kugi15

voici un rapport plus recent après quelque manipulation mais je n'ai toujours pas reussis a lancer Fixwareout Logfile of HijackThis v1.99.1 Scan saved at 21:41:55, on 20/01/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\System32\Utility.exe \1008 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Display Control Panel] C:\DispCtrl-2000\vi_grm.exe O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [keybdll] startman.exe O4 - HKLM\..\Run: [sYSTRAV] prgsys0984.exe O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Microsoft messenger] msnger.exe O4 - HKLM\..\Run: [Microsoft Conference] msconf.exe O4 - HKLM\..\Run: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe O4 - HKLM\..\Run: [elitemedia] C:\WINDOWS\elitemediapop.exe O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\pwriyk.exe reg_run O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe" O4 - HKLM\..\Run: [{07-73-3E-EC-ZN}] C:\windows\system32\rqdsregj.exe FI002 O4 - HKLM\..\Run: [browserUpdateSched] C:\WINDOWS\System32\swinrsap.exe FI002 O4 - HKLM\..\Run: [Microsoft Configu] msconfigu.exe O4 - HKLM\..\RunServices: [Microsoft Conference] msconf.exe O4 - HKLM\..\RunServices: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKLM\..\RunServices: [Microsoft Configu] msconfigu.exe O4 - HKLM\..\RunServices: [Microsoft messenger] msnger.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [desktop] C:\WINDOWS\System32\idemlog.exe O4 - HKCU\..\Run: [userSp1] mozilla-text.exe O4 - HKCU\..\Run: [slamm] SetupExeDll.exe O4 - HKCU\..\Run: [sYSTRAV] trycrt.exe O4 - HKCU\..\Run: [Microsoft Conference] msconf.exe O4 - HKCU\..\Run: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKCU\..\Run: [Microsoft Configu] msconfigu.exe O4 - HKCU\..\Run: [Microsoft messenger] msnger.exe O4 - HKCU\..\RunServices: [Microsoft messenger] msnger.exe O4 - HKCU\..\RunServices: [Microsoft Conference] msconf.exe O4 - HKCU\..\RunServices: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKCU\..\RunServices: [Microsoft Configu] msconfigu.exe O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\swinrsap.exe O4 - Startup: Z_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O15 - Trusted Zone: *.elitemediagroup.net O15 - Trusted Zone: http://click.getmirar.com (HKLM) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/Bridge-c139.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DCF163AC-53CD-4E78-9C2A-762D4A46B86E}: NameServer = 195.238.2.21 195.238.2.22 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Windows XP Advanced User Launcher - Unknown owner - C:\WINDOWS\winlogon.exe (file missing)

quand j'ai essayer de lancer FixWareout j'ai eu un message d 'erreur " acces refusé " puis j'ai reessayer et maintenant il ne se lance plus du tout

ok merci je fais ca tout de suite je dis quoi apres

bonsoir a tous j'envois ce message pour une demande d 'analyse pour un pc assez infecter: nombreux bug , impossible d'ouvrir le gestionnaire de tache , quelques problemes avec Lsass Merci voici le rapport : Logfile of HijackThis v1.99.1 Scan saved at 20:05:01, on 20/01/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Zango Search Assistant Helper - {56F1D444-11BF-4879-A12B-79CF0177F038} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: (no name) - {EA0D26BD-9029-431A-86E0-83152D67828A} - (no file) O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\System32\Utility.exe \1008 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Display Control Panel] C:\DispCtrl-2000\vi_grm.exe O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [keybdll] startman.exe O4 - HKLM\..\Run: [sYSTRAV] prgsys0984.exe O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Microsoft messenger] msnger.exe O4 - HKLM\..\Run: [Microsoft Conference] msconf.exe O4 - HKLM\..\Run: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe O4 - HKLM\..\Run: [elitemedia] C:\WINDOWS\elitemediapop.exe O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\pwriyk.exe reg_run O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe" O4 - HKLM\..\Run: [{07-73-3E-EC-ZN}] C:\windows\system32\rqdsregj.exe FI002 O4 - HKLM\..\Run: [browserUpdateSched] C:\WINDOWS\System32\swinrsap.exe FI002 O4 - HKLM\..\Run: [Microsoft Configu] msconfigu.exe O4 - HKLM\..\RunServices: [Microsoft messenger] msnger.exe O4 - HKLM\..\RunServices: [Microsoft Conference] msconf.exe O4 - HKLM\..\RunServices: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKLM\..\RunServices: [Microsoft Configu] msconfigu.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [desktop] C:\WINDOWS\System32\idemlog.exe O4 - HKCU\..\Run: [userSp1] mozilla-text.exe O4 - HKCU\..\Run: [slamm] SetupExeDll.exe O4 - HKCU\..\Run: [sYSTRAV] trycrt.exe O4 - HKCU\..\Run: [Microsoft messenger] msnger.exe O4 - HKCU\..\Run: [Microsoft Conference] msconf.exe O4 - HKCU\..\Run: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKCU\..\Run: [Microsoft Configu] msconfigu.exe O4 - HKCU\..\RunServices: [Microsoft messenger] msnger.exe O4 - HKCU\..\RunServices: [Microsoft Conference] msconf.exe O4 - HKCU\..\RunServices: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKCU\..\RunServices: [Microsoft Configu] msconfigu.exe O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\swinrsap.exe O4 - Startup: Z_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll O15 - Trusted Zone: *.elitemediagroup.net O15 - Trusted Zone: http://click.getmirar.com (HKLM) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab O16 - DPF: {4E7BD74F-2B8D-469E-D7EC-ED6DB68DFA7D} - http://www.xbarre.com/barre/xbarre.cab O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemediagroup.net/cabs/mediaview.cab O16 - DPF: {CA356D79-679B-4B4C-8E49-5AF97014F4C1} - http://files-pl.starware.com/installs/4.0....tarware_323.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{744C6F5A-E269-442A-BD1F-C4763105E83E}: NameServer = 85.255.114.56,85.255.112.138 O17 - HKLM\System\CCS\Services\Tcpip\..\{869443FC-00EE-4214-90F0-66CAB7BDC2EC}: NameServer = 85.255.114.56,85.255.112.138 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Windows XP Advanced User Launcher - Unknown owner - C:\WINDOWS\winlogon.exe (file missing)

je ne sais pas mais je te conseille fortement de pas y toucher

Aie c'est bon j'ai trouver Type de connexion : Belgacom ADSL Go Volume mensuel de base : Volume mensuel utilisé 10 GB sur 10 GB (0 GB restants). Vous avez atteint la limite maximum des volumes de transfert qui vous sont alloués, votre vitesse est maintenant limitée à 64 Kbps

non je l'ai pas apellé mais je viens de voir sur cet page ICI que quelqu'un dit que c 'est a cause du dépassement de quota de upload/download et que il te rallentissent a 64K en download donc je fais un test de bande passante de ce site ICI et voici le resultat : Votre Bande Passante 69.538 Kbps (8.692 Ko/sec)

skynet

Bonjour a tous, donc voici mon probleme: depuis hier soir j'ai eu une perte soudaine de vitesse sur internet; je dispose d'une connexion 4,6 Mbits/s et pour le moment chaque page me prend 20 sec a charger et je telecharge à 5ko/sec! ........ j'ai reinstaller l' ADSL mais rien na évoluer... Avez-vous une solution??

je perd

quand j 'ai telecharger des programme genre: Ewido , Spybot , CCleaner, Zone Alarm je nai pas eu de probleme mais quand jessais de telecharger une demo d'un jeu sur jeuxvideo.fr , vers 90 % je perd la connexion

oui enfin une fenetre apparait me disant que jai perdu le signal ADSL quand je clik OK elle revient 5 seconde apres et je suis obliger de redémarrer

pour le moment non, mais quand je veut telecharger un programme ( demo d un jeu) au bout de 90% je perd le signal ADSL pense tu que la réinstallation de l ' ADSL peut regler ça ?

voila : Logfile of HijackThis v1.99.1 Scan saved at 14:17:16, on 3/12/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVGUARD.EXE C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\Program Files\ewido\security suite\ewidoctrl.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Softwin\BitDefender8\bdmcon.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\WINDOWS\System32\NotifyPhoneBook.exe C:\Program Files\Softwin\BitDefender8\bdnagent.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender8\vsserv.exe C:\WINDOWS\System32\wpabaln.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [bDMCon] C:\Program Files\Softwin\BitDefender8\\bdmcon.exe O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [bDNewsAgent] C:\Program Files\Softwin\BitDefender8\\bdnagent.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{07A0490B-7FE7-4140-A2F3-477256ED1D8D}: NameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{07A0490B-7FE7-4140-A2F3-477256ED1D8D}: NameServer = 195.238.2.21 195.238.2.22 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: ÐHsockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

ok je fais ça tous de suite Logfile of HijackThis v1.99.1 Scan saved at 13:33:33, on 3/12/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [bDMCon] C:\Program Files\Softwin\BitDefender8\\bdmcon.exe O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [bDNewsAgent] C:\Program Files\Softwin\BitDefender8\\bdnagent.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: ÐHsockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe