B2oBa

Tout à l' air correct, je te remercie enormement c' est super THXXXXXXXXXX !!!

Voici le nouveau rapport : Analyse 2

Voici le rapport : Analyse

Les deux fichiers sont correct après analise

Coucou, désolé pour le retard mais j' avais vraiment pas le temps depuis la dernière fois J' ai donc fait tout ce que tu m' avait dit, seul ptit truc le fichier c:/windows/smss.exe je ne le trouve pas, j ai deux smss mais dans c:/windows/system32 et dans c:/windows/system32/dllcache Voici les rapports : Logfile of HijackThis v1.99.1 Scan saved at 18:21:01, on 7/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE C:\Documents and Settings\Tyler\Bureau\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [EasyMod] C:\Program Files\EasyBox\EasyMod.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 18:15:55 7/02/2007 + Résultat de l'analyse: C:\Program Files\Media Access -> Adware.MediaAccess : Nettoyé. C:\Program Files\Media Access\Info.txt -> Adware.MediaAccess : Nettoyé. C:\Program Files\Media Access\MediaAccK.exe -> Adware.MediaAccess : Nettoyé. C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP2\A0002269.exe -> Adware.SaveNow : Nettoyé. C:\Program Files\Illustrate\dBpowerAMP\Powerpack_crack.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@admarketplace[1].txt -> TrackingCookie.Admarketplace : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@ad.adnet[2].txt -> TrackingCookie.Adnet : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@-com-[2].txt -> TrackingCookie.Com : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@com[1].txt -> TrackingCookie.Com : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@ehg-digg.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@komtrack[2].txt -> TrackingCookie.Komtrack : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@banner.newyorkcasino[1].txt -> TrackingCookie.Newyorkcasino : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@overture[2].txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@paypopup[2].txt -> TrackingCookie.Paypopup : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@ads.planetactive[2].txt -> TrackingCookie.Planetactive : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé. C:\Documents and Settings\Tyler\Cookies\tyler@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé. C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP26\A0042630.exe -> Trojan.Maran.bp : Nettoyé. C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP26\A0042632.dll -> Trojan.OnLineGames.arg : Nettoyé. Fin du rapport Voilà ce que ca me donne

De quel autre fichier tu me parle ? Car ShooDL.exe je ne l' ai pas et dans le dossier microsoft je n' ai aucun fichier

Cette fois ci effectivmeent ca marche, par contre je ne trouve pas le fichier ShooDL.exe que tu m' indique, ni manullement ni via la recherche windows

Je n'arrive pas à aller sur ton lien, et dans le dossier microsoft je n' ai rien du tout

Bonjour a tous, je me suis apparement choppé quelques merdes ces derniers jours et mon pc commencait vraiment a ramer de plus en plus J' ai donc décider d' enlever tous ca avant que ca ne dégénère. J' ai donc commencer pour faire un nettoyage de base avec Anti Vir en mode sans échec, et voici le résultat : Logfile of HijackThis v1.99.1 Scan saved at 6:21:13, on 17/01/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\devldr32.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE C:\Documents and Settings\Tyler\Bureau\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ms] C:\Program Files\Microsoft\svhost32.exe O4 - HKLM\..\Run: [Tilerun] Tilecom32.com O4 - HKLM\..\Run: [RTV] c:\windows\system32\ShooDL.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunServices: [Tilerun] Tilecom32.com O4 - HKLM\..\RunServices: [RTV] c:\windows\system32\ShooDL O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RTV] c:\windows\system32\ShooDL.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: Card Adapter (NETDown) - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) Y' a t-il encore des merdes ?

Ok j' ai réactiver la restauration, je dois y aller la donc je lirai les conseils des que possible, merci mille fois à tous ceux qui m' ont aidés MERCI

Non tout a l' air de fonctionner très bien J' ai fini ?

Voici mon nouveau ewido : + Créé le: 20:35:27, 1/12/2005 + Somme de contrôle: 996543D5 + Résultats du scan: C:\Documents and Settings\Tyler\Cookies\tyler@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder C:\Program Files\mksvfinal\mirc32.exe -> Backdoor.IRC.Smev.a : Nettoyer et sauvegarder C:\Program Files\mksvfinal\prog\click.RB0/click.exe -> Not-A-Virus.Nuker.Click.22 : Erreur durant le nettoyage ::Fin du rapport Pour ce qui est du logitiel Mksvfinal, il s' agit de Mirc et je l' ai toujours eu depuis que j' ai un pc il m' a jamais poser de problème donc je préfère le laisser Qu' est ce que ca donne maintenant ?

Oups excuse moi le voici : + Créé le: 18:23:54, 1/12/2005 + Somme de contrôle: 593BF1F + Résultats du scan: C:\Program Files\Media Access -> Adware.MediaAccess : Nettoyer et sauvegarder C:\Program Files\Media Access\Info.txt -> Adware.MediaAccess : Nettoyer et sauvegarder C:\Program Files\Media Access\MediaAccC.dll -> Adware.MediaAccess : Nettoyer et sauvegarder C:\Program Files\Media Access\MediaAccess.exe -> Adware.MediaAccess : Nettoyer et sauvegarder C:\Program Files\Media Access\MediaAccK.exe -> Adware.MediaAccess : Nettoyer et sauvegarder C:\Program Files\mksvfinal\mirc32.exe -> Backdoor.IRC.Smev.a : Nettoyer et sauvegarder C:\Program Files\mksvfinal\prog\click.RB0/click.exe -> Not-A-Virus.Nuker.Click.22 : Erreur durant le nettoyage C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP13\A0003645.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP13\A0003646.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP13\A0003647.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP14\A0003659.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP14\A0003660.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP14\A0003661.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003711.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003726.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003727.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003728.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003794.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003795.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003797.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003841.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003842.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003843.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003869.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003870.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003872.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003914.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003915.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003916.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003927.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003928.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003929.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003939.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003940.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003941.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003944.exe -> Spyware.SurfAccuracy : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003951.exe -> Backdoor.IRC.Smev.a : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003958.exe -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003961.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003962.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003969.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003970.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003988.exe -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003992.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003998.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0003999.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004089.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004090.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004091.exe -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004145.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004146.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004167.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004168.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004169.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004170.exe -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004171.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP19\A0004172.dll -> Downloader.Agent.tv : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP20\A0004205.exe -> Spyware.WinAD : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP29\A0010814.exe -> Spyware.WinAD : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP29\A0011026.exe -> Spyware.WinAD : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP30\A0012494.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP30\A0012531.exe -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP30\A0012532.dll -> Trojan.EliteBar.h : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP30\A0012533.exe -> Trojan.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP30\A0012534.exe -> Dropper.Agent.se : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP30\A0012535.exe -> Trojan.Pakes : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP31\A0012981.exe -> Backdoor.Wootbot.z : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP31\A0012983.exe -> Spyware.WinAD : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002354.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002356.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002365.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002366.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002367.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002379.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002380.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002383.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002402.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002428.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002429.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002431.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002452.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002453.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002455.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002475.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002476.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002478.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002493.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002494.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002495.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002570.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002571.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0002573.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0003569.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0003571.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\System Volume Information\_restore{F2D633CA-0142-49CA-AFF8-AA24C6B826BE}\RP7\A0003572.dll -> Spyware.EliteBar : Nettoyer et sauvegarder C:\temp\MediaGateway.exe -> Spyware.WinAD : Nettoyer et sauvegarder ::Fin du rapport Voila; sinon non je n' est pas de dysfonctionnement Est-ce bon ??

Je viens juste de finir le nettoyage : Logfile of HijackThis v1.99.1 Scan saved at 18:24:36, on 1/12/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Tyler\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe

Ok je vais pas pouvoir le faire de suite la car je vais partir mais des que c' est fait je te tiens au courant Merci beaucoup en tout cas et bonne soirée à toi aussi

Bonjour !! Je suis infecté par un virus, j' ai donc suivi la procédure de nettoyage et voici mon rapport : Logfile of HijackThis v1.99.1 Scan saved at 18:46:40, on 30/11/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Tyler\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe" O4 - HKLM\..\Run: [shell32] C:\WINDOWS\System32\wuauclt10.exe O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\System32\smmss.exe O4 - HKLM\..\Run: [Windows update] C:\WINDOWS\System32\wudupdate.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [system service79] C:\WINDOWS\etb\pokapoka79.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Voila, merci d' avance pour votre aide

Je l' avais deja verifier et c' est pas ca Il est peut etre mort tu crois ? Comment verifier ?

J' ai qu' un seule barette, j' ai donc pris une barrette de mon pc pour tester mais c' est pareil il me dit ram ok et en dessous donc le DDR400 et il s' arrete la

Non le pc n' est pas overcloké du tout, j' ai deja essayer ac Clear CMOS mais ca change rien, les ventilo tourne bien, tout est bien enfichés et les barrettes j' ai deja essayer Merci en tout cas Oki merci je vais essayer, je vous tiens au courant Je viens donc de tester en débrancher lecteur dvd et graveur, ca marche pas non plus le pc s' arrete à ! Memory frequency : DDR400 Et ne va pas plus loin, impossible ne rentrer dans le bios

Bonjour tout le monde ! J' espère etre dans la bonne section pour poser ma question dans le cas contraire je vous fait mes excuses Alors j' ai un gros problème avec le pc a mon frère, il ne veut plus démarrer Ce que je ne comprend pas c' est qu' a chaque fois il me fait un truc different : Soit il s' arrete a "Detecting IDE Drive" et la plus moyen de rien faire ni meme de rentrer dans le bios Soit il me marque un truc genre "CPU unworkable or change" ect .... Soit il s' eteind d' un coup et pousse un cri genre sirène de pompier J' ai vérifier les branchements aparement tout est bon ( mais je ne suis pas non plus grand specialiste ) Pour info c' est une Abit nf7 avec un barton 2800+ qui tourne sur win xp. Voila j' espere que vous pouvez m' aider

Ok ben c cool Aparement tout roule Je remercie enormement tous ceux qui m' ont aidé, c' est vraiment super MERCI !!!

Voila Logfile of HijackThis v1.99.1 Scan saved at 18:40:07, on 4/09/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Tyler\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Leadtek Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe

Le lien de "miekiemoes' LQfix" marche pas

Voila les logs : Registry Log file generated by *** ETRemover - V.2.0.1 *** 04/09/2005 - 17:31:00 System info: OS Platform: Microsoft Windows 2000 OS Version: 5.01.2600 OS Update: Service Pack 1 CPU Maker: AuthenticAMD CPU Model: x86 Family 15 Model 12 Stepping 0 CPU Speed: 2411 MHz Running processes: [system process] [sYSTEM] system [sYSTEM] smss.exe [\SystemRoot\System32\smss.exe] csrss.exe [sYSTEM] winlogon.exe [\??\C:\WINDOWS\system32\winlogon.exe] services.exe [C:\WINDOWS\system32\services.exe] lsass.exe [C:\WINDOWS\system32\lsass.exe] svchost.exe [C:\WINDOWS\system32\svchost.exe] svchost.exe [C:\WINDOWS\system32\svchost.exe] explorer.exe [C:\WINDOWS\Explorer.EXE] etremover_v201.exe [C:\Documents and Settings\Tyler\Bureau\ETRemover_V201\ETRemover_v201.exe] ------------------------------------------ HKLM -> UserInit in NT: DWORD: AutoRestartShell = 1 DefaultDomainName = TEST DefaultUserName = Tyler LegalNoticeCaption = LegalNoticeText = PowerdownAfterShutdown = 0 ReportBootOk = 1 Shell = Explorer.exe ShutdownWithoutLogon = 0 System = Userinit = C:\WINDOWS\system32\userinit.exe, VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl" DWORD: SfcQuota = -1 allocatecdroms = 0 allocatedasd = 0 allocatefloppies = 0 cachedlogonscount = 10 DWORD: forceunlocklogon = 0 DWORD: passwordexpirywarning = 14 scremoveoption = 0 DWORD: AllowMultipleTSSessions = 1 DWORD: LogonType = 1 Background = 0 0 0 DebugServerCommand = no DWORD: HibernationPreviouslyEnabled = 1 DWORD: SFCDisable = -99 WinStationsDisabled = 0 DWORD: ShowLogonOptions = 0 AltDefaultUserName = Tyler AltDefaultDomainName = TEST AutoAdminLogon = 0 KeepRasConnections = 1 DWORD: SFCSetting = -99 ------------------------------------------ HKCU -> UserInit in NT: ParseAutoexec = 1 ExcludeProfileDirs = Local Settings;Temporary Internet Files;Historique;Temp DWORD: BuildNumber = 2600 ------------------------------------------ HKLM -> UserInit: * Registry key not found * ------------------------------------------ HKCU -> UserInit in NT: * Registry key not found * ------------------------------------------ Running processes in NT / HKLM -> RUN (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> RUN (Autorun entries from Registry): NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize SmcService = C:\PROGRA~1\Sygate\SPF\smc.exe -startgui PinnacleDriverCheck = C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot Windows Spooler = C:\WINDOWS\System32\spoolsv32.exe Windows DLL Host = C:\WINDOWS\System32\dllhost32.exe Media Access = C:\Program Files\Media Access\MediaAccK.exe BullsEye Network = C:\Program Files\BullsEye Network\bin\bargains.exe lsass = C:\windows\system32\elitewrd32.exe ------------------------------------------ Running processes in HKLM -> RUNONCE (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKLM -> RUNONCEEX (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKLM -> RUNSERVICES (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> RUNSERVICESONCE (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in NT / HKCU -> RUN (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUN (Autorun entries from Registry): CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe CursorXP = C:\themeGold55\CursorXP\CursorXP.exe -s MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background ------------------------------------------ Running processes in HKCU -> RUNONCE (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKCU -> RUNONCEEX (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUNSERVICES (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUNSERVICESONCE (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> Browser Helper Objects: ------------------------------------------ Programs in HKLM -> Common Startup: Exif Launcher.lnk Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk ------------------------------------------ Registry Log file generated by *** ETRemover - V.2.0.1 *** 04/09/2005 - 17:31:11 System info: OS Platform: Microsoft Windows 2000 OS Version: 5.01.2600 OS Update: Service Pack 1 CPU Maker: AuthenticAMD CPU Model: x86 Family 15 Model 12 Stepping 0 CPU Speed: 2411 MHz Running processes: [system process] [sYSTEM] system [sYSTEM] smss.exe [\SystemRoot\System32\smss.exe] csrss.exe [sYSTEM] winlogon.exe [\??\C:\WINDOWS\system32\winlogon.exe] services.exe [C:\WINDOWS\system32\services.exe] lsass.exe [C:\WINDOWS\system32\lsass.exe] svchost.exe [C:\WINDOWS\system32\svchost.exe] svchost.exe [C:\WINDOWS\system32\svchost.exe] explorer.exe [C:\WINDOWS\Explorer.EXE] etremover_v201.exe [C:\Documents and Settings\Tyler\Bureau\ETRemover_V201\ETRemover_v201.exe] ------------------------------------------ HKLM -> UserInit in NT: DWORD: AutoRestartShell = 1 DefaultDomainName = TEST DefaultUserName = Tyler LegalNoticeCaption = LegalNoticeText = PowerdownAfterShutdown = 0 ReportBootOk = 1 Shell = Explorer.exe ShutdownWithoutLogon = 0 System = Userinit = C:\WINDOWS\system32\userinit.exe, VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl" DWORD: SfcQuota = -1 allocatecdroms = 0 allocatedasd = 0 allocatefloppies = 0 cachedlogonscount = 10 DWORD: forceunlocklogon = 0 DWORD: passwordexpirywarning = 14 scremoveoption = 0 DWORD: AllowMultipleTSSessions = 1 DWORD: LogonType = 1 Background = 0 0 0 DebugServerCommand = no DWORD: HibernationPreviouslyEnabled = 1 DWORD: SFCDisable = -99 WinStationsDisabled = 0 DWORD: ShowLogonOptions = 0 AltDefaultUserName = Tyler AltDefaultDomainName = TEST AutoAdminLogon = 0 KeepRasConnections = 1 DWORD: SFCSetting = -99 ------------------------------------------ HKCU -> UserInit in NT: ParseAutoexec = 1 ExcludeProfileDirs = Local Settings;Temporary Internet Files;Historique;Temp DWORD: BuildNumber = 2600 ------------------------------------------ HKLM -> UserInit: * Registry key not found * ------------------------------------------ HKCU -> UserInit in NT: * Registry key not found * ------------------------------------------ Running processes in NT / HKLM -> RUN (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> RUN (Autorun entries from Registry): NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize SmcService = C:\PROGRA~1\Sygate\SPF\smc.exe -startgui PinnacleDriverCheck = C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot Windows Spooler = C:\WINDOWS\System32\spoolsv32.exe Windows DLL Host = C:\WINDOWS\System32\dllhost32.exe Media Access = C:\Program Files\Media Access\MediaAccK.exe BullsEye Network = C:\Program Files\BullsEye Network\bin\bargains.exe lsass = C:\windows\system32\elitewrd32.exe ------------------------------------------ Running processes in HKLM -> RUNONCE (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKLM -> RUNONCEEX (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKLM -> RUNSERVICES (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> RUNSERVICESONCE (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in NT / HKCU -> RUN (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUN (Autorun entries from Registry): CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe CursorXP = C:\themeGold55\CursorXP\CursorXP.exe -s MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background ------------------------------------------ Running processes in HKCU -> RUNONCE (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKCU -> RUNONCEEX (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUNSERVICES (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUNSERVICESONCE (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> Browser Helper Objects: ------------------------------------------ Programs in HKLM -> Common Startup: Exif Launcher.lnk Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk ------------------------------------------ Registry Log file generated by *** ETRemover - V.2.0.1 *** 04/09/2005 - 17:31:45 System info: OS Platform: Microsoft Windows 2000 OS Version: 5.01.2600 OS Update: Service Pack 1 CPU Maker: AuthenticAMD CPU Model: x86 Family 15 Model 12 Stepping 0 CPU Speed: 2411 MHz Running processes: [system process] [sYSTEM] system [sYSTEM] smss.exe [\SystemRoot\System32\smss.exe] csrss.exe [sYSTEM] winlogon.exe [\??\C:\WINDOWS\system32\winlogon.exe] services.exe [C:\WINDOWS\system32\services.exe] lsass.exe [C:\WINDOWS\system32\lsass.exe] svchost.exe [C:\WINDOWS\system32\svchost.exe] svchost.exe [C:\WINDOWS\system32\svchost.exe] explorer.exe [C:\WINDOWS\Explorer.EXE] etremover_v201.exe [C:\Documents and Settings\Tyler\Bureau\ETRemover_V201\ETRemover_v201.exe] ------------------------------------------ HKLM -> UserInit in NT: DWORD: AutoRestartShell = 1 DefaultDomainName = TEST DefaultUserName = Tyler LegalNoticeCaption = LegalNoticeText = PowerdownAfterShutdown = 0 ReportBootOk = 1 Shell = Explorer.exe ShutdownWithoutLogon = 0 System = Userinit = C:\WINDOWS\system32\userinit.exe, VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl" DWORD: SfcQuota = -1 allocatecdroms = 0 allocatedasd = 0 allocatefloppies = 0 cachedlogonscount = 10 DWORD: forceunlocklogon = 0 DWORD: passwordexpirywarning = 14 scremoveoption = 0 DWORD: AllowMultipleTSSessions = 1 DWORD: LogonType = 1 Background = 0 0 0 DebugServerCommand = no DWORD: HibernationPreviouslyEnabled = 1 DWORD: SFCDisable = -99 WinStationsDisabled = 0 DWORD: ShowLogonOptions = 0 AltDefaultUserName = Tyler AltDefaultDomainName = TEST AutoAdminLogon = 0 KeepRasConnections = 1 DWORD: SFCSetting = -99 ------------------------------------------ HKCU -> UserInit in NT: ParseAutoexec = 1 ExcludeProfileDirs = Local Settings;Temporary Internet Files;Historique;Temp DWORD: BuildNumber = 2600 ------------------------------------------ HKLM -> UserInit: * Registry key not found * ------------------------------------------ HKCU -> UserInit in NT: * Registry key not found * ------------------------------------------ Running processes in NT / HKLM -> RUN (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> RUN (Autorun entries from Registry): NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize SmcService = C:\PROGRA~1\Sygate\SPF\smc.exe -startgui PinnacleDriverCheck = C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot Windows Spooler = C:\WINDOWS\System32\spoolsv32.exe Windows DLL Host = C:\WINDOWS\System32\dllhost32.exe Media Access = C:\Program Files\Media Access\MediaAccK.exe BullsEye Network = C:\Program Files\BullsEye Network\bin\bargains.exe lsass = C:\windows\system32\elitewrd32.exe ------------------------------------------ Running processes in HKLM -> RUNONCE (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKLM -> RUNONCEEX (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKLM -> RUNSERVICES (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> RUNSERVICESONCE (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in NT / HKCU -> RUN (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUN (Autorun entries from Registry): CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe CursorXP = C:\themeGold55\CursorXP\CursorXP.exe -s MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background ------------------------------------------ Running processes in HKCU -> RUNONCE (Autorun entries from Registry): * No values found * ------------------------------------------ Running processes in HKCU -> RUNONCEEX (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUNSERVICES (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKCU -> RUNSERVICESONCE (Autorun entries from Registry): * Registry key not found * ------------------------------------------ Running processes in HKLM -> Browser Helper Objects: ------------------------------------------ Programs in HKLM -> Common Startup: Exif Launcher.lnk Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk ------------------------------------------ Et Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 17:34:51, on 4/09/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Tyler\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search123forme.com/sp2.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search123forme.com/sp2.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.search123forme.com/sp2.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.search123forme.com/sp2.php R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\System32\spoolsv32.exe O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\System32\dllhost32.exe O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitewrd32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Leadtek Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe

Voila ce que ca me donne apres avoir fait le nettoyage Logfile of HijackThis v1.99.1 Scan saved at 16:21:13, on 4/09/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\Real\RealOne Player\RealPlay.exe C:\WINDOWS\etb\pokapoka65.exe C:\Documents and Settings\Tyler\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search123forme.com/sp2.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search123forme.com/sp2.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.search123forme.com/sp2.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.search123forme.com/sp2.php R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Installer] C:\WINDOWS\System32\ntdll.exe O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\System32\spoolsv32.exe O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\System32\dllhost32.exe O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitewrd32.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Leadtek Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe