coincoinzecanard

ca marche pas

J'ai toujours pas reussi a supprimer cryptimg: http://img406.imageshack.us/img406/3049/cryptimgpi4.jpg nom utilisateur PCBENOIT Voila

J'ai fais ce que tu m'as dit, mais quand je veux supprimer cryptimg il me dit impossible de supprimer.

Voila le lien de l'erreur que j'ai pour mieux t'éclairer !!! http://img91.imageshack.us/img91/410/erreu...argementnj6.jpg

Non je n'ai pas eu de message d'erreur juste les 2 messages d'indication normal !!!

Voila les rapports regsearch et Hijackthis : Windows Registry Editor Version 5.00 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.2.0 ; Results at 19/02/2007 14:20:01 for strings: ; 'uvgj_i.dll' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] "000"="uvgj_i.dll" ; End Of The Log... Logfile of HijackThis v1.99.1 Scan saved at 14:17:51, on 19/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\WINDOWS\system32\mspaint.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe" O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163844207998 O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecampus.com/bin/tol9inst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EE6C3D-0CFB-4741-AB6B-1B8527FC1F57}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E06A1A5B-A948-470E-A1E9-F86AB276C340}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{EEDC4E66-A8D1-4630-8645-60331563AD7D}: NameServer = 80.10.246.1 80.10.246.132 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: cryptimg - cryptimg.dll (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing) PS: c'est possible d'inserer une image dans le post ?

Re J'ai pas trouvé le fichier uvgj_i en appliquant la processure que tu m'avais donné. Voila le nouveau rapport Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 22:07:24, on 18/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Hijackthis\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe" O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163844207998 O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecampus.com/bin/tol9inst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EE6C3D-0CFB-4741-AB6B-1B8527FC1F57}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E06A1A5B-A948-470E-A1E9-F86AB276C340}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{EEDC4E66-A8D1-4630-8645-60331563AD7D}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: cryptimg - cryptimg.dll (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing)

Re Voila le rapport Hijackthis ainsi que le rapport silent runner. GL Logfile of HijackThis v1.99.1 Scan saved at 18:51:18, on 18/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe" O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163844207998 O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecampus.com/bin/tol9inst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EE6C3D-0CFB-4741-AB6B-1B8527FC1F57}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E06A1A5B-A948-470E-A1E9-F86AB276C340}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{EEDC4E66-A8D1-4630-8645-60331563AD7D}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: cryptimg - cryptimg.dll (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing) "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS] "WOOKIT" = "C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=" [empty string] "Steam" = ""c:\program files\valve\steam\steam.exe" -silent" ["Valve Corporation"] "msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"" ["Nero AG"] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "Logitech Utility" = "Logi_MwX.Exe" ["Logitech Inc."] "RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."] "ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay" [null data] "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."] "SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."] "WooCnxMon" = "C:\PROGRA~1\Wanadoo\CnxMon.exe" [empty string] "SpeedTouch USB Diagnostics" = ""C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon" ["THOMSON"] "WOOWATCH" = "C:\PROGRA~1\Wanadoo\Watch.exe" ["France Télécom R&D"] "WOOTASKBARICON" = "C:\PROGRA~1\Wanadoo\TaskbarIcon.exe" ["France Télécom R&D"] "KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 -k" "NeroFilterCheck" = "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" ["Nero AG"] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."] "amd_dc_opt" = ""C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"" [null data] "kav" = ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"" ["Kaspersky Lab"] "DAEMON Tools" = ""C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033" ["DT Soft Ltd."] "!AVG Anti-Spyware" = ""C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized" ["Anti-Malware Development a.s."] HKLM\Software\Microsoft\Active Setup\Installed Components\ {306D6C21-C1B6-4629-986C-E59E1875B8AF}\(Default) = (no title provided) \StubPath = ""C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "AcroIEHlprObj Class" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."] {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489}\(Default) = (no title provided) -> {HKLM...CLSID} = "Alcohol Toolbar Helper" \InProcServer32\(Default) = "C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll" [null data] {9394EDE7-C8B5-483E-8773-474BF36AF6E4}\(Default) = (no title provided) -> {HKLM...CLSID} = "ST" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll" [MS] {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided) -> {HKLM...CLSID} = "MSNToolBandBHO" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll" [MS] {FFFFFEF0-5B30-21D4-945D-000000000000}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\PROGRA~1\STARDO~1\SDIEInt.dll" [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration" -> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] "{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension" -> {HKLM...CLSID} = "SimpleShlExt Class" \InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string] "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu" -> {HKLM...CLSID} = "Portable Media Devices Menu" \InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS] "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes" -> {HKLM...CLSID} = "iTunes" \InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "Mes dossiers de partage" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0812.00.dll" [MS] "{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler" -> {HKLM...CLSID} = "NeroDigitalIconHandler Class" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] "{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler" -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] "{85E0B171-04FA-11D1-B7DA-00A0C90348D6}" = "Web Anti-Virus" -> {HKLM...CLSID} = "Web Anti-Virus" \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "AVG Anti-Spyware 7.5" -> {HKLM...CLSID} = "CShellExecuteHookImpl Object" \InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" ["Anti-Malware Development a.s."] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."] <<!>> cryptimg\DLLName = "cryptimg.dll" [file not found] <<!>> klogon\DLLName = "C:\WINDOWS\System32\klogon.dll" ["Kaspersky Lab"] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler" -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}" -> {HKLM...CLSID} = "CContextScan Object" \InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."] Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}" -> {HKLM...CLSID} = "CContextScan Object" \InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "DisableRegistryTools" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to registry editing tools} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "%APPDATA%\Mozilla\Firefox\Fond d'écran.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Fond d'écran.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS] Enabled Scheduled Tasks: ------------------------ "AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task" ["Apple Computer, Inc."] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 26 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" -> {HKLM...CLSID} = "MSN" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll" [MS] "{ED4BD629-C1B6-4399-8A34-02CCAA921DC9}" -> {HKLM...CLSID} = "Alcohol Toolbar" \InProcServer32\(Default) = "C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll" [null data] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = "0" -> {HKLM...CLSID} = "MSN" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll" [MS] "{ED4BD629-C1B6-4399-8A34-02CCAA921DC9}" = "Alcohol Toolbar" -> {HKLM...CLSID} = "Alcohol Toolbar" \InProcServer32\(Default) = "C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll" [null data] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}\(Default) = "Volet Wanadoo" Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar] InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string] HKLM\Software\Classes\CLSID\{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}\(Default) = "ToolBand Class" Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar] InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string] HKLM\Software\Classes\CLSID\{5BF498C0-931E-4A4F-B33F-456D07137EAA}\(Default) = "Volet Wanadoo" Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar] InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string] HKLM\Software\Classes\CLSID\{85E0B171-04FA-11D1-B7DA-00A0C90348D6}\(Default) = "Web Anti-Virus" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"] Extensions (Tools menu items, main toolbar menu buttons) HKCU\Software\Microsoft\Internet Explorer\Extensions\ {1462651F-F4BA-4C76-A001-C4284D0FE16E}\ "ButtonText" = "Wanadoo" "Exec" = "http://www.wanadoo.fr" [file not found] HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Console Java (Sun)" "CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.5.0_06" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\ "ButtonText" = "Web Anti-Virus" Miscellaneous IE Hijack Points ------------------------------ C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings") Added lines (compared with English-language version): [strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/" Missing lines (compared with English-language version): [strings]: 1 line HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\ <<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided) -> {HKLM...CLSID} = "Search Class" \InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\SEARCH~1.DLL" [empty string] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."] AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe" ["Anti-Malware Development a.s."] iPod Service, iPod Service, ""C:\Program Files\iPod\bin\iPodService.exe"" ["Apple Computer, Inc."] Kaspersky Anti-Virus 6.0, AVP, ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r" ["Kaspersky Lab"] LightScribeService Direct Disc Labeling Service, LightScribeService, ""C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"" ["Hewlett-Packard Company"] Service Messenger Sharing USN Journal Reader, usnsvc, "C:\WINDOWS\System32\svchost.exe -k usnsvc" {"C:\Program Files\MSN Messenger\usnsvc.dll" [MS]} StarWind iSCSI Service, StarWindService, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"] ---------- <<!>>: Suspicious data at a malware launch point. <<H>>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 1056 seconds, including 8 seconds for message boxes)

Voila le rapport killbox et le rapport Hijackthis : Pocket Killbox version 2.0.0.881 Running on Windows XP as Administrateur(Administrator) was started @ dimanche, février 18, 2007, 4:39 PM Killbox Closed(Exit) @ 4:39:05 PM __________________________________________________ Pocket Killbox version 2.0.0.881 Running on Windows XP as Administrateur(Administrator) was started @ dimanche, février 18, 2007, 4:41 PM # 1 [Delete on Reboot] Path = C:\WINDOWS\system32\cryptimg.dll I Rebooted @ 4:49:00 PM Killbox Closed(Exit) @ 4:49:00 PM __________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 16:59:03, on 18/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe" O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163844207998 O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecampus.com/bin/tol9inst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EE6C3D-0CFB-4741-AB6B-1B8527FC1F57}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E06A1A5B-A948-470E-A1E9-F86AB276C340}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{EEDC4E66-A8D1-4630-8645-60331563AD7D}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: cryptimg - cryptimg.dll (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing) petite parenthèse jai ce message d'erreur qui s'affiche au démarage du pc j'arrive pas à inserer l'image du coup jecrit le message: RUNDLL (croix blanche sur fond rouge) Erreur de chargement de C:\WINDOWS\system32\uvgj_i.dll Le module spécifié est introuvable

Voila j'ai fais la manip mais ce fichier a l'air corriace !!! Logfile of HijackThis v1.99.1 Scan saved at 16:24:29, on 18/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe" O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163844207998 O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecampus.com/bin/tol9inst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EE6C3D-0CFB-4741-AB6B-1B8527FC1F57}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E06A1A5B-A948-470E-A1E9-F86AB276C340}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{EEDC4E66-A8D1-4630-8645-60331563AD7D}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: cryptimg - C:\WINDOWS\SYSTEM32\cryptimg.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing)

J'ai redemaré en mode ss echec, j'ai lancé Hijackthis j'ai coché la case qui pose problème. J'ai ensuite fais Fix checked sans succès. Le fichier se trouve toujours à son emplacement initial C:\WINDOWS\SYSTEM32\cryptimg.dll

Re, Voila j'ai fais ce que tu m'a demandé: superutilbar et ²Æ¸»Í¨ n'etaient pas present dans ajouter/suppr de prgm je n'ai pas trouvé C:\WINDOWS\system32\ atsldr.dll<== le fichier J'ai bien rennomer C:\WINDOWS\System32\drivers\ttp.exe en .old (cependant il s'appelait ttp.exe~, juste un detail comme je sais pas ce que signfie ~ alors je l'ai enlevé) Voici les rapports AVG et Hijackthis PS: à la fin de la proccedure de nettoyage précise moi les programme que je doit garder ce que je dois desinstaller, les réglages que je doit reinitialiser. --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 13:29:46 18/02/2007 + Résultat de l'analyse: C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308955.dll -> Adware.Maxifiles : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3M4OUKC4\122[1].net -> Adware.Softomate : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\HTPG0PE3\130[1].net -> Adware.Softomate : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\RATIXW9Y\131[1].net -> Adware.Softomate : Nettoyé. C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308782.dll -> Adware.Softomate : Nettoyé. C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308777.DLL -> Backdoor.Agent.ahj : Nettoyé. C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308796.EXE -> Backdoor.Agent.ahj : Nettoyé. C:\Program Files\Fichiers communs\{5433AEA7-07DA-1036-0708-050923050021}\Update.exe -> Downloader.Agent : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\RATIXW9Y\auto18[1].exe -> Downloader.Agent.bgg : Nettoyé. C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308798.exe -> Downloader.Agent.bgg : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3M4OUKC4\stat[1].htm -> Downloader.AQM : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\HTPG0PE3\stat[1].htm -> Downloader.AQM : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3M4OUKC4\1976[1].htm -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DT7C2FSX\popup_code[1].php -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\E3MY35SC\popup_code[3].php -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\HTPG0PE3\1976[1].htm -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\RATIXW9Y\1976[1].htm -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\RATIXW9Y\popup_code[1].php -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WDGNCK17\popup_code[1].php -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WDGNCK17\popup_code[3].php -> Downloader.IstBar.ai : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\YQIMAB7S\popupjs[1].htm -> Downloader.IstBar.ai : Nettoyé. C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308795.exe -> Downloader.Small.ecr : Nettoyé. C:\WINDOWS\system32\drivers\Reg.exe -> Downloader.Zlob : Nettoyé. C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308799.dll -> Logger.Agent.pn : Nettoyé. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\YQIMAB7S\obrmuab[1].txt -> Proxy.Dlena.ca : Nettoyé. C:\System Volume Information\_restore{CE96B181-23B0-4810-8526-E2884235E148}\RP251\A0308783.dll -> Proxy.Dlena.ca : Nettoyé. :mozilla.130:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.131:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.132:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.133:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.118:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.134:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.135:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.136:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.137:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.138:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.139:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.140:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.141:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.142:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.143:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.144:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.145:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.146:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.147:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.148:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.149:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.150:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.151:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.152:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.153:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.734:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.177:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.178:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.179:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.180:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.98:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.99:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.10:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.19:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.8:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.9:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.54:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé. :mozilla.102:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.897:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé. :mozilla.373:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.374:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.304:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Com : Nettoyé. :mozilla.911:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.912:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.913:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.439:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.233:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.936:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.915:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyé. :mozilla.725:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.726:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.741:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.737:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Paycounter : Nettoyé. :mozilla.185:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.186:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.187:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.188:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.764:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé. :mozilla.765:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé. :mozilla.265:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.792:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.793:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.794:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.795:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.796:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.319:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.320:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.321:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.322:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.323:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.324:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.325:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.326:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.327:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.328:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.329:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.330:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.331:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.332:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.333:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.334:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.335:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.336:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.337:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.338:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.339:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.340:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.341:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.342:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.343:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.344:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.345:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.346:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.347:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.348:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.349:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.350:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.351:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.352:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.353:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.354:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.355:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.356:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.357:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.358:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.359:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.360:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.361:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.362:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.363:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.364:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.365:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.366:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.367:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.368:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé. :mozilla.112:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.113:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.114:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.115:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.116:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.820:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.821:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.822:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.47:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.48:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.829:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé. :mozilla.836:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé. :mozilla.860:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.861:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.862:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.893:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.894:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.895:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.896:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rwnlhfjo.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. C:\Documents and Settings\Administrateur\Mes documents\Downloads\daemon.exe -> Trojan.Small : Nettoyé. Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 13:35:43, on 18/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe" O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163844207998 O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecampus.com/bin/tol9inst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EE6C3D-0CFB-4741-AB6B-1B8527FC1F57}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E06A1A5B-A948-470E-A1E9-F86AB276C340}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: cryptimg - C:\WINDOWS\SYSTEM32\cryptimg.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing) @+

Je ne vois pas du tout ce que ca pourrait etre, et quand je fais click droit proprietes il y a2 onglet (general et resume). J'ai essayé de l'ouvrir mais comme kaspersky m'a demandé l'autorisation d'executer le programme j'ai préféré ne pas le faire voila !!!

j'ai fais ce que tu m'a demandé mais le site virusscan ne fait pas de rapport c quoi que je suis censé te faire parvenir ? je met ca au cas ou .... AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing VirusBuster Found nothing VBA32 Found nothing

voila le resultat : The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file