Aller au contenu

Robin'$

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    18

  • Inscription

  • Dernière visite

Tout ce qui a été posté par Robin'$

  1. Robin'$
    Je ne comprends pas ton message ?!!!!!
  2. Robin'$
    merci bien, je pense aussi à bruce lee, tesgaz, ipl 001, et biensur lomaster et toi megataupe ... Cest la première fois que j'utilise ce principe, j'en suis trés étonné de son efficacité! Bravo à tous! Au fait pour le fameux pare feux lequel est efficace? Tu dois vraiment avoir marre de moi ...
  3. Robin'$
  4. Robin'$
    merci megataupe, peut tu juste me dire quel antivirus tu me conseille ? et comment dois je faire pour mettre a jour windows? Merci encore
  5. Robin'$
    merci pour le fond d'écran smitfraudfix m'a fait ce qu'il fallait pour ma page d'accueil j'ai du desinstaller ASC ... Maintenant pouvez vous me dire quels logiciels je dois installer pour : antivirus, firewall, nettoyage ...
  6. Robin'$
    Bonne nuit, pour le pare feu lequel me conseille tu ? Voici les disfonctionnements que je vois : - Fond écran impossible a changer ! - Quand je me connecte à internet automatiquement j’ai un site « diffuz.com » même en changeant dans les options, cette page revient toujours ! Logiciels: J’ai un logiciel A.S.C. "pour nettoyer" est-il efficace ? Si non en plus de norton quels logiciels complémentaires il faudrait que j’installe pour éviter de retomber dans une telle situation ? On m'a dit que copersky est meilleur que norton ?!! Les logiciels qui m’ont servis pour nettoyer l’ordi comme : CCleaner, Spy Sweeper, HijackThis, ewido, est ce que je dois les conserver ?
  7. Robin'$
    voici le rapport : Logfile of HijackThis v1.99.1 Scan saved at 23:57:44, on 30/12/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.diffuz.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe Désolé c celui ci le dernier : Logfile of HijackThis v1.99.1 Scan saved at 00:00:27, on 31/12/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.diffuz.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  8. Robin'$
    OK c pas grave, merci beaucoup pour de m'avoir accorder tant de temps. A bientot.
  9. Robin'$
    Je te remercie de ta patience mais qu'entends tu par finir le nettoyage ?
  10. Robin'$
    voici le rapport en mode normal : Logfile of HijackThis v1.99.1 Scan saved at 19:11:50, on 30/12/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Avant Browser\avant.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.diffuz.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\RunOnce: [Panda_cleaner_146801] C:\WINDOWS\System32\ActiveScan\pavdr.exe 146801 O4 - Global Startup: Adobe Reader Speed Launch.lnk = ? O8 - Extra context menu item: Bloquer ce serveur... - C:\Program Files\Avant Browser\AddAllToADBlackList.htm O8 - Extra context menu item: Bloquer cette publicité... - C:\Program Files\Avant Browser\AddToADBlackList.htm O8 - Extra context menu item: Ouvrir dans une nouvelle fenêtre d'Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\Program Files\Avant Browser\OpenAllLinks.htm O8 - Extra context menu item: Rechercher sur le Web... - C:\Program Files\Avant Browser\Search.htm O8 - Extra context menu item: Surligner - C:\Program Files\Avant Browser\Highlight.htm O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EE39DEA8-78F0-4527-B1C1-19174FAD5ED1}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  11. Robin'$
    Voici le rapport en ligne de panda: Incident Statut Analyse Adware:adware/secure32 Non désinfecté C:\secure32.html Adware:Adware/Abox Non désinfecté C:\WINDOWS\ABox.exe Adware:adware/antivirus-gold Non désinfecté C:\WINDOWS\desktop.html Virus:Trj/Zapchast.D Désinfecté C:\WINDOWS\system32\c.bat Virus:Trj/Qhost.gen Désinfecté C:\WINDOWS\system32\drivers\etc\hosts Virus:W32/Sdbot.ftp Désinfecté C:\WINDOWS\system32\i Adware:adware/wupd Non désinfecté C:\WINDOWS\system32\ide21201.vxd Virus:Trj/Delf.VO Désinfecté C:\WINDOWS\system32\msupdate32.dll Virus:Trj/Delf.VP Désinfecté C:\WINDOWS\tool1.exe Adware:adware/ezula Non désinfecté C:\WINDOWS\woinstall.exe et maintenant que dois faire? un coup de hijackthis ?
  12. Robin'$
    Que dois-je faire maintenant ?
  13. Robin'$
    Voici le rapport ewido : --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 17:15:01, 30/12/2005 + Somme de contrôle: 90E0BA93 + Résultats du scan: HKLM\SOFTWARE\Avenue Media -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\anything -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\anything\cf1 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 -> Spyware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07} -> Spyware.SaveNow : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F} -> Spyware.ISTBar : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{4D6CED50-D6AE-40DA-B87F-235593FC1F28} -> Spyware.NavExcel : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E1357} -> Spyware.NaviSearch : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E2468} -> Spyware.NaviSearch : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E5678} -> Spyware.BargainBuddy : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564EA119} -> Spyware.CashBack : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{C285D18D-43A2-4AEF-83FB-BF280E660A97} -> Spyware.SaveNow : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED11357} -> Spyware.NaviSearch : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED12468} -> Spyware.NaviSearch : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED14177} -> Spyware.BargainBuddy : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED15678} -> Spyware.BargainBuddy : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\TypeLib\{014DA6C0-189F-421A-88CD-07CFE51CFF10} -> Spyware.BargainBuddy : Nettoyer et sauvegarder HKLM\SOFTWARE\eXactUtil -> Spyware.BargainBuddy : Nettoyer et sauvegarder HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Nettoyer et sauvegarder C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.dll -> Trojan.Agent.bu : Nettoyer et sauvegarder C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.dll -> Logger.Small.dg : Nettoyer et sauvegarder C:\Program Files\MySearch\bar\1.bin\MYWAYPLUGINPROXY.CLASS -> Spyware.MyWay : Nettoyer et sauvegarder C:\Program Files\MySearch\bar\1.bin\NPMYSRCH.DLL -> Spyware.MyWay : Nettoyer et sauvegarder C:\Program Files\MySearch\bar\1.bin\NPMYWAY.DLL -> Spyware.MyWay : Nettoyer et sauvegarder C:\temp\WebRebates_Auto_InstallSilent_Euro.exe -> Spyware.WebRebates.g : Nettoyer et sauvegarder C:\WINDOWS\country.exe -> Trojan.Small : Nettoyer et sauvegarder C:\WINDOWS\hosts -> Trojan.Qhost.el : Nettoyer et sauvegarder C:\WINDOWS\kl.exe -> Trojan.Agent.bu : Nettoyer et sauvegarder C:\WINDOWS\system32\bbchk.exe -> Spyware.BargainBuddy : Nettoyer et sauvegarder C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CDEBODQJ\mb45u[1].exe -> Dropper.Delf.qf : Nettoyer et sauvegarder C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ZT2VSX27\test[1].exe -> Spyware.Hijacker.Generic : Nettoyer et sauvegarder C:\WINDOWS\system32\drivers\df_kmd.sys -> Trojan.Rootkit.Agent.af : Nettoyer et sauvegarder C:\WINDOWS\system32\ioqppsp.dll -> Downloader.Qoologic.ax : Nettoyer et sauvegarder C:\WINDOWS\system32\jskddvv.exe -> Downloader.Qoologic.ax : Nettoyer et sauvegarder C:\WINDOWS\system32\kegrr.dll -> Downloader.Qoologic.ax : Nettoyer et sauvegarder C:\WINDOWS\system32\piyrrq.exe -> Downloader.Qoologic.ax : Nettoyer et sauvegarder C:\WINDOWS\system32\vgactl.cpl -> Downloader.Qoologic.at : Nettoyer et sauvegarder C:\WINDOWS\system32\waqbb.dat -> Downloader.Qoologic.ax : Nettoyer et sauvegarder C:\WINDOWS\system32\wuauclt.dll -> Downloader.Qoologic.at : Nettoyer et sauvegarder C:\WINDOWS\tool2.exe -> Not-A-Virus.Hoax.Win32.Renos.aj : Nettoyer et sauvegarder C:\WINDOWS\tool4.exe -> Trojan.Small : Nettoyer et sauvegarder C:\WINDOWS\tool5.exe -> Trojan.Small : Nettoyer et sauvegarder ::Fin du rapport
  14. Robin'$
    dans le doute je l'ai fais en mode sans echecs donc voici de dernier venu: Logfile of HijackThis v1.99.1 Scan saved at 16:00:20, on 30/12/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.diffuz.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - Global Startup: Adobe Reader Speed Launch.lnk = ? O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe c grave docteur ?
  15. Robin'$
    Est qu'il y a qq qui veut s'occuper d'un cas extrème ??!! salut merci de me repondre, je dois me remettre en mode sans echecs avant de lancer un rapport HijackThis ? salut merci de me repondre, je dois me remettre en mode sans echecs avant de lancer un rapport HijackThis ?
  16. Robin'$
    Merci pour les renseignements, j'ai essayé de faire ce que vous m'avez si gentillement indiqué, maintenant voici le rapport de Spy Sweeper ******** 15:03: | Début de session, vendredi 30 décembre 2005 | 15:03: Spy Sweeper démarrée 15:03: Analyse lancée avec la version des définitions 556 15:03: Démarrage de l’analyse de la mémoire 15:04: Analyse de la mémoire terminée, temps passé : 00:00:55 15:04: Démarrage de l’analyse du Registre 15:04: Trouvé Adware: 7adpower 15:04: HKLM\software\classes\typelib\{2617fc83-ceaf-41ca-ab75-33aad5d4fd0a}\ (9 traces secondaires) (ID = 102224) 15:04: HKCR\typelib\{2617fc83-ceaf-41ca-ab75-33aad5d4fd0a}\ (9 traces secondaires) (ID = 102269) 15:04: Trouvé Adware: abox 15:04: HKLM\software\carmen\ (8 traces secondaires) (ID = 102432) 15:04: Trouvé Adware: exact cashback/bargain buddy 15:04: HKLM\software\bargains\ (28 traces secondaires) (ID = 104012) 15:04: Trouvé Adware: blazefind 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/winservadx.dll\ (2 traces secondaires) (ID = 104527) 15:04: HKLM\software\cashback\ (48 traces secondaires) (ID = 105372) 15:04: Trouvé Adware: clkoptimizer 15:04: HKCR\clsid\{6ec11407-5b2e-4e25-8bdf-77445b52ab37}\ (6 traces secondaires) (ID = 105953) 15:04: HKCR\folder\shellex\columnhandlers\{6ec11407-5b2e-4e25-8bdf-77445b52ab37}\ (1 traces secondaires) (ID = 106021) 15:04: HKLM\software\classes\clsid\{6ec11407-5b2e-4e25-8bdf-77445b52ab37}\ (6 traces secondaires) (ID = 106049) 15:04: HKLM\software\classes\folder\shellex\columnhandlers\{6ec11407-5b2e-4e25-8bdf-77445b52ab37}\ (1 traces secondaires) (ID = 106116) 15:04: Trouvé Adware: ezula ilookup 15:04: HKCR\ezulaagent.ezulactrlhost.1\ (3 traces secondaires) (ID = 126152) 15:04: HKCR\ezulaagent.ezulactrlhost\ (5 traces secondaires) (ID = 126153) 15:04: HKCR\ezulaagent.plugprot.1\ (3 traces secondaires) (ID = 126156) 15:04: HKCR\ezulaagent.plugprot\ (5 traces secondaires) (ID = 126157) 15:04: HKCR\ezulaagent.toolbarband.1\ (3 traces secondaires) (ID = 126158) 15:04: HKCR\ezulaagent.toolbarband\ (3 traces secondaires) (ID = 126159) 15:04: HKCR\ezulamain.ezulasearchpipe.1\ (3 traces secondaires) (ID = 126178) 15:04: HKCR\ezulamain.ezulasearchpipe\ (5 traces secondaires) (ID = 126179) 15:04: HKCR\interface\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}\ (8 traces secondaires) (ID = 126182) 15:04: HKCR\interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}\ (8 traces secondaires) (ID = 126184) 15:04: HKCR\interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}\ (8 traces secondaires) (ID = 126185) 15:04: HKCR\interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}\ (8 traces secondaires) (ID = 126186) 15:04: HKCR\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}\ (8 traces secondaires) (ID = 126188) 15:04: HKCR\interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}\ (8 traces secondaires) (ID = 126190) 15:04: HKCR\interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}\ (8 traces secondaires) (ID = 126191) 15:04: HKCR\interface\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}\ (8 traces secondaires) (ID = 126193) 15:04: HKCR\interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}\ (8 traces secondaires) (ID = 126197) 15:04: HKCR\interface\{58359012-bf36-11d3-99a2-0050da2ee1be}\ (8 traces secondaires) (ID = 126200) 15:04: HKCR\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}\ (8 traces secondaires) (ID = 126202) 15:04: HKCR\interface\{ef0372dc-f552-11d3-8528-0050dab79376}\ (8 traces secondaires) (ID = 126203) 15:04: HKLM\software\classes\ezulaagent.ezulactrlhost\ (5 traces secondaires) (ID = 126239) 15:04: HKLM\software\classes\ezulaagent.plugprot\ (5 traces secondaires) (ID = 126241) 15:04: HKLM\software\classes\ezulaagent.toolbarband\ (3 traces secondaires) (ID = 126242) 15:04: HKLM\software\classes\ezulamain.ezulasearchpipe\ (5 traces secondaires) (ID = 126252) 15:04: HKLM\software\classes\interface\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}\ (8 traces secondaires) (ID = 126254) 15:04: HKLM\software\classes\interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}\ (8 traces secondaires) (ID = 126255) 15:04: HKLM\software\classes\interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}\ (8 traces secondaires) (ID = 126256) 15:04: HKLM\software\classes\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}\ (8 traces secondaires) (ID = 126258) 15:04: HKLM\software\classes\interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}\ (8 traces secondaires) (ID = 126260) 15:04: HKLM\software\classes\interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}\ (8 traces secondaires) (ID = 126261) 15:04: HKLM\software\classes\interface\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}\ (8 traces secondaires) (ID = 126263) 15:04: HKLM\software\classes\interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}\ (8 traces secondaires) (ID = 126268) 15:04: HKLM\software\classes\interface\{58359012-bf36-11d3-99a2-0050da2ee1be}\ (8 traces secondaires) (ID = 126271) 15:04: HKLM\software\classes\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}\ (8 traces secondaires) (ID = 126273) 15:04: HKLM\software\classes\interface\{ef0372de-f552-11d3-8528-0050dab79376}\ (8 traces secondaires) (ID = 126274) 15:04: HKLM\software\classes\typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}\ (9 traces secondaires) (ID = 126276) 15:04: HKLM\software\classes\typelib\{8a044396-5da2-11d4-b185-0050dab79376}\ (9 traces secondaires) (ID = 126279) 15:04: HKLM\software\classes\typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}\ (9 traces secondaires) (ID = 126282) 15:04: HKLM\software\classes\typelib\{baf13496-8f72-47a1-9cee-09238efc75f0}\ (9 traces secondaires) (ID = 126283) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\ezula\ (3 traces secondaires) (ID = 126298) 15:04: HKCR\typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}\ (9 traces secondaires) (ID = 126301) 15:04: HKCR\typelib\{8a044396-5da2-11d4-b185-0050dab79376}\ (9 traces secondaires) (ID = 126304) 15:04: HKCR\typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}\ (9 traces secondaires) (ID = 126307) 15:04: HKCR\typelib\{baf13496-8f72-47a1-9cee-09238efc75f0}\ (9 traces secondaires) (ID = 126308) 15:04: Trouvé Adware: hotbar 15:04: HKCR\interface\{3f04cbf7-cd62-4403-b090-b432dedcb159}\ (8 traces secondaires) (ID = 127325) 15:04: HKCR\interface\{8578d35e-c6c0-4808-9a80-0f6c29a2c423}\ (8 traces secondaires) (ID = 127339) 15:04: HKCR\interface\{bc190da5-0187-4d99-b3ac-6c45ea1b9324}\ (8 traces secondaires) (ID = 127353) 15:04: HKLM\software\classes\interface\{3f04cbf7-cd62-4403-b090-b432dedcb159}\ (8 traces secondaires) (ID = 127490) 15:04: HKLM\software\classes\interface\{8578d35e-c6c0-4808-9a80-0f6c29a2c423}\ (8 traces secondaires) (ID = 127503) 15:04: HKLM\software\classes\interface\{bc190da5-0187-4d99-b3ac-6c45ea1b9324}\ (8 traces secondaires) (ID = 127514) 15:04: HKLM\software\classes\typelib\{71efe583-62fe-4419-9918-ca3b683f7b36}\ (9 traces secondaires) (ID = 127543) 15:04: HKLM\software\classes\typelib\{b5901229-25cc-43c9-b604-3bb6ac2b48a5}\ (9 traces secondaires) (ID = 127555) 15:04: HKLM\software\classes\typelib\{c83daed4-0611-4f7a-978e-7feafcb2f91b}\ (9 traces secondaires) (ID = 127557) 15:04: HKLM\software\hbtools\ (7 traces secondaires) (ID = 127564) 15:04: HKLM\software\microsoft\internet explorer\explorer bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}\ (1 traces secondaires) (ID = 127569) 15:04: HKCR\typelib\{71efe583-62fe-4419-9918-ca3b683f7b36}\ (9 traces secondaires) (ID = 127641) 15:04: HKCR\typelib\{b5901229-25cc-43c9-b604-3bb6ac2b48a5}\ (9 traces secondaires) (ID = 127654) 15:04: HKCR\typelib\{c83daed4-0611-4f7a-978e-7feafcb2f91b}\ (9 traces secondaires) (ID = 127656) 15:04: Trouvé Adware: instant access 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/netslv32.dll\ (2 traces secondaires) (ID = 128806) 15:04: Trouvé Adware: internetoptimizer 15:04: HKCR\interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5}\ (8 traces secondaires) (ID = 128885) 15:04: HKLM\software\avenue media\ (75 traces secondaires) (ID = 128888) 15:04: HKLM\software\classes\interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5}\ (8 traces secondaires) (ID = 128896) 15:04: HKLM\software\microsoft\windows\currentversion\policies\ameopt\ (ID = 128912) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\kapabout\ (2 traces secondaires) (ID = 128924) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\rotue\ (ID = 128925) 15:04: HKLM\software\policies\avenue media\ (ID = 128929) 15:04: Trouvé Adware: ist istbar 15:04: HKCR\interface\{0e704ba4-c517-4be7-a1cd-c3ffda1e1ffe}\ (8 traces secondaires) (ID = 129062) 15:04: HKLM\software\classes\interface\{0e704ba4-c517-4be7-a1cd-c3ffda1e1ffe}\ (8 traces secondaires) (ID = 129085) 15:04: HKLM\software\classes\istbar.barobj\ (3 traces secondaires) (ID = 129094) 15:04: HKLM\software\classes\testcontentmatchcontrol1.contentmatchtag.1\ (3 traces secondaires) (ID = 129100) 15:04: HKLM\software\classes\testcontentmatchcontrol1.contentmatchtag\ (5 traces secondaires) (ID = 129101) 15:04: HKLM\software\classes\typelib\{67907b3c-a6ef-4a01-99ad-3fcd5f526429}\ (9 traces secondaires) (ID = 129103) 15:04: HKLM\software\classes\typelib\{e9a5b71c-093b-4f34-af07-34fca89ba0df}\ (9 traces secondaires) (ID = 129107) 15:04: HKLM\software\istbar\ (20 traces secondaires) (ID = 129110) 15:04: Trouvé Adware: ist software 15:04: HKLM\software\istsvc\ (24 traces secondaires) (ID = 129111) 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/istactivex.dll\ (2 traces secondaires) (ID = 129124) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\istbar\ (5 traces secondaires) (ID = 129181) 15:04: HKCR\testcontentmatchcontrol1.contentmatchtag.1\ (3 traces secondaires) (ID = 129185) 15:04: HKCR\testcontentmatchcontrol1.contentmatchtag\ (5 traces secondaires) (ID = 129186) 15:04: HKCR\typelib\{67907b3c-a6ef-4a01-99ad-3fcd5f526429}\ (9 traces secondaires) (ID = 129190) 15:04: HKCR\typelib\{e9a5b71c-093b-4f34-af07-34fca89ba0df}\ (9 traces secondaires) (ID = 129193) 15:04: Trouvé Adware: moneytree 15:04: HKCR\dyfuca_bh.sinkobj.1\ (3 traces secondaires) (ID = 135177) 15:04: HKCR\dyfuca_bh.sinkobj\ (5 traces secondaires) (ID = 135178) 15:04: HKCR\interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0}\ (8 traces secondaires) (ID = 135185) 15:04: HKLM\software\classes\typelib\{40b1d454-9ca4-43cc-86aa-cb175eac52fb}\ (9 traces secondaires) (ID = 135201) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\dyfuca\ (ID = 135214) 15:04: HKCR\typelib\{0be10b0d-b4db-4693-9b1f-9aead54d17dc}\ (9 traces secondaires) (ID = 135216) 15:04: HKCR\typelib\{40b1d454-9ca4-43cc-86aa-cb175eac52fb}\ (9 traces secondaires) (ID = 135217) 15:04: Trouvé Adware: navexcel navhelper 15:04: HKCR\appid\nhelper.dll\ (1 traces secondaires) (ID = 135511) 15:04: HKCR\appid\{710bcb5b-8c6c-483e-a4f5-faf083b13184}\ (1 traces secondaires) (ID = 135512) 15:04: HKCR\interface\{20f36af3-3486-4bb6-8bcb-f1f8abe74d07}\ (8 traces secondaires) (ID = 135518) 15:04: HKLM\software\classes\appid\nhelper.dll\ (1 traces secondaires) (ID = 135525) 15:04: HKLM\software\classes\appid\{710bcb5b-8c6c-483e-a4f5-faf083b13184}\ (1 traces secondaires) (ID = 135526) 15:04: HKLM\software\classes\interface\{20f36af3-3486-4bb6-8bcb-f1f8abe74d07}\ (8 traces secondaires) (ID = 135531) 15:04: HKLM\software\classes\typelib\{209b1cea-8b2e-4596-9b35-a4a7db611eb2}\ (9 traces secondaires) (ID = 135537) 15:04: HKLM\software\classes\typelib\{fa4de133-d3c3-4ed4-92d1-cd4dde839ab3}\ (9 traces secondaires) (ID = 135538) 15:04: HKLM\software\navexcel\ (15 traces secondaires) (ID = 135547) 15:04: HKCR\typelib\{209b1cea-8b2e-4596-9b35-a4a7db611eb2}\ (9 traces secondaires) (ID = 135550) 15:04: HKCR\typelib\{fa4de133-d3c3-4ed4-92d1-cd4dde839ab3}\ (9 traces secondaires) (ID = 135551) 15:04: Trouvé Adware: exact navisearch 15:04: HKLM\software\navisearch\ (23 traces secondaires) (ID = 135585) 15:04: Trouvé Adware: powerscan 15:04: HKLM\software\powerscan\ (1 traces secondaires) (ID = 136824) 15:04: Trouvé Adware: whenu savenow 15:04: HKCR\wusn.1\ (1 traces secondaires) (ID = 140463) 15:04: Trouvé Adware: shopathomeselect 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\70tovmto\ (2 traces secondaires) (ID = 141716) 15:04: HKLM\software\vgroup\ (69 traces secondaires) (ID = 141734) 15:04: HKLM\software\winsock2\layered provider sample\ (ID = 141736) 15:04: Trouvé Adware: ist sidefind 15:04: HKCR\interface\{339d8aff-0b42-4260-ad82-78ce605a9543}\ (8 traces secondaires) (ID = 141765) 15:04: HKCR\interface\{a36a5936-cfd9-4b41-86bd-319a1931887f}\ (8 traces secondaires) (ID = 141766) 15:04: HKCR\sidefind.finder.1\ (3 traces secondaires) (ID = 141767) 15:04: HKCR\sidefind.finder\ (5 traces secondaires) (ID = 141768) 15:04: HKLM\software\classes\interface\{339d8aff-0b42-4260-ad82-78ce605a9543}\ (8 traces secondaires) (ID = 141772) 15:04: HKLM\software\classes\interface\{a36a5936-cfd9-4b41-86bd-319a1931887f}\ (8 traces secondaires) (ID = 141773) 15:04: HKLM\software\classes\sidefind.finder\ (5 traces secondaires) (ID = 141774) 15:04: HKLM\software\classes\typelib\{58634367-d62b-4c2c-86be-5aac45cdb671}\ (9 traces secondaires) (ID = 141775) 15:04: HKLM\software\classes\typelib\{d0288a41-9855-4a9b-8316-babe243648da}\ (9 traces secondaires) (ID = 141776) 15:04: HKLM\software\microsoft\sidefind\ (2 traces secondaires) (ID = 141780) 15:04: HKLM\software\sidefind\ (13 traces secondaires) (ID = 141783) 15:04: HKCR\typelib\{58634367-d62b-4c2c-86be-5aac45cdb671}\ (9 traces secondaires) (ID = 141784) 15:04: HKCR\typelib\{d0288a41-9855-4a9b-8316-babe243648da}\ (9 traces secondaires) (ID = 141785) 15:04: Trouvé Adware: targetsoft 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\tsl installer\ (1 traces secondaires) (ID = 143608) 15:04: Trouvé Adware: targetsaver 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\tsl installer\ (1 traces secondaires) (ID = 143608) 15:04: HKLM\software\tsa\ (3 traces secondaires) (ID = 143615) 15:04: Trouvé Adware: winad 15:04: HKCR\appid\loaderx.exe\ (1 traces secondaires) (ID = 147150) 15:04: HKCR\appid\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8}\ (1 traces secondaires) (ID = 147151) 15:04: HKCR\loaderx.installer\ (5 traces secondaires) (ID = 147156) 15:04: HKCR\mediaaccess.installer\ (5 traces secondaires) (ID = 147157) 15:04: HKLM\software\classes\appid\loaderx.exe\ (1 traces secondaires) (ID = 147164) 15:04: HKLM\software\classes\appid\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8}\ (1 traces secondaires) (ID = 147165) 15:04: HKLM\software\classes\loaderx.installer\ (5 traces secondaires) (ID = 147170) 15:04: HKLM\software\classes\mediaaccess.installer\ (5 traces secondaires) (ID = 147171) 15:04: HKLM\software\classes\typelib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7}\ (9 traces secondaires) (ID = 147176) 15:04: HKLM\software\media access\ (8 traces secondaires) (ID = 147182) 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/mediaaccx.dll\ (2 traces secondaires) (ID = 147191) 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/mediapassx.dll\ (2 traces secondaires) (ID = 147192) 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/winadservx.dll\ (2 traces secondaires) (ID = 147195) 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/wintaskadx.dll\ (2 traces secondaires) (ID = 147199) 15:04: HKCR\typelib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7}\ (9 traces secondaires) (ID = 147244) 15:04: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/ysbactivex.dll\ (2 traces secondaires) (ID = 147854) 15:04: HKCR\interface\{1c01d150-91a4-4de0-9bf8-a35d1bdf1001}\ (8 traces secondaires) (ID = 169495) 15:04: HKLM\software\classes\interface\{1c01d150-91a4-4de0-9bf8-a35d1bdf1001}\ (8 traces secondaires) (ID = 169496) 15:04: HKCR\ezulaagent.ezulactrlhost\ (5 traces secondaires) (ID = 385959) 15:04: HKCR\ezulaagent.ezulactrlhost\clsid\ (1 traces secondaires) (ID = 385961) 15:04: HKCR\ezulaagent.ezulactrlhost\curver\ (1 traces secondaires) (ID = 385963) 15:04: HKCR\ezulaagent.ezulactrlhost.1\ (3 traces secondaires) (ID = 385965) 15:04: HKCR\ezulaagent.ezulactrlhost.1\clsid\ (1 traces secondaires) (ID = 385967) 15:04: HKCR\ezulaagent.plugprot\ (5 traces secondaires) (ID = 385979) 15:04: HKCR\ezulaagent.plugprot\clsid\ (1 traces secondaires) (ID = 385981) 15:04: HKCR\ezulaagent.plugprot\curver\ (1 traces secondaires) (ID = 385983) 15:04: HKCR\ezulaagent.plugprot.1\ (3 traces secondaires) (ID = 385985) 15:04: HKCR\ezulaagent.plugprot.1\clsid\ (1 traces secondaires) (ID = 385987) 15:04: HKCR\ezulamain.ezulasearchpipe\ (5 traces secondaires) (ID = 386059) 15:04: HKCR\ezulamain.ezulasearchpipe\clsid\ (1 traces secondaires) (ID = 386061) 15:04: HKCR\ezulamain.ezulasearchpipe\curver\ (1 traces secondaires) (ID = 386063) 15:04: HKCR\ezulamain.ezulasearchpipe.1\ (3 traces secondaires) (ID = 386065) 15:04: HKCR\ezulamain.ezulasearchpipe.1\clsid\ (1 traces secondaires) (ID = 386067) 15:04: HKLM\software\classes\ezulaagent.ezulactrlhost\ (5 traces secondaires) (ID = 386899) 15:04: HKLM\software\classes\ezulaagent.ezulactrlhost\clsid\ (1 traces secondaires) (ID = 386901) 15:04: HKLM\software\classes\ezulaagent.ezulactrlhost\curver\ (1 traces secondaires) (ID = 386903) 15:04: HKLM\software\classes\ezulaagent.ezulactrlhost.1\ (3 traces secondaires) (ID = 386905) 15:04: HKLM\software\classes\ezulaagent.ezulactrlhost.1\clsid\ (1 traces secondaires) (ID = 386907) 15:04: HKLM\software\avenue media\internet optimizer\ (74 traces secondaires) (ID = 394594) 15:04: HKLM\software\vgroup\sahagent\ (68 traces secondaires) (ID = 396143) 15:04: HKLM\software\cashback\ (48 traces secondaires) (ID = 397089) 15:04: HKCR\ezulaagent.toolbarband.1\ (3 traces secondaires) (ID = 466626) 15:04: HKCR\ezulaagent.toolbarband.1\clsid\ (1 traces secondaires) (ID = 466628) 15:04: HKCR\ezulaagent.toolbarband\ (3 traces secondaires) (ID = 466630) 15:04: HKCR\ezulaagent.toolbarband\clsid\ (1 traces secondaires) (ID = 466632) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\ezula\ (3 traces secondaires) (ID = 466670) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\ezula\ || displayname (ID = 466671) 15:04: HKLM\software\microsoft\windows\currentversion\uninstall\ezula\ || uninstallstring (ID = 466672) 15:04: HKLM\software\classes\ezulamain.ezulasearchpipe.1\ (3 traces secondaires) (ID = 466752) 15:04: HKLM\software\classes\ezulamain.ezulasearchpipe.1\clsid\ (1 traces secondaires) (ID = 466754) 15:04: HKLM\software\classes\ezulamain.ezulasearchpipe\ (5 traces secondaires) (ID = 466756) 15:04: HKLM\software\classes\ezulamain.ezulasearchpipe\clsid\ (1 traces secondaires) (ID = 466758) 15:04: HKLM\software\classes\ezulamain.ezulasearchpipe\curver\ (1 traces secondaires) (ID = 466760) 15:04: HKLM\software\classes\ezulaagent.toolbarband.1\ (3 traces secondaires) (ID = 466772) 15:04: HKLM\software\classes\ezulaagent.toolbarband.1\clsid\ (1 traces secondaires) (ID = 466774) 15:04: HKLM\software\classes\ezulaagent.toolbarband\ (3 traces secondaires) (ID = 466776) 15:04: HKLM\software\classes\ezulaagent.toolbarband\clsid\ (1 traces secondaires) (ID = 466778) 15:04: HKLM\software\classes\ezulaagent.plugprot.1\ (3 traces secondaires) (ID = 466780) 15:04: HKLM\software\classes\ezulaagent.plugprot.1\clsid\ (1 traces secondaires) (ID = 466782) 15:04: HKLM\software\classes\ezulaagent.plugprot\ (5 traces secondaires) (ID = 466784) 15:04: HKLM\software\classes\ezulaagent.plugprot\clsid\ (1 traces secondaires) (ID = 466786) 15:04: HKLM\software\classes\ezulaagent.plugprot\curver\ (1 traces secondaires) (ID = 466788) 15:04: HKCR\ezulamain.ezulasearchpipe\ (5 traces secondaires) (ID = 466825) 15:04: HKCR\ezulaagent.toolbarband\ (3 traces secondaires) (ID = 466827) 15:04: HKCR\ezulaagent.plugprot\ (5 traces secondaires) (ID = 466828) 15:04: HKCR\ezulaagent.ezulactrlhost\ (5 traces secondaires) (ID = 466829) 15:04: HKLM\software\exactutil\ || system (ID = 509561) 15:04: HKLM\software\exactutil\ || utilfolder (ID = 509699) 15:04: Trouvé Adware: winantispyware 2005 15:04: HKCR\checkproduct2.checkproduct\ (5 traces secondaires) (ID = 527503) 15:04: HKCR\checkproduct2.checkproduct.1\ (3 traces secondaires) (ID = 527509) 15:04: HKCR\appid\checkproduct2.dll\ (1 traces secondaires) (ID = 527632) 15:04: HKCR\appid\{8c65aef6-e413-4314-815b-82717a3f1603}\ (1 traces secondaires) (ID = 527648) 15:04: HKCR\clsid\{c427b3e3-28dc-4001-9590-d99b6776119b}\ (15 traces secondaires) (ID = 527829) 15:04: HKCR\interface\{4f79d1c5-24f9-4e59-8022-604d4b41d5ca}\ (8 traces secondaires) (ID = 527937) 15:04: HKCR\typelib\{30ed49a5-ca6c-4918-b5f3-5e6818c91d8b}\ (9 traces secondaires) (ID = 528091) 15:04: HKLM\software\classes\checkproduct2.checkproduct\ (5 traces secondaires) (ID = 528199) 15:04: HKLM\software\classes\checkproduct2.checkproduct.1\ (3 traces secondaires) (ID = 528205) 15:04: HKLM\software\classes\appid\checkproduct2.dll\ (1 traces secondaires) (ID = 528341) 15:04: HKLM\software\classes\appid\{8c65aef6-e413-4314-815b-82717a3f1603}\ (1 traces secondaires) (ID = 528357) 15:04: HKLM\software\classes\clsid\{c427b3e3-28dc-4001-9590-d99b6776119b}\ (15 traces secondaires) (ID = 528538) 15:04: HKLM\software\classes\typelib\{30ed49a5-ca6c-4918-b5f3-5e6818c91d8b}\ (9 traces secondaires) (ID = 528800) 15:04: HKLM\software\classes\appid\{8c65aef6-e413-4314-815b-82717a3f1603}\ (1 traces secondaires) (ID = 543259) 15:04: HKLM\software\microsoft\windows\currentversion\run\ || winsync (ID = 601545) 15:04: Trouvé Adware: whenu searchbar/pricebandit 15:04: HKCR\wuse.1\ (1 traces secondaires) (ID = 635410) 15:04: HKCR\wusn.1\ (1 traces secondaires) (ID = 635412) 15:04: HKLM\software\whenusearch\ (47 traces secondaires) (ID = 635506) 15:04: Trouvé Adware: whenu 15:04: HKLM\software\classes\wuse.1\ (1 traces secondaires) (ID = 635552) 15:04: HKLM\software\classes\wuse.1\ (1 traces secondaires) (ID = 635552) 15:04: HKLM\software\classes\wusn.1\ (1 traces secondaires) (ID = 635554) 15:04: HKLM\software\bargains\ (28 traces secondaires) (ID = 646495) 15:04: Trouvé Adware: exact bullseye 15:04: HKCR\typelib\{4eb7bbe8-2e15-424b-9ddb-2cdb9516b2c3}\ (9 traces secondaires) (ID = 651023) 15:04: HKCR\typelib\{4eb7bbe8-2e15-424b-9ddb-2cdb9516e2a3}\ (9 traces secondaires) (ID = 651043) 15:04: HKLM\software\classes\typelib\{4eb7bbe8-2e15-424b-9ddb-2cdb9516c2e3}\ (9 traces secondaires) (ID = 651255) 15:04: HKLM\software\classes\typelib\{4eb7bbe8-2e15-424b-9ddb-2cdb9516a2a3}\ (9 traces secondaires) (ID = 712039) 15:04: HKLM\software\qstat\ (5 traces secondaires) (ID = 769771) 15:04: HKCR\interface\{175816a5-219e-4079-b2f9-53c501c409ba}\ (8 traces secondaires) (ID = 774223) 15:04: HKCR\interface\{1c1793e0-1034-4cac-837d-aa545f6961bf}\ (8 traces secondaires) (ID = 774241) 15:04: HKCR\interface\{8a61a950-c325-4f44-ba64-273180ff3464}\ (8 traces secondaires) (ID = 774358) 15:04: HKCR\interface\{b53d4cd4-406d-43cc-8244-7893d72236dd}\ (8 traces secondaires) (ID = 774394) 15:04: HKCR\interface\{b671426c-5c1a-48ac-9652-bc9402b1c404}\ (8 traces secondaires) (ID = 774403) 15:04: HKCR\interface\{b9bb3219-f84c-4060-966b-4a1e73e24226}\ (8 traces secondaires) (ID = 774412) 15:04: HKCR\interface\{f786cb18-3809-4e49-bc99-9a66da47db8b}\ (8 traces secondaires) (ID = 774457) 15:04: HKLM\software\classes\interface\{175816a5-219e-4079-b2f9-53c501c409ba}\ (8 traces secondaires) (ID = 774499) 15:04: HKLM\software\classes\interface\{1c1793e0-1034-4cac-837d-aa545f6961bf}\ (8 traces secondaires) (ID = 774517) 15:04: HKLM\software\classes\interface\{8a61a950-c325-4f44-ba64-273180ff3464}\ (8 traces secondaires) (ID = 774634) 15:04: HKLM\software\classes\interface\{b53d4cd4-406d-43cc-8244-7893d72236dd}\ (8 traces secondaires) (ID = 774670) 15:04: HKLM\software\classes\interface\{b671426c-5c1a-48ac-9652-bc9402b1c404}\ (8 traces secondaires) (ID = 774679) 15:04: HKLM\software\classes\interface\{b9bb3219-f84c-4060-966b-4a1e73e24226}\ (8 traces secondaires) (ID = 774688) 15:04: HKLM\software\classes\interface\{f786cb18-3809-4e49-bc99-9a66da47db8b}\ (8 traces secondaires) (ID = 774733) 15:04: HKLM\software\qstat\ || brr (ID = 877670) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\internet explorer\extensions\cmdmapping\ || {946b3e9e-e21a-49c8-9f63-900533fafe14} (ID = 127575) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\internet explorer\toolbar\webbrowser\ || {74cc49f7-eb32-4a08-b204-948962a6e3db} (ID = 127586) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\egdhtml\ (1 traces secondaires) (ID = 128787) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\windows\currentversion\wintrust\trust providers\software publishing\trust database\0\ || goicfboogidikkejccmclpieicihhlpo bgdjdn (ID = 128845) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\policies\avenue media\ (ID = 128928) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\ist\ (5 traces secondaires) (ID = 129108) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\internet explorer\toolbar\webbrowser\ || {faa356e4-d317-42a6-ab41-a3021c6e7d52} (ID = 129117) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\internet explorer\toolbar\webbrowser\ || {5aa06644-bc46-4220-a460-47a6eb47c96d} (ID = 135541) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\navexcel ltd\ (14 traces secondaires) (ID = 135548) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\powerscan\ (1 traces secondaires) (ID = 136823) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\internet explorer\explorer bars\{8cba1b49-8144-4721-a7b1-64c578c9eed7}\ (1 traces secondaires) (ID = 141777) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\internet explorer\extensions\cmdmapping\ || {10e42047-deb9-4535-a118-b3f6ec39b807} (ID = 141778) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\tsl2\ (1 traces secondaires) (ID = 143616) 15:04: HKU\S-1-5-21-1004336348-1580436667-1417001333-1003\software\microsoft\windows\currentversion\policies\ameopt\ (ID = 654042) 15:04: Trouvé Trojan Horse: trojan-downloader-toolbarpartner 15:04: HKU\S-1-5-18\software\microsoft\mediaplayer\preferences\msld\ (ID = 144806) 15:04: Analyse du Registre terminée, temps passé :00:00:15 15:04: Démarrage de l’analyse des cookies 15:04: Analyse des cookies terminée, temps passé : 00:00:00 15:04: Démarrage de l’analyse des fichiers 15:05: c:\documents and settings\jeremy\menu démarrer\programmes\power scan (1 traces secondaires) (ID = -2147480462) 15:05: c:\program files\power scan (1 traces secondaires) (ID = -2147480461) 15:05: c:\windows\system32\sahimages (4 traces secondaires) (ID = -2147480329) 15:05: c:\program files\winfixer 2005 (1 traces secondaires) (ID = -2147476702) 15:05: Trouvé Adware: spysheriff 15:05: c:\program files\spysheriff (1 traces secondaires) (ID = -2147476679) 15:05: c:\documents and settings\jeremy\application data\hbtools (5 traces secondaires) (ID = -2147480879) 15:05: vx3.nls (ID = 50927) 15:05: vx3x.nls (ID = 50935) 15:05: instsrv.exe (ID = 50713) 15:05: bb_click_wider.swf (ID = 50570) 15:05: bb_auto_wider.swf (ID = 50569) 15:05: bb_welcome1.swf (ID = 52239) 15:05: vx0.nls (ID = 50890) 15:05: bb_welcome.html (ID = 50571) 15:05: sahagent.log (ID = 75886) 15:05: backup-20051230-141007-508.inf (ID = 48461) 15:05: psis80ex.ax (ID = 50851) 15:05: Trouvé Adware: 180search assistant/zango 15:05: ncasepackage.exe (ID = 70582) 15:05: tmlpcert2005 (ID = 63918) 15:05: sahagent.exe (ID = 75884) 15:05: vx1x.nls (ID = 50908) 15:05: vx1.nls (ID = 50899) 15:05: javex80.vxd (ID = 50715) 15:05: backup-20051230-141004-611.dll (ID = 50793) 15:05: 70tovmto.exe (ID = 75618) 15:05: vx2x.nls (ID = 50922) 15:05: vx2.nls (ID = 50917) 15:05: Trouvé Adware: purityscan 15:05: mt-uninstaller.exe (ID = 73191) 15:05: backup-20051230-141005-989.dll (ID = 50756) 15:05: backup-20051230-141005-625.dll (ID = 50751) 15:06: bln02nqv.exe (ID = 75682) 15:06: ezstub.exe (ID = 60525) 15:07: netut80ex.vxd (ID = 50762) 15:07: ezpopstub.exe (ID = 60508) 15:07: mac80ex.idf (ID = 50730) 15:07: power scan.lnk (ID = 72676) 15:07: powerscan.exe (ID = 72678) 15:07: gah95on6.ini (ID = 75741) 15:07: 2b3fsk0h.dll (ID = 75587) 15:08: icon.gif (ID = 52263) 15:08: backup-20051230-141007-588.inf (ID = 63893) 15:08: bln02nqv.ini (ID = 75683) 15:08: 70tovmto.ini (ID = 75621) 15:08: Avertissement: Could not get layout for drive E:. Fonction incorrecte 15:08: power scan.lnk (ID = 72678) 15:08: Analyse des fichiers terminée, temps passé : 00:03:23 15:08: Analyse complète terminée. Durée 00:04:47 15:08: Traces trouvées : 2079 15:08: Processus de suppression lancé. 15:08: Mise en quarantaine de toutes les traces : 7adpower 15:08: Mise en quarantaine de toutes les traces : abox 15:08: Mise en quarantaine de toutes les traces : exact cashback/bargain buddy 15:09: Mise en quarantaine de toutes les traces : blazefind 15:09: Mise en quarantaine de toutes les traces : clkoptimizer 15:09: Mise en quarantaine de toutes les traces : ezula ilookup 15:09: Mise en quarantaine de toutes les traces : hotbar 15:09: Mise en quarantaine de toutes les traces : instant access 15:09: Mise en quarantaine de toutes les traces : internetoptimizer 15:09: Avertissement: Failed to export "HKEY_LOCAL_MACHINE\software\avenue media\internet optimizer\": Ressources système insuffisantes pour terminer le service demandé 15:09: Avertissement: Failed to export "HKEY_LOCAL_MACHINE\software\avenue media\": Ressources système insuffisantes pour terminer le service demandé 15:09: Échec de la mise en quarantaine internetoptimizer 15:09: Échec de la mise en quarantaine HKLM : software\avenue media\ 15:09: Échec de la mise en quarantaine HKLM : software\avenue media\internet optimizer\ 15:09: Mise en quarantaine de toutes les traces : ist istbar 15:09: Mise en quarantaine de toutes les traces : ist software 15:09: Mise en quarantaine de toutes les traces : moneytree 15:09: Mise en quarantaine de toutes les traces : navexcel navhelper 15:10: Mise en quarantaine de toutes les traces : exact navisearch 15:10: Mise en quarantaine de toutes les traces : powerscan 15:10: powerscan est en cours d'utilisation. Il sera supprimé au redémarrage. 15:10: power scan.lnk est en cours d'utilisation. Il sera supprimé au redémarrage. 15:10: Mise en quarantaine de toutes les traces : whenu savenow 15:10: Mise en quarantaine de toutes les traces : shopathomeselect 15:10: Mise en quarantaine de toutes les traces : ist sidefind 15:10: Mise en quarantaine de toutes les traces : targetsoft 15:10: Mise en quarantaine de toutes les traces : targetsaver 15:10: Mise en quarantaine de toutes les traces : winad 15:10: Mise en quarantaine de toutes les traces : winantispyware 2005 15:10: Mise en quarantaine de toutes les traces : whenu searchbar/pricebandit 15:10: Mise en quarantaine de toutes les traces : whenu 15:10: Mise en quarantaine de toutes les traces : exact bullseye 15:10: Mise en quarantaine de toutes les traces : trojan-downloader-toolbarpartner 15:10: Mise en quarantaine de toutes les traces : spysheriff 15:10: Mise en quarantaine de toutes les traces : 180search assistant/zango 15:10: Mise en quarantaine de toutes les traces : purityscan 15:12: Processus de suppression lancé. Durée 00:03:16 ******** 15:02: | Début de session, vendredi 30 décembre 2005 | 15:02: Spy Sweeper démarrée 15:02: Version du programme : 4.5.8 (Build 683) - Définitions de logiciels espions 556 15:03: | Fin de session, vendredi 30 décembre 2005 | Dans l'attente des prochaines instructions ...
  17. Robin'$
    Merci de vous occuper de mon cas
  18. Robin'$
    Bonsoir suite à un problème de Spyware Infection suite a vos conseils j'ai installer Antivir et hijackthis donc voici le premier rapport dans lattente de votre analyse et votre reponse : Logfile of HijackThis v1.99.1 Scan saved at 18:57:25, on 28/12/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\AVPersonal\AVGNT.EXE C:\Program Files\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ws1.appswebservice.com/index.php?tpid=10244&ttid=104 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.exe" O1 - Hosts: 255.255.255.255 ar.atwola.com atdmt.com avp.ch avp.com avp.ru awaps.net ca.com dispatch.mcafee.com download.mcafee.com download.microsoft.com downloads.microsoft.com engine.awaps.net f-secure.com ftp.f-secure.com ftp.sophos.com go.microsoft.com liveupdate.symantec.com mast.mcafee.com mcafee.com msdn.microsoft.com my-etrust.com nai.com networkassociates.com office.microsoft.com phx.corporate-ir.net secure.nai.com securityresponse.symantec.com service1.symantec.com sophos.com spd.atdmt.com support.microsoft.com symantec.com update.symantec.com updates.symantec.com us.mcafee.com vil.nai.com viruslist.ru windowsupdate.microsoft.com www.avp.ch www.avp.com www.avp.ru www.awaps.net www.ca.com www.f-secure.com www.kaspersky.ru www.mcafee.com www.my-etrust.com www.nai.com www.networkassociates.com www.sophos.com www.symantec.com www.trendmicro.com www.viruslist.com www.viruslist.ru www3.ca.com O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL (file missing) O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll (file missing) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho13.dll (file missing) O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll (file missing) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Program Files\NavExcel\NavHelper\v2.0.4c\NHelper.dll (file missing) O2 - BHO: CB UrlCatcher Class - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\Program Files\Bargain Buddy\bin\apuc.dll (file missing) O2 - BHO: Helper Class - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing) O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: NavExcel Toolbar - {5AA06644-BC46-4220-A460-47A6EB47C96D} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll (file missing) O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Program Files\ISTbar\istbarcm.dll (file missing) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [Win32s USB Drivers] spoolcsv.exe O4 - HKLM\..\Run: [Microsoft media] winmplayers.exe O4 - HKLM\..\Run: [msnmsg] C:\TBC.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [POP Peeper] C:\Program Files\POP Peeper\POPPeeper.exe min O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\WhenUSearch\Search.exe" O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\WhenUSearch\whse.exe" O4 - HKLM\..\Run: [CashBack] C:\Program Files\CashBack\bin\cashback.exe O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" O4 - HKLM\..\Run: [Ezcpfg] C:\Program Files\Lmqekm\Bikghsd.exe O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\System32\gah95on6.exe O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKLM\..\Run: [CbrhFOU] C:\WINDOWS\qirqwin.exe O4 - HKLM\..\Run: [Cbrh$æÆõö/ØF%)ßfÏNC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qirqwin.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Cbrh$æÆßfÏNb½¾õñ C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qirqwin.exe O4 - HKLM\..\Run: [bO²ùðZ×y-¯Œ] C:\WINDOWS\qirqwin.exe O4 - HKLM\..\Run: [bO²ùõö/ØF%)ßfÏNb½¾C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qirqwin.exe O4 - HKLM\..\Run: [imInstaller_IncrediMail] C:\DOCUME~1\jeremy\LOCALS~1\Temp\ImInstaller\IncrediMail\imloader.exe -startup -product IncrediMail O4 - HKLM\..\Run: [webrebates] "C:\Program Files\WebRebates4\webrebates.exe" O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\piyrrq.exe reg_run O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\RunServices: [Win32s USB Drivers] spoolcsv.exe O4 - HKLM\..\RunServices: [Microsoft media] winmplayers.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Win32s USB Drivers] spoolcsv.exe O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe O4 - HKCU\..\Run: [fiqm] C:\PROGRA~1\COMMON~1\fiqm\fiqmm.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [shell] "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.exe" O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = ? O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: InterVideo Scheduler server.lnk = C:\Program Files\InterVideo\WinDVD4PR\SchSvr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind13.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_nos_med.exe O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c18.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...etup1.0.0.8.cab O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_cheat.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103119967793 O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/0006_cracks.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {CA356D79-679B-4B4C-8E49-5AF97014F4C1} - http://files-pl.starware.com/installs/3.1....tarware_323.cab O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt01.com/dialer/internazionale_ver11.CAB O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_FR_XP.cab O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/...rcabinstall.cab O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
×
×
  • Créer...