Aller au contenu

babar91

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    37

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par babar91

  1. babar91
    jv 16 a trouvé tout ca jv16 PowerTools 1.3 - Chercheur de Registre [ Racine, Clé, Entrée, Valeur, Modifié le ] HKEY_USERS, .DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, .DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com HKEY_USERS, .DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, .DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com HKEY_USERS, S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com HKEY_USERS, S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com HKEY_USERS, S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com HKEY_USERS, S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com HKEY_USERS, S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com HKEY_USERS, S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com HKEY_USERS, S-1-5-21-1644491937-1482476501-839522115-1003\Software\ahead\Nero - Burning ROM\Browser, ShowPureUpperNamesInDownCases, N/A, 13.11.2004, 07:06, S-1-5-21-1644491937-1482476501-839522115-1003\Software\ahead\Nero - Burning ROM\Browser HKEY_USERS, S-1-5-21-1644491937-1482476501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-21-1644491937-1482476501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com HKEY_USERS, S-1-5-21-1644491937-1482476501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, S-1-5-21-1644491937-1482476501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sidefind.com HKEY_LOCAL_MACHINE, SOFTWARE\Ahead\Nero - Burning ROM\Browser, ShowPureUpperNamesInDownCases, N/A, 13.11.2004, 07:06, SOFTWARE\Ahead\Nero - Burning ROM\Browser HKEY_LOCAL_MACHINE, SOFTWARE\Classes\CCListBar.ListBar\Clsid, {CLE}, {CLE}, 09.04.2006, 13:57, SOFTWARE\Classes\CCListBar.ListBar\Clsid HKEY_LOCAL_MACHINE, SOFTWARE\Classes\CCListBar.ListBar, @, CCListBar.ListBar, 09.04.2006, 13:57, SOFTWARE\Classes\CCListBar.ListBar HKEY_LOCAL_MACHINE, SOFTWARE\Classes\CCListBar.ListBar, {CLE}, {CLE}, 09.04.2006, 13:57, SOFTWARE\Classes\CCListBar.ListBar HKEY_LOCAL_MACHINE, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF}\InprocServer32, @, D:\CCleaner\CCListBar.ocx, 08.08.2005, 16:38, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF}\InprocServer32 HKEY_LOCAL_MACHINE, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF}\ProgID, @, CCListBar.ListBar, 08.08.2005, 16:38, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF}\ProgID HKEY_LOCAL_MACHINE, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF}\ToolboxBitmap32, @, D:\CCleaner\CCListBar.ocx, 30000, 08.08.2005, 16:38, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF}\ToolboxBitmap32 HKEY_LOCAL_MACHINE, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF}, @, CCListBar.ListBar, 08.08.2005, 16:38, SOFTWARE\Classes\CLSID\{4813D02C-2D62-418E-A62D-46DB093202CF} HKEY_LOCAL_MACHINE, SOFTWARE\Classes\Interface\{124ED4B2-DB16-417C-BDB6-2D32AA2BE4F0}, @, ListBar, 09.04.2006, 13:57, SOFTWARE\Classes\Interface\{124ED4B2-DB16-417C-BDB6-2D32AA2BE4F0} HKEY_LOCAL_MACHINE, SOFTWARE\Classes\Interface\{17848AC1-9647-4F78-818C-26C0ED4FD000}, @, ListBar, 08.08.2005, 16:38, SOFTWARE\Classes\Interface\{17848AC1-9647-4F78-818C-26C0ED4FD000} HKEY_LOCAL_MACHINE, SOFTWARE\Classes\Interface\{46F147F4-FBB9-44DE-8942-3B3B42D84945}, @, ListBar, 08.08.2005, 16:38, SOFTWARE\Classes\Interface\{46F147F4-FBB9-44DE-8942-3B3B42D84945} HKEY_LOCAL_MACHINE, SOFTWARE\Classes\Interface\{543205F2-3AD7-4B6C-BE86-D6FB81EB52DB}, @, ListBar, 08.08.2005, 16:38, SOFTWARE\Classes\Interface\{543205F2-3AD7-4B6C-BE86-D6FB81EB52DB} HKEY_LOCAL_MACHINE, SOFTWARE\Classes\Interface\{95F138DF-186F-4837-952A-C030030AECD0}, @, ListBar, 08.08.2005, 16:38, SOFTWARE\Classes\Interface\{95F138DF-186F-4837-952A-C030030AECD0} HKEY_LOCAL_MACHINE, SOFTWARE\Classes\Interface\{D0DD2821-4DB7-4799-B18E-875C592A07CD}, @, ListBar, 09.04.2006, 13:57, SOFTWARE\Classes\Interface\{D0DD2821-4DB7-4799-B18E-875C592A07CD} HKEY_LOCAL_MACHINE, SOFTWARE\Classes\TypeLib\{22B9829C-7E92-4259-BDFF-4DDDBFBF01C5}\1.1\0\win32, @, D:\CCleaner\CCListBar.ocx, 08.08.2005, 16:38, SOFTWARE\Classes\TypeLib\{22B9829C-7E92-4259-BDFF-4DDDBFBF01C5}\1.1\0\win32 HKEY_LOCAL_MACHINE, SOFTWARE\Classes\TypeLib\{22B9829C-7E92-4259-BDFF-4DDDBFBF01C5}\1.1, @, CCListBar, 08.08.2005, 16:38, SOFTWARE\Classes\TypeLib\{22B9829C-7E92-4259-BDFF-4DDDBFBF01C5}\1.1 HKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com, {CLE}, {CLE}, 21.04.2006, 14:39, SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\sidefind.com j'ai je ferais le scan demain bonne nuit les petits faitent de beau rèves
  2. babar91
    encore moi j'ai regardé le fichier > Iesearch.exe < il fait 8.95 Go f3pssavr.scr c'est un écran de veille je l'ai viré pour le reste j'attend des nouvelles merci et bonne nuit
  3. babar91
    c'est dentesque Incident Statut Analyse Outil indésirable:application/mywebsearch No Désinfecté c:\windows\system32\f3pssavr.scr Adware:adware/ilookup No Désinfecté c:\program files\internet explorer\Iesearch.exe Outil indésirable:application/funweb No Désinfecté hkey_local_machine\software\FunWebProducts Adware:adware/diytoolbar No Désinfecté Registre Windows Adware:adware/ist.istbar No Désinfecté Registre Windows Adware:adware/ncase No Désinfecté Registre Windows Adware:adware/ist.sidefind No Désinfecté Registre Windows Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt[.xiti.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@xiti[1].txt Virus Eventuel. No Désinfecté D:\ATF-cleaner\ATF-Cleaner.exe Virus Eventuel. No Désinfecté R:\Alcoho.rar[setup.msi][unk_0046] Virus Eventuel. No Désinfecté R:\ATF-Cleaner.