Aller au contenu

Koma

Membres
  • Compteur de contenus

    253
  • Inscription

  • Dernière visite

Tout ce qui a été posté par Koma

  1. aahh je sais pas se qu'il lui arrive mais la il commence a planter et rame encore plus si quelqu'un peux m'aider, merci
  2. salut, voilà le rapport Logfile of HijackThis v1.99.1 Scan saved at 22:26:36, on 20/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\WINDOWS\System32\DeltTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\lclock.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Progz\hijackthis\scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84" O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Startup: NPSWF32.dll O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{9F640953-E506-4574-A1B3-A2C2EF523E6C}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{D14CF399-4D66-4CD0-829F-E5CD1FFF820C}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: bw+0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {540A9258-D0A5-4C14-8B59-373D2F15FF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  3. ok lol je vais essayer de faire tout ça, en tout cas encore merci pour ton aide, tes un bon
  4. j'ai mis "bitdefender internet security V10", t'en pense quoi ?
  5. merci il est fluide
  6. tu me conseil quel anti-virus sinon ?
  7. Senc - 06-09-10 13:13:32,34 ComboFix 06.09.07 - Running from: C:\Documents and Settings\Senc\Bureau Microsoft Windows XP [version 5.1.2600] (((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log ))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\geedd.dll C:\WINDOWS\system32\ddeeg.bak1 C:\WINDOWS\system32\ddeeg.ini * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files\Fichiers communs\{700E5EEF-0828-1036-0224-030312220021} ((((((((((((((((((((((((((((((( Files Created from 2006-08-10 to 2006-09-10 )))))))))))))))))))))))))))))))))) 2006-09-10 12:22 56,320 --a------ C:\WINDOWS\system32\DeltTray.exe 2006-09-10 12:22 44,032 --a------ C:\WINDOWS\system32\deltapnl.dll 2006-09-10 12:22 20,480 --a------ C:\WINDOWS\system32\deltasio.dll 2006-09-10 12:22 2,405,806 --a------ C:\WINDOWS\system32\pcifmdio.dll 2006-09-10 12:22 1,122,304 --a------ C:\WINDOWS\system32\deltapnl.exe 2006-09-09 19:01 96,256 --a------ C:\WINDOWS\system32\Csp2osu.dll 2006-09-09 19:01 63,488 --a------ C:\WINDOWS\ScFBPPM2.DLL 2006-09-09 19:01 305,664 --a------ C:\WINDOWS\IsUn040c.exe 2006-09-09 19:01 271,872 --a------ C:\WINDOWS\system32\Ucs32p.dll 2006-09-09 19:01 16,896 --a------ C:\WINDOWS\system32\Csp2utl.dll 2006-09-09 19:01 133,120 --a------ C:\WINDOWS\Sifbp2.dll 2006-09-09 18:59 65,536 --a------ C:\WINDOWS\system32\EEBUtil.dll 2006-09-09 18:59 65,536 --a------ C:\WINDOWS\system32\EBAPI.dll 2006-09-09 18:59 54,272 --a------ C:\WINDOWS\system32\EEBSDKIF.dll 2006-09-09 18:59 122,880 --a------ C:\WINDOWS\system32\EEBAPI.dll 2006-09-09 18:59 102,400 --a------ C:\WINDOWS\system32\EEBDSCVR.dll 2006-09-09 18:56 72,825 --a------ C:\WINDOWS\system32\EBPMON24.DLL 2006-09-09 18:56 63,488 --a------ C:\WINDOWS\system32\ECBTEG.DLL 2006-09-09 18:56 34,304 --a------ C:\WINDOWS\system32\EBPCHP.DLL 2006-09-09 18:56 31,744 --a------ C:\WINDOWS\system32\E_DCINST.DLL 2006-09-09 18:54 81,920 -r------- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe 2006-09-09 14:55 73,728 -ra------ C:\WINDOWS\system32\LVUI2RC.dll 2006-09-09 14:55 69,632 -ra------ C:\WINDOWS\system32\lvcoinst.dll 2006-09-09 14:55 57,344 -ra------ C:\WINDOWS\system32\LVComC.dll 2006-09-09 14:55 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2006-09-09 14:55 167,936 -ra------ C:\WINDOWS\system32\lvcodec2.dll 2006-09-09 14:55 131,072 -ra------ C:\WINDOWS\system32\SP5X_32.DLL 2006-09-09 14:55 110,592 -ra------ C:\WINDOWS\system32\LVUI2.dll 2006-09-09 14:55 102,400 -ra------ C:\WINDOWS\system32\LVComS.exe 2006-09-08 14:42 98,304 --a------ C:\WINDOWS\system32\Rey_SubClasser.dll 2006-09-08 14:01 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2006-09-08 14:01 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2006-09-08 14:01 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-09-08 01:18 853,088 --a------ C:\WINDOWS\system32\ati3d1ag.dll 2006-09-08 01:18 77,312 --a------ C:\WINDOWS\system32\usbui.dll 2006-09-08 01:18 286,720 --a------ C:\WINDOWS\system32\ati2cqag.dll 2006-09-08 01:18 258,048 --a------ C:\WINDOWS\system32\ati2dvag.dll 2006-09-08 01:18 2,373,088 --a------ C:\WINDOWS\system32\ati3duag.dll 2006-09-08 01:18 2,354,720 --a------ C:\WINDOWS\system32\ativvaxx.dll 2006-09-08 01:17 86,044 --a------ C:\WINDOWS\system32\dgsetup.dll 2006-09-08 01:17 8,704 --a------ C:\WINDOWS\system32\batt.dll 2006-09-08 01:17 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2006-09-08 01:17 76,800 --a------ C:\WINDOWS\system32\storprop.dll 2006-09-08 01:17 70,656 --a------ C:\WINDOWS\NOTEPAD.EXE 2006-09-08 01:17 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll 2006-09-08 01:17 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL 2006-09-08 01:17 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2006-09-08 01:17 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2006-09-08 01:17 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2006-09-08 01:17 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2006-09-08 01:17 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2006-09-08 01:17 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2006-09-08 01:17 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2006-09-08 01:17 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll 2006-09-08 01:17 