Aller au contenu

jeje58

Membres
  • Compteur de contenus

    39
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais/anglais

jeje58's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. bonsoir poulpe voici le nouveau rapport mais bon le fait d'avoir fait le menage un peu a arranger les choses on dirait. Seul "un programme inactif " fait tourner le processeur a 100% mais cela ne fait pas ramer le PC.....et l'exe svchost le fait tourner a 100 % au depart et retombe apres. : Logfile of HijackThis v1.99.1 Scan saved at 22:31:40, on 12/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Acer\Empowering Technology\admServ.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\acer\Empowering Technology\ePower\epm-dm.exe C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE C:\Acer\Empowering Technology\admtray.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Avast4\ashWebSv.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.boursorama.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe @+
  2. voila c fait, j'ai tout desinfecté mais a ne change rien à mn probleme. @+ ;*********************************************************************************************************************************************************************************** ANALYSIS: 2007-05-11 15:59:57 PROTECTIONS: 1 MALWARE: 37 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== avast! antivirus 4.7.986 [VPS 000739-2] 4.7.986 Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00029426 adware/sbsoft Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B} 00032731 application/mywebsearch HackTools No 0 Yes No c:\windows\system32\f3pssavr.scr 00040722 adware/navipromo Adware No 1 Yes No c:\windows\system32\ckiqncsaxg_navps.dat 00115735 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP86\A0043473.DLL 00115735 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051808.DLL 00115735 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040616.DLL 00115735 Application/MyWebSearch HackTools No 0 Yes No C:\Program Files\MSN Messenger\RICHED20.DLL 00116106 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040620.DLL 00116106 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051812.DLL 00134791 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040611.DLL 00134791 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051802.DLL 00134792 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040652.DLL 00134792 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051829.DLL 00139535 Application/Processor HackTools No 0 Yes No C:\SmitfraudFix\SmitfraudFix\Process.exe 00139535 Application/Processor HackTools No 0 Yes No C:\SmitfraudFix.zip[smitfraudFix/Process.exe] 00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\SYSTEM32\Process.exe 00202047 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040612.DLL 00202047 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051803.DLL 00241782 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040622.DLL 00241782 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051815.DLL 00247238 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051800.DLL 00247238 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040609.DLL 00254794 Application/FunWeb HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040618.DLL 00254794 Application/FunWeb HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051810.DLL 00264405 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP103\A0061404.EXE 00264405 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040654.EXE 00314351 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051813.MANIFEST 00314351 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040621.MANIFEST 00328284 Adware/NaviPromo Adware No 1 Yes No C:\WINDOWS\SYSTEM32\ckiqncsaxg.exe 00337303 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051807.DLL 00358091 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051809.EXE 00358091 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040617.EXE 00365118 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040627.DLL 00365118 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051820.DLL 00365120 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040608.DLL 00365120 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051799.DLL 00365121 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051811.DLL 00365123 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040650.DLL 00365123 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051805.DLL 00365126 Application/MyWebSearch HackTools Yes 0 Yes No C:\PROGRAM FILES\INTERNET EXPLORER\MSIMG32.DLL 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040613.DLL 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040596.DLL 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040567.DLL 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP80\A0040565.DLL 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\Program Files\MSN Messenger\MSIMG32.DLL 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051804.DLL 00365127 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051806.SCR 00365127 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040606.SCR 00365127 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040614.SCR 00365133 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040655.DLL 00365133 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP103\A0061405.DLL 00365139 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040624.DLL 00365139 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051817.DLL 00369714 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040630.DLL 00369714 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051823.DLL 00505702 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051821.EXE 00505702 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040628.EXE 00505935 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051828.DLL 00514395 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051798.DLL 00514395 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040607.DLL 00516286 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040610.DLL 00516286 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051801.DLL 00516287 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051814.DLL 00516287 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040651.DLL 00516288 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051819.DLL 00516288 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040626.DLL 00516289 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040629.EXE 00516289 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051822.EXE 00516290 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040653.EXE 00516290 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP103\A0061403.EXE 00516291 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051796.DLL 00516291 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040648.DLL 00516293 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP81\A0040631.DLL 00516293 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{23F08A26-38FB-4A7A-96A8-388AD6A8D028}\RP98\A0051824.DLL 00517584 Trj/Shutdown.Z Virus/Trojan No 0 Yes No C:\SmitfraudFix\SmitfraudFix\RESTART.EXE 00517584 Trj/Shutdown.Z Virus/Trojan No 0 Yes No C:\SmitfraudFix.zip[smitfraudFix/restart.exe] ;=================================================================================================================================================================================== SUSPECTS Location ;=================================================================================================================================================================================== ;===================================================================================================================================================================================
  3. ok je viens de refaire un rapport apres l'avoir is à la racine : Logfile of HijackThis v1.99.1 Scan saved at 11:18:11, on 11/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.boursorama.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe Ps : la je suis en mode sans echec ........
  4. salut a vous pulpe et kevin avant tout merci de vous penher sur mon probleme desole mais j'ai deja fait ce que me demandait poulpe... et pour le moment ça n'a pas resolu mon probleme.. ci-joint nouveau rapport : Logfile of HijackThis v1.99.1 Scan saved at 09:53:26, on 11/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Acer\Empowering Technology\admServ.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Avast4\ashWebSv.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\acer\Empowering Technology\ePower\epm-dm.exe C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Acer\Empowering Technology\admtray.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\DOCUME~1\JEROME\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.boursorama.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe @+
  5. Bonjor tout le monde, Depuis peu mon pc RAM et j'ai remarqué que cela etait du à un commande de windows svchost.exe qui me prenait 99% de mon processeur. Ne sachant pas d'ou ça pouvait provenir j'ai fait un petit rapport hijack...si quelqu'un pouvait me dire si ça vient d'un virus ou pas ..........MERCI d'avance @+ Logfile of HijackThis v1.99.1 Scan saved at 06:27:25, on 11/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Acer\Empowering Technology\admServ.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\acer\Empowering Technology\ePower\epm-dm.exe C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Acer\Empowering Technology\admtray.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe C:\WINDOWS\System32\svchost.exe C:\DOCUME~1\JEROME\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.boursorama.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0 O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZS O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
  6. salut charles... ça y est enfin...........suffisait de virer kerio.....peut-etre radical mais maintenat ça marche avec le pack SP2 j'espere qu'il y aura moins d'attaque. J'ai gardé ewido et virer avast, bon choix ???? Merci encore pour ton aide...heureusemnt qu'il y a des gens comme toi....ça devient rare de trouver qq ki t'aide gracieusement de nos jours Bonne continuation à toute votre equipe en esperant pas avoir à revenir de sitot merci @+ jeje
  7. salut charles, j'ai executé ta commande.a la fin , lça m'a redonné la main dans la fenetre ms-dos mais pas de message particulier ? sinon j'ai refait ma connexion et tout et tout mais toujour srien. Je pense à une chose......on a bloqué tous les ports avec zebprotect..le probleme viendrais pas de là ? Vais verifier quels ports sont utilisés pour ma connexion.......te tiens au courant @+
  8. Salut charles, ça y est me revoilou avec mes tits pbs !!. Bon apres avoir bien mangé et bien bu ce We, me suis remis sur ce foutu PC ! J'ai relancé killbox et ça a marché .......sauf que ça n'a rien effacé dans la base don j'ai tout viré à la main . Pour la connexion,comme c'est une connexion " acces à distance" je peux pas faire reparer . Donc suis aller voir dans le journal et j'ai trouvé l"erreur suivante : Application défaillante lsass.exe, version 5.1.2600.1106, module défaillant kernel32.dll, version 5.1.2600.1106, adresse de défaillance 0x0000f459 et comme je suis resté la connexion etablie un peu de temps .....hop j'ai eu ce message d'avast : voili voilere les dernieres nouvelles. J'espere que ton We c'est bien passé et que tu es plein de bonnes idées lol @+
  9. salut charles, Je ne suis pas là du We donc je vais faire ces manips dimanche soir seulement.. Merci encore et bon WE ! @+
  10. sans pitié mais ça marche pas ....message d'erreur de killbox J'ai verifié, les cles existent encore.. Si faut vraiment tout virer je peux faire une recherche dans la base de registre pour chaque fichier et les virer manuellement..? On peut essayer de voir pour la conenction stp ? MErci charles @+ Entre temps j'ai refait un rapport hijackthis : il y a une ligne 04 avec fichier dumprep bizarre ?..j'ai trouvé aussi ce fichier dans easyclean en regardant dans "demarrage" et ce fichier etait en rouge acr soit disant inexistant?? voici le rapport : C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\system\blank.htm O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\avast\ashDisp.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\avast\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\avast\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\avast\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\avast\ashWebSv.exe" /service (file missing) O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - E:\Program Files\kerio\Personal Firewall 4\kpf4ss.exe
  11. Je m'en vais de ce pas tout supprimer !! @+
  12. Inetc32 etait revenu dans system32, je l'ai scanné avec Ewido et avast et ils ont rien trouvé...faut le supprimer quand meme ? PS: meme si j'ai encore un ou deux virus qui trainent, je les avaient avant et ma connexion marchait ...ça ne fait pas de mal de nettoyer à fond maisne ferait-on pas fausse route pour la connexion ?? Ci-joitn un aperçu de la configuration de kerio ( ke je connais pas du tout ) peux-tu me dire si tout est ok ?......merci encore et desole de t'embeter autant !!! Je peux pas faire de scanne en ligne sur ce disque car il est pas reconnu sous win98 (surement du à mauvaise config de ma part au depart) dois quitter desole bonne soiree @+
  13. En effet je vais attendre l'avis de charles mais c'est surement des restant de virus que j'avias qui se sont mis dans les comptes supplementaires au niveau de la base de registre ! Merci megataupe @+ Ok je vais virer tout ça , de toute façon ça marchera pas moins bien !!
×
×
  • Créer...