage simple et lancement d'antivir : Logfile of HijackThis v1.99.1 Scan saved at 08:04:36, on 18/08/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Securite\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=12345 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=12345 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Servi...omeLeftPane.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://porttest.emule-project.net/connecti...=4672&lang=1036 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.6.4.0\HbtHostIE.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Securite\Norton Antivirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Securite\Norton Antivirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.6.4.0\HbtHostIE.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [nktbgxri] C:\WINDOWS\System32\ensxsykv.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Securite\Antivir\AVGNT.EXE /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\cetda.exe O16 - DPF: {4B6E3013-6E45-11D0-9309-0020AFE05CC8} (blaxxun CC3D) - http://www.allomaison.fr/medias/contact/cab/blaxxunCC3D.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-18.cab O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Securite\Antivir\AVGUARD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Securite\Antivir\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Securite\Norton Antivirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Securite\Norton Antivirus\IWP\NPFMntor.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Securite\Firewall\Kerio\persfw.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Securite\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe Est ce que qq un sait ce qui ne va pas la dedans ?! J'ai l'impression que la ligne O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.6.4.0\HbtHostIE.dll devrait etre enlevé ... Merci pour votre aide Source : http://forum.zebulon.fr/index.php?act=ST&f=40&t=69176
  9. Merci , je vais faire ca de suite ! J'avais pas vu le forum sécurité
  10. MOn PC rame énormément depuis qu'il y a HotBar dessus (je pense que c'est à cause de ca que ca rame) et impossible de le supprimer malgré les patch de désinstall que j'ai pu trouver sur différents forums... Voici un log de Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 12:53:01, on 17/08/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Securite\Norton Antivirus\navapsvc.exe C:\Securite\Norton Antivirus\IWP\NPFMntor.exe C:\Securite\Firewall\Kerio\persfw.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Securite\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=12345 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=12345 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Servi...omeLeftPane.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://porttest.emule-project.net/connecti...=4672&lang=1036 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.6.4.0\HbtHostIE.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Securite\Norton Antivirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Securite\Norton Antivirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.6.4.0\HbtHostIE.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [nktbgxri] C:\WINDOWS\System32\ensxsykv.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\cetda.exe O16 - DPF: {4B6E3013-6E45-11D0-9309-0020AFE05CC8} (blaxxun CC3D) - http://www.allomaison.fr/medias/contact/cab/blaxxunCC3D.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-18.cab O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Securite\Norton Antivirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Securite\Norton Antivirus\IWP\NPFMntor.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Securite\Firewall\Kerio\persfw.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Securite\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe Pouvez-vous m'aidez à supprimer les entrées qui ne servent à rien ? et comment pourrais-je supprimer HOTBAR efficacement ? Merci pour votre aide!
  11. cyrilou

    Pb install de carte graphique

    Ok je vais essayer ! Merci
  12. Bonjour à tous, On m'a conseillé de venir posté un sujet sur ce site qui a l'air effectivement assez riche. MOn pb est le suivant : j'ai acheté une carte graphique RX9200SE T128 pour remplacer une vieille carte qui m'a laché ... Au moment d'installer les pilotes fournis avec le cd d'instal, windows XP me dit que les pilotes ne sont pas certifés ("this driver is not digitally signed") Je force tout de même l'installation et quand je redémarre le pc, il plante sur l'écran de bienvenue. Je suis alors obligé de tourner en mode sans échec et de désactiver les pilotes ... Si qq'un pouvait m'aider ! Cyril
×
×
  • Créer...