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2006-09-08 01:17 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2006-09-08 01:17 15,872 --a------ C:\WINDOWS\TASKMAN.EXE 2006-09-08 01:17 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2006-09-08 01:17 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2006-09-08 00:35 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2006-09-07 23:36 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe 2006-09-07 23:36 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll 2006-09-07 23:32 306,688 --a------ C:\WINDOWS\IsUninst.exe 2006-09-07 23:27 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-09-07 23:24 98,304 --a------ C:\WINDOWS\tcpview.exe 2006-09-07 23:24 81,920 --a------ C:\WINDOWS\Calendar.dll 2006-09-07 23:24 69,632 --a------ C:\WINDOWS\LC.dll 2006-09-07 23:24 65,536 --a------ C:\WINDOWS\LClock.exe 2006-09-07 23:24 57,344 --a------ C:\WINDOWS\reboot.exe 2006-09-07 23:24 456,208 --a------ C:\WINDOWS\process.exe 2006-09-07 23:24 45,056 --a------ C:\WINDOWS\system32\xvga.exe 2006-09-07 23:24 363,520 --a------ C:\WINDOWS\system32\logon.scr 2006-09-07 23:24 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL 2006-09-07 23:24 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2006-09-07 23:24 0 -rahs---- C:\MSDOS.SYS 2006-09-07 23:24 0 -rahs---- C:\IO.SYS 2006-09-07 23:24 0 --a------ C:\CONFIG.SYS 2006-09-07 23:24 0 --a------ C:\AUTOEXEC.BAT 2006-09-07 23:23 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2006-09-07 23:22 86,016 --a------ C:\WINDOWS\system32\isign32.dll 2006-09-07 23:22 81,920 --a------ C:\WINDOWS\system32\ils.dll 2006-09-07 23:22 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll 2006-09-07 23:22 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2006-09-07 23:22 72,192 --a------ C:\WINDOWS\system32\acctres.dll 2006-09-07 23:22 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll 2006-09-07 23:22 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2006-09-07 23:22 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-09-07 23:22 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2006-09-07 23:22 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2006-09-07 23:22 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2006-09-07 23:22 50,688 --a------ C:\WINDOWS\system32\inetres.dll 2006-09-07 23:22 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2006-09-07 23:22 432,640 --a------ C:\WINDOWS\system32\wuapi.dll 2006-09-07 23:22 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2006-09-07 23:22 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll 2006-09-07 23:22 382,464 --a------ C:\WINDOWS\system32\qmgr.dll 2006-09-07 23:22 36,864 --a------ C:\WINDOWS\system32\wups.dll 2006-09-07 23:22 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2006-09-07 23:22 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2006-09-07 23:22 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2006-09-07 23:22 29,696 --a------ C:\WINDOWS\system32\safrdm.dll 2006-09-07 23:22 282,624 --a------ C:\WINDOWS\system32\inetcfg.dll 2006-09-07 23:22 281,600 --a------ C:\WINDOWS\system32\mstask.dll 2006-09-07 23:22 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2006-09-07 23:22 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2006-09-07 23:22 241,664 --a------ C:\WINDOWS\system32\srrstr.dll 2006-09-07 23:22 22,528 --a------ C:\WINDOWS\system32\fltMc.exe 2006-09-07 23:22 193,024 --a------ C:\WINDOWS\system32\schedsvc.dll 2006-09-07 23:22 184,320 --a------ C:\WINDOWS\system32\wuaueng1.dll 2006-09-07 23:22 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2006-09-07 23:22 171,008 --a------ C:\WINDOWS\system32\srsvc.dll 2006-09-07 23:22 168,960 --a------ C:\WINDOWS\system32\wuauclt1.exe 2006-09-07 23:22 16,896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-09-07 23:22 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2006-09-07 23:22 120,320 --a------ C:\WINDOWS\system32\wuweb.dll 2006-09-07 23:22 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2006-09-07 23:22 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2006-09-07 23:22 114,176 --a------ C:\WINDOWS\system32\wucltui.dll 2006-09-07 23:22 112,640 --a------ C:\WINDOWS\system32\wuauclt.exe 2006-09-07 23:22 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2006-09-07 23:22 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll 2006-09-07 23:21 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll 2006-09-07 23:21 94,208 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2006-09-07 23:21 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll 2006-09-07 23:21 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2006-09-07 23:21 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2006-09-07 23:21 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2006-09-07 23:21 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2006-09-07 23:21 67,072 --a------ C:\WINDOWS\system32\rdshost.exe 2006-09-07 23:21 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2006-09-07 23:21 634,880 --a------ C:\WINDOWS\system32\getuname.dll 2006-09-07 23:21 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll 2006-09-07 23:21 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe 2006-09-07 23:21 62,464 --a------ C:\WINDOWS\system32\colbact.dll 2006-09-07 23:21 61,952 --a------ C:\WINDOWS\system32\remotepg.dll 2006-09-07 23:21 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2006-09-07 23:21 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2006-09-07 23:21 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2006-09-07 23:21 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2006-09-07 23:21 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2006-09-07 23:21 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2006-09-07 23:21 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll 2006-09-07 23:21 5,632 --a------ C:\WINDOWS\system32\write.exe 2006-09-07 23:21 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2006-09-07 23:21 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2006-09-07 23:21 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll 2006-09-07 23:21 411,648 --a------ C:\WINDOWS\system32\mstsc.exe 2006-09-07 23:21 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2006-09-07 23:21 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2006-09-07 23:21 39,424 --a------ C:\WINDOWS\system32\cfgbkend.dll 2006-09-07 23:21 347,648 --a------ C:\WINDOWS\system32\mspaint.exe 2006-09-07 23:21 33,792 --a------ C:\WINDOWS\system32\regini.exe 2006-09-07 23:21 297,984 --a------ C:\WINDOWS\system32\termsrv.dll 2006-09-07 23:21 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2006-09-07 23:21 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2006-09-07 23:21 229,888 --a------ C:\WINDOWS\system32\catsrv.dll 2006-09-07 23:21 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2006-09-07 23:21 22,528 --a------ C:\WINDOWS\system32\msg.exe 2006-09-07 23:21 20,992 --a------ C:\WINDOWS\system32\qprocess.exe 2006-09-07 23:21 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2006-09-07 23:21 191,488 --a------ C:\WINDOWS\system32\cmprops.dll 2006-09-07 23:21 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2006-09-07 23:21 189,952 --a------ C:\WINDOWS\system32\accwiz.exe 2006-09-07 23:21 17,920 --a------ C:\WINDOWS\system32\mmfutil.dll 2006-09-07 23:21 17,408 --a------ C:\WINDOWS\system32\tsshutdn.exe 2006-09-07 23:21 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2006-09-07 23:21 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2006-09-07 23:21 16,896 --a------ C:\WINDOWS\system32\tskill.exe 2006-09-07 23:21 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2006-09-07 23:21 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2006-09-07 23:21 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2006-09-07 23:21 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2006-09-07 23:21 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2006-09-07 23:21 147,968 --a------ C:\WINDOWS\system32\rdchost.dll 2006-09-07 23:21 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2006-09-07 23:21 142,336 --a------ C:\WINDOWS\system32\sessmgr.exe 2006-09-07 23:21 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe 2006-09-07 23:21 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2006-09-07 23:21 115,200 --a------ C:\WINDOWS\system32\calc.exe 2006-09-07 23:21 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2006-09-07 23:21 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2006-09-07 23:21 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2006-09-07 23:21 104,448 --a------ C:\WINDOWS\system32\clipbrd.exe 2006-09-07 23:21 10,240 --a------ C:\WINDOWS\system32\reset.exe 2006-09-07 23:21 1,263 --a------ C:\WINDOWS\system32\usrlogon.cmd 2006-09-07 23:21 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-09-10 13:13 -------- d-------- C:\Program Files\Fichiers communs 2006-09-10 12:48 -------- d-------- C:\Program Files\Webteh 2006-09-10 12:22 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-09-10 12:22 -------- d-------- C:\Program Files\M-Audio 2006-09-10 11:46 -------- d-------- C:\Program Files\ewido anti-spyware 4.0 2006-09-10 10:01 -------- d-------- C:\Documents and Settings\Senc\Application Data\utorrent 2006-09-10 00:08 -------- d-------- C:\Program Files\eMule 2006-09-09 22:49 -------- d-------- C:\Program Files\Lavasoft 2006-09-09 22:49 -------- d-------- C:\Documents and Settings\Senc\Application Data\Lavasoft 2006-09-09 22:47 -------- d-------- C:\Program Files\MSN Messenger 2006-09-09 22:47 -------- d-------- C:\Program Files\Internet Explorer 2006-09-09 21:51 -------- d-------- C:\Program Files\Steam 2006-09-09 20:49 -------- d-------- C:\Program Files\Setup 2006-09-09 20:13 -------- d-------- C:\Documents and Settings\Senc\Application Data\Logitech 2006-09-09 19:03 -------- d-------- C:\Program Files\EBP 2006-09-09 19:01 -------- d-------- C:\Program Files\Canon 2006-09-09 18:59 -------- d-------- C:\Program Files\Fichiers communs\EPSON 2006-09-09 18:59 -------- d-------- C:\Program Files\EPSON 2006-09-09 18:53 -------- d-------- C:\Program Files\Logitech 2006-09-09 18:53 -------- d-------- C:\Program Files\Fichiers communs\Logitech 2006-09-09 12:49 -------- d-------- C:\Program Files\utorrent 2006-09-08 17:15 -------- d-------- C:\Program Files\BSPlayer 2006-09-08 14:37 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared 2006-09-08 14:27 -------- d-------- C:\Documents and Settings\Senc\Application Data\Ahead 2006-09-08 14:11 -------- d-------- C:\Documents and Settings\Senc\Application Data\ATI 2006-09-08 14:08 -------- d-------- C:\Program Files\Fichiers communs\InstallShield 2006-09-08 14:08 -------- d-------- C:\Program Files\ATI Technologies 2006-09-08 11:47 -------- d-------- C:\Program Files\Fichiers communs\Ahead 2006-09-08 11:45 -------- d-------- C:\Program Files\Nero 2006-09-08 11:32 -------- d-------- C:\Program Files\VideoLAN 2006-09-08 01:17 -------- d-------- C:\Program Files\Fichiers communs\SpeechEngines 2006-09-08 01:17 -------- d-------- C:\Program Files\Fichiers communs\ODBC 2006-09-08 01:16 62 --ahs---- C:\Documents and Settings\Senc\Application Data\desktop.ini 2006-09-08 00:41 -------- d-------- C:\Documents and Settings\Senc\Application Data\vlc 2006-09-08 00:31 -------- d-------- C:\Program Files\Windows Media Player 2006-09-08 00:20 -------- d-------- C:\Program Files\Messenger 2006-09-07 23:41 -------- d-------- C:\Documents and Settings\Senc\Application Data\Help 2006-09-07 23:35 -------- d-------- C:\Documents and Settings\Senc\Application Data\Macromedia 2006-09-07 23:34 -------- d-------- C:\Program Files\Free.fr 2006-09-07 23:30 -------- d--h----- C:\Program Files\Uninstall Information 2006-09-07 23:30 -------- d---s---- C:\Documents and Settings\Senc\Application Data\Microsoft 2006-09-07 23:30 -------- d-------- C:\Documents and Settings\Senc\Application Data\Identities 2006-09-07 23:28 -------- d-------- C:\Program Files\Outlook Express 2006-09-07 23:23 -------- d--h----- C:\Program Files\WindowsUpdate 2006-09-07 23:23 -------- d-------- C:\Program Files\Services en ligne 2006-09-07 23:22 -------- d-------- C:\Program Files\NetMeeting 2006-09-07 23:22 -------- d-------- C:\Program Files\Fichiers communs\System 2006-09-07 23:22 -------- d-------- C:\Program Files\Fichiers communs\Services 2006-09-07 23:22 -------- d-------- C:\Program Files\Fichiers communs\MSSoap 2006-09-07 23:21 -------- d-------- C:\Program Files\Windows NT 2006-09-07 23:21 -------- d-------- C:\Program Files\ComPlus Applications 2006-08-03 00:07 1681920 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys 2006-08-03 00:02 86016 --a------ C:\WINDOWS\system32\ati2evxx.dll 2006-08-03 00:02 77824 --a------ C:\WINDOWS\system32\Oemdspif.dll 2006-08-03 00:02 41984 --a------ C:\WINDOWS\system32\ati2edxx.dll 2006-08-03 00:02 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe 2006-08-03 00:02 114688 --a------ C:\WINDOWS\system32\atipdlxx.dll 2006-08-03 00:01 401408 --a------ C:\WINDOWS\system32\ati2evxx.exe 2006-08-03 00:00 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL 2006-08-02 23:49 6684672 --a------ C:\WINDOWS\system32\atioglx1.dll 2006-08-02 23:45 5136384 --a------ C:\WINDOWS\system32\atioglxx.dll 2006-08-02 23:41 208896 --a------ C:\WINDOWS\system32\atikvmag.dll 2006-08-02 23:40 303104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll 2006-08-02 23:40 17408 --a------ C:\WINDOWS\system32\atitvo32.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\"" "EPSON Stylus C84 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S10IC2.EXE /P23 \"EPSON Stylus C84 Series\" /O6 \"USB001\" /M \"Stylus C84\"" "M-Audio Delta Taskbar Icon"="C:\\WINDOWS\\System32\\DeltTray.exe" "DeltTray"="DeltTray.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "LClock"="lclock.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NMBgMonitor.exe\"" "Steam"="" "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoCDBurning"=dword:00000001 "ForceClassicControlPanel"=dword:00000001 "NoLowDiskSpaceChecks"=dword:00000001 "ClearRecentDocsOnExit"=dword:00000040 "NoSMBalloonTip"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,54,01,00,00,27,00,00,00,78,00,00,00,6f,00,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce] "LSD_III"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,4c,53,44,5c,65,6e,64,\ 2e,63,6d,64,00 "tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce] "LSD_III"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,4c,53,44,5c,65,6e,64,\ 2e,63,6d,64,00 "tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winepi32 Completion time: 10/09/2006 13:14:58.26 ComboFix.txt ______________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 13:16:17, on 10/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\WINDOWS\System32\DeltTray.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\lclock.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Logitech\SetPoint\KEM.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Progz\hijackthis\scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84" O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: winepi32 - winepi32.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
  8. VundoFix V6.1.4 Checking Java version... Sun Java not detected Scan started at 12:50:47 10/09/2006 Listing files found while scanning.... C:\Program Files\Fichiers communs\{700E5EEF-0828-1036-0224-030312220021}\services.dll Beginning removal... VundoFix V6.1.4 Checking Java version... Sun Java not detected Scan started at 12:52:16 10/09/2006 Listing files found while scanning.... C:\Program Files\Fichiers communs\{700E5EEF-0828-1036-0224-030312220021}\services.dll Beginning removal... Attempting to delete C:\Program Files\Fichiers communs\{700E5EEF-0828-1036-0224-030312220021}\services.dll C:\Program Files\Fichiers communs\{700E5EEF-0828-1036-0224-030312220021}\services.dll Has been deleted! Performing Repairs to the registry. Done! _____________________________________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 13:03:03, on 10/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\WINDOWS\System32\DeltTray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\lclock.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe C:\Progz\hijackthis\scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {52433EE0-49E8-4EEB-A001-A74B9C0D04BA} - C:\WINDOWS\system32\geedd.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84" O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: geedd - C:\WINDOWS\system32\geedd.dll O20 - Winlogon Notify: winepi32 - winepi32.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
  9. sinan tu me conseil quoi comme anti virus ??
  10. C:\WINDOWS\System32\ddeeg.ini -->10/09/2006 12:39:38 C:\WINDOWS\System32\ddeeg.bak1 -->10/09/2006 12:39:32 C:\WINDOWS\System32\geedd.dll -->10/09/2006 00:06:05 C:\WINDOWS\System32\asfiles.txt -->09/09/2006 22:40:38 C:\WINDOWS\System32\Uninstall.ico -->09/09/2006 22:38:23 C:\WINDOWS\System32\pavas.ico -->09/09/2006 22:38:22 C:\WINDOWS\System32\Help.ico -->09/09/2006 22:38:22 C:\WINDOWS\System32\Rey_SubClasser.dll -->08/09/2006 14:42:09 C:\WINDOWS\System32\ReyXp.ocx -->08/09/2006 14:42:09 C:\WINDOWS\System32\dialogg.ocx -->08/09/2006 14:42:09 C:\WINDOWS\System32\msinet.ocx -->08/09/2006 14:41:34 C:\WINDOWS\System32\comdlg32.ocx -->08/09/2006 14:41:34 C:\WINDOWS\System32\PerfStringBackup.INI -->08/09/2006 14:06:37 C:\WINDOWS\System32\perfh00C.dat -->08/09/2006 14:06:37 C:\WINDOWS\System32\perfh009.dat -->08/09/2006 14:06:37 C:\WINDOWS\System32\perfc00C.dat -->08/09/2006 14:06:37 C:\WINDOWS\System32\perfc009.dat -->08/09/2006 14:06:37 C:\WINDOWS\System32\ati64hlp.stb -->08/09/2006 14:03:13 C:\WINDOWS\System32\h323log.txt -->08/09/2006 01:20:01 C:\WINDOWS\System32\FNTCACHE.DAT -->08/09/2006 00:34:47 C:\WINDOWS\System32\nscompat.tlb -->08/09/2006 00:31:24 C:\WINDOWS\System32\amcompat.tlb -->08/09/2006 00:31:24 C:\WINDOWS\System32\wpa.dbl -->07/09/2006 23:29:56 C:\WINDOWS\System32\$winnt$.inf -->07/09/2006 23:28:53 C:\WINDOWS\System32\CONFIG.NT -->07/09/2006 23:24:37 C:\WINDOWS\setupapi.log -->10/09/2006 12:35:16 C:\WINDOWS\0.log -->10/09/2006 12:34:45 C:\WINDOWS\wiadebug.log -->10/09/2006 12:34:41 C:\WINDOWS\wiaservc.log -->10/09/2006 12:34:33 C:\WINDOWS\bootstat.dat -->10/09/2006 12:34:22 C:\WINDOWS\WindowsUpdate.log -->10/09/2006 12:29:45 C:\WINDOWS\Q813347.log -->10/09/2006 12:22:29 C:\WINDOWS\ntbtlog.txt -->10/09/2006 11:15:41 C:\WINDOWS\setupact.log -->10/09/2006 00:50:04 C:\WINDOWS\win.ini -->09/09/2006 22:40:33 C:\WINDOWS\NeroDigital.ini -->09/09/2006 19:35:05 C:\WINDOWS\EPSTPLOG.TXT -->09/09/2006 18:59:22 C:\WINDOWS\EPSTPLOG.BAK -->09/09/2006 18:58:50 C:\WINDOWS\CDEC84Euro.ini -->09/09/2006 18:56:13 C:\WINDOWS\ldm.log -->09/09/2006 18:54:15 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |09/09/2006 18:54:03 C:\WINDOWS\LClock.exe |07/09/2006 23:24:50 C:\WINDOWS\Calendar.dll |07/09/2006 23:24:50 C:\WINDOWS\LC.dll |07/09/2006 23:24:51 C:\WINDOWS\system32\append.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\ati2sgag.exe |07/09/2006 23:36:52 C:\WINDOWS\system32\debug.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\dosx.exe |04/08/2004 02:51:28 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34 C:\WINDOWS\system32\edlin.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\mem.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\nw16.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\redir.exe |04/08/2004 02:48:48 C:\WINDOWS\system32\setver.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\amstream.dll |19/08/2004 20:09:20 C:\WINDOWS\system32\compatUI.dll |19/08/2004 20:09:22 C:\WINDOWS\system32\EBAPI.dll |09/09/2006 18:59:01 C:\WINDOWS\system32\EEBAPI.dll |09/09/2006 18:59:01 C:\WINDOWS\system32\EEBDSCVR.dll |09/09/2006 18:59:01 C:\WINDOWS\system32\encdec.dll |19/08/2004 20:09:26 C:\WINDOWS\system32\geedd.dll |10/09/2006 00:06:04 C:\WINDOWS\system32\ieencode.dll |19/08/2004 20:09:28 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\msdmo.dll |19/08/2004 20:09:34 C:\WINDOWS\system32\msencode.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16 C:\WINDOWS\system32\qedwipes.dll |19/08/2004 20:08:48 C:\WINDOWS\system32\Rey_SubClasser.dll |08/09/2006 14:42:09 C:\WINDOWS\system32\sbe.dll |19/08/2004 20:09:40 C:\WINDOWS\system32\scriptpw.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\tsd32.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\win87em.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\ZPORT4AS.dll |09/09/2006 22:35:58 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |09/09/2006 18:54:03 C:\WINDOWS\Calendar.dll |07/09/2006 23:24:50 C:\WINDOWS\LC.dll |07/09/2006 23:24:51 C:\WINDOWS\system32\append.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\debug.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\dosx.exe |04/08/2004 02:51:28 C:\WINDOWS\system32\edlin.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\mem.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\nw16.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\redir.exe |04/08/2004 02:48:48 C:\WINDOWS\system32\setver.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 18:00:00 C:\WINDOWS\system32\amstream.dll |19/08/2004 20:09:20 C:\WINDOWS\system32\EBAPI.dll |09/09/2006 18:59:01 C:\WINDOWS\system32\EEBAPI.dll |09/09/2006 18:59:01 C:\WINDOWS\system32\EEBDSCVR.dll |09/09/2006 18:59:01 C:\WINDOWS\system32\encdec.dll |19/08/2004 20:09:26 C:\WINDOWS\system32\geedd.dll |10/09/2006 00:06:04 C:\WINDOWS\system32\ieencode.dll |19/08/2004 20:09:28 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\msdmo.dll |19/08/2004 20:09:34 C:\WINDOWS\system32\msencode.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\qedwipes.dll |19/08/2004 20:08:48 C:\WINDOWS\system32\sbe.dll |19/08/2004 20:09:40 C:\WINDOWS\system32\tsd32.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\win87em.dll |28/08/2001 18:00:00 C:\WINDOWS\system32\ZPORT4AS.dll |09/09/2006 22:35:58 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 700E-5EEF Répertoire de C:\WINDOWS\system32 19/08/2004 20:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 142 072 336 384 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 700E-5EEF Répertoire de C:\WINDOWS\Downloaded Program Files 10/09/2006 12:29 <REP> . 10/09/2006 12:29 <REP> .. 07/09/2006 23:23 65 desktop.ini 10/04/2000 17:12 1 765 fhg.inf 2 fichier(s) 1 830 octets Total des fichiers listés : 2 fichier(s) 1 830 octets 2 Rép(s) 142 072 336 384 octets libres Liste des programmes installes Ad-Aware SE Personal ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Control Panel ATI Display Driver µTorrent 1.6 (Build 474) BSplayer Canon CanoCraft CS-P 3.7 Canon ScanGear Toolbox CS Correctif pour Windows XP (KB893357) Correctif Windows XP - KB834707 Correctif Windows XP - KB867282 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB884020 Correctif Windows XP - KB884883 Correctif Windows XP - KB885222 Correctif Windows XP - KB885250 Correctif Windows XP - KB885523 Correctif Windows XP - KB885626 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885894 Correctif Windows XP - KB886185 Correctif Windows XP - KB886677 Correctif Windows XP - KB886716 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890831 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893086 Correctif Windows XP - KB896626 Delta EBP Devis & Facturation Flash 2005 eMule EPSON Logiciel imprimante EPSON PRINT Image Framer Tool2.0 Free - Kit de connexion HijackThis 1.99.1 Lecteur Windows Media 10 Logitech Desktop Messenger Logitech SetPoint Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB903235) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900930) MSN Messenger 7.5 Nero 7 Demo Panda ActiveScan PIF DESIGNER2.0 Spybot - Search & Destroy 1.4 Steam VideoLAN VLC media player 0.8.5 WebFldrs XP Windows Installer 3.1 (KB893803) Windows Media Format Runtime Windows Messenger 5.1 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 700E-5EEF Répertoire de C:\Program Files 10/09/2006 12:22 <REP> . 10/09/2006 12:22 <REP> .. 08/09/2006 14:08 <REP> ATI Technologies 08/09/2006 17:15 <REP> BSPlayer 09/09/2006 19:01 <REP> Canon 07/09/2006 23:21 <REP> ComPlus Applications 09/09/2006 19:03 <REP> EBP 10/09/2006 00:08 <REP> eMule 09/09/2006 18:59 <REP> EPSON 10/09/2006 11:46 <REP> ewido anti-spyware 4.0 10/09/2006 00:00 <REP> Fichiers communs 07/09/2006 23:34 <REP> Free.fr 09/09/2006 22:47 <REP> Internet Explorer 09/09/2006 22:49 <REP> Lavasoft 09/09/2006 18:53 <REP> Logitech 10/09/2006 12:22 <REP> M-Audio 08/09/2006 00:20 <REP> Messenger 09/09/2006 22:47 <REP> MSN Messenger 08/09/2006 11:45 <REP> Nero 07/09/2006 23:22 <REP> NetMeeting 07/09/2006 23:28 <REP> Outlook Express 07/09/2006 23:23 <REP> Services en ligne 09/09/2006 20:49 <REP> Setup 09/09/2006 23:05 <REP> Spybot - Search & Destroy 09/09/2006 21:51 <REP> Steam 09/09/2006 12:49 <REP> utorrent 08/09/2006 11:32 <REP> VideoLAN 08/09/2006 17:00 <REP> Webteh 08/09/2006 00:31 <REP> Windows Media Player 07/09/2006 23:21 <REP> Windows NT 0 fichier(s) 0 octets 30 Rép(s) 142 072 332 288 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 700E-5EEF Répertoire de C:\Program Files\fichiers communs 10/09/2006 00:00 <REP> . 10/09/2006 00:00 <REP> .. 08/09/2006 11:47 <REP> Ahead 09/09/2006 18:59 <REP> EPSON 08/09/2006 14:08 <REP> InstallShield 09/09/2006 18:53 <REP> Logitech 08/09/2006 14:37 <REP> Microsoft Shared 07/09/2006 23:22 <REP> MSSoap 08/09/2006 01:17 <REP> ODBC 07/09/2006 23:22 <REP> Services 08/09/2006 01:17 <REP> SpeechEngines 07/09/2006 23:22 <REP> System 10/09/2006 00:00 <REP> {700E5EEF-0828-1036-0224-030312220021} 0 fichier(s) 0 octets 13 Rép(s) 142 072 332 288 octets libres c:\Documents and Settings\Senc\Bureau\PocketDivXEncoder_0.3.60.exe c:\Documents and Settings\Senc\Bureau\DiagHelp\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\Senc\Bureau\DiagHelp\diaghelp\Fport.exe c:\Documents and Settings\Senc\Bureau\DiagHelp\diaghelp\grep.exe c:\Documents and Settings\Senc\Bureau\DiagHelp\diaghelp\LFiles.exe c:\Documents and Settings\Senc\Bureau\DiagHelp\diaghelp\LISTDLLS.exe c:\Documents and Settings\Senc\Bureau\DiagHelp\diaghelp\pslist.exe c:\Documents and Settings\Senc\Bureau\DiagHelp\diaghelp\streams.exe c:\Documents and Settings\Senc\Local Settings\Temp\nerodeltmp.exe c:\Documents and Settings\Senc\Local Settings\Temp\bye1.tmp\Disk1\setup.exe c:\Documents and Settings\Senc\Local Settings\Temp\ins1.tmp\LDMClient.exe c:\Documents and Settings\Senc\Local Settings\Temp\NeroDemo10227\SetupX.exe c:\Documents and Settings\Senc\Local Settings\Temp\NeroDemo10227\Redist\50comupd.exe c:\Documents and Settings\Senc\Local Settings\Temp\NeroDemo10227\Redist\instmsia.exe c:\Documents and Settings\Senc\Local Settings\Temp\NeroDemo10227\Redist\instmsiw.exe c:\Documents and Settings\Senc\Local Settings\Temp\NeroDemo10227\Redist\ShFolder.Exe c:\Documents and Settings\Senc\Local Settings\Temp\NeroDemo10227\Setup\NeroDelTmp.exe c:\Documents and Settings\Senc\Local Settings\Temp\NeroDemo10227\Setup\UninstallNero.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\DeltaInst.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\deltapnl.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\DeltaUninst.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\DeltaUninstaller.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\DeltTray.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\dma.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\Q813347_WXP_SP2_x86_ENU.exe c:\Documents and Settings\Senc\Local Settings\Temp\{0211D016-452D-4EB0-BF07-751FE7FAFA28}\{A4810699-E859-43A6-8F40-1743873E72AB}\Revo_SD.exe c:\Documents and Settings\Senc\Local Settings\Temporary Internet Files\Content.IE5\UJBRME9M\Delta_WDM_5%2e10%2e0%2e5051[1].exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Senc\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
  11. Je vient de désinstaller antivir pour faire l'analyse avec hijackthis
  12. Salut, voilà le rapport, merci Logfile of HijackThis v1.99.1 Scan saved at 11:52:01, on 10/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\DeltTray.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\lclock.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Progz\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
  13. merci pour la réponse, sinan la je vient d'essayer chacune des barretes en les méttant une par une ,il y en une qui à l'ere malade, le pc voulais pas démarrer, la sinan je suis avec l'autre et ça m'a l'ere d'etre bon pour le moment, on vérra bien...
  14. Slt, voila mon pc fait que des ecran bleu, j'ai formater mon pc, réeinstaller windows, je me suis ca allais etre bon, mais rien. Voila tous les ecran bleu que j'ai : Win32k.sys page_fault_in_MONPAGE_AERA AddressBF 89F007 base at BF80000,DateStamp 422511a2 DEREF_UNKOWN_logon_SESSION IRQL_NOT_LESS_OR_EQUAL et d'autre que je oublier de noter Mon pc parait fluide et d'un coup bloquage, ecran bleu, ca peut etre un virus ? ou c'est ma carte mere qui est malade ou mon disque dur, je comprend pas Si quelqu'un pouvais m'aider merci
  15. Koma

    Probleme avec utorrent

    Salut, je suis chez free, mon modem est en mode routeur. Je démarre utorrent, le nat est vert, la vitesse monte bien, mais au bout de quelques minutes la connections se coupe. Pourtant avant sa marchais, je comprend pas Quelqu'un en connais la cause ? merci
  16. merci de ton aide
  17. Slt, mon pc a tendance a être lent merci Logfile of HijackThis v1.99.1 Scan saved at 11:52:59, on 17/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\DeltTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\Program Files\Softwin\BitDefender9\bdnagent.exe C:\Program Files\Softwin\BitDefender9\bdswitch.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\lclock.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CD0199DD-6A5D-4482-8112-266593056F50}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{D27D8458-BFE6-4379-AF4C-5BC27F1B4FAD}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe (file missing) O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Unknown owner - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  18. Koma

    Probleme écran bleu

    ok merci meme si j'ai essayé leurs truc c'est toujours pareil, le pire c'est que je peux meme pas aller dans l'invite de commandes pendant le démarrage du pc
  19. Koma

    Probleme écran bleu

    salut, j'ai un probleme avec mon disque dure "Maxtor Diamon max 10 160go ide pata133" que j'ai mis en master , en faite il marchais tres bien quand je l'ai acheté et ça fait pas trop longtemps, bref d'un coup le pc c'est éteint... alors quand j'essaye de le redémarrer, j'entend le petit bip de la carte mere et il charge windows pendant quelques seconde avec la barre de chargement mais apres j'ai un écran bleu avec écrit : UNMOUTABLE_BOOT_VOLUME Stop : 0x000000..ED (0X86759E80 0X000000..6, 0x000000... 0x0000...) sachant que j'ai un 2eme disque dure samsung 160go ide qui est aussi en master, mais je ne branchais plus, parce qu'il a tendance à bloquer il rame à mort pas moyen de démarrer un jeu, il est pratiquement mort quoi, j'entend les cluster qui vont lacher , bref il marche quand meme avec les meme branchement que le maxtor... quelqu'un peux m'aider svp ??!! Merci d'avance.
  20. Slt, j'ai pas trouver ce fichier, ewido me detecte toujours la meme chose
  21. ewido il refait la meme chose SmitFraudFix v2.75b Rapport fait à 19:58:17,78, 25/07/2006 Executé à partir de C:\progz et logiciel\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{0c7416f0-dd23-420f-97f5-aae352ea2bf1}"="glochid" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "cholecyst"="{ee2975b6-e8d5-405e-8448-8fe9590f6cfb}" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\DOCUME~1\SENC\Favoris\Antivirus Test Online.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  22. à chaque demarage de mon pc ewido me marque fichier infecté trouvé: fichier: atmclk.exe chemin: C:\WINDOWS\system32 infection: Trojan.Small SmitFraudFix v2.75b Rapport fait à 16:34:23,39, 25/07/2006 Executé à partir de C:\progz et logiciel\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\SENC\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SENC\Favoris C:\DOCUME~1\SENC\Favoris\Antivirus Test Online.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{0c7416f0-dd23-420f-97f5-aae352ea2bf1}"="glochid" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "cholecyst"="{ee2975b6-e8d5-405e-8448-8fe9590f6cfb}" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  23. c'est bon ca marche merci SmitFraudFix v2.75b Rapport fait à 13:54:32,71, 25/07/2006 Executé à partir de C:\progz et logiciel\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{0c7416f0-dd23-420f-97f5-aae352ea2bf1}"="glochid" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "cholecyst"="{ee2975b6-e8d5-405e-8448-8fe9590f6cfb}" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\Program Files\SpyQuake2.com\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Logfile of HijackThis v1.99.1 Scan saved at 13:59:29, on 25/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\DeltTray.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\PROGRA~1\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\lclock.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\MOZILLA FIREFOX\FIREFOX.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\progz et logiciel\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\system32\hp100.tmp (file missing) O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\softwin\bitdefender9\bdswitch.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003 O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002 O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000 O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{02C01726-D363-4354-861C-1B9701AE4758}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{05804A3B-61F3-4B29-A093-F4CA8411095A}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{05B4A754-841D-4C74-B5E6-923AF0DBC8C2}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{51E57D41-79AF-4D34-9E20-E115222CD390}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing) O21 - SSODL: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - (no file) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
  24. Peut etre que ca deconne en mode sans echec SmitFraudFix v2.75b Rapport fait à 22:02:05,04, 24/07/2006 Executé à partir de C:\progz et logiciel\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\SENC\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SENC\Favoris C:\DOCUME~1\SENC\Favoris\Antivirus Test Online.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\SpyQuake2.com\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{0c7416f0-dd23-420f-97f5-aae352ea2bf1}"="glochid" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "cholecyst"="{ee2975b6-e8d5-405e-8448-8fe9590f6cfb}" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  25. j'ai ressayer plusieur fois, je retelecharger, ca me fait toujours la meme chose, en faite quand je demarre en mode sans echec le fond d'ecran est noir, il y a des raccourcis sur le bureau. Je demarre smitfraudfix, je tape 2 et entrée, ca charge des truc d'un coup la fenetre ce ferme et les raccourcis disparaissent du bureau sinon voila le raport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 21:34:52, on 24/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\DeltTray.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\PROGRA~1\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\lclock.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\progz et logiciel\hijackthis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\system32\hp100.tmp (file missing) O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\softwin\bitdefender9\bdswitch.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003 O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002 O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000 O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{02C01726-D363-4354-861C-1B9701AE4758}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{05804A3B-61F3-4B29-A093-F4CA8411095A}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{05B4A754-841D-4C74-B5E6-923AF0DBC8C2}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{51E57D41-79AF-4D34-9E20-E115222CD390}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing) O21 - SSODL: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - (no file) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
×
×
  • Créer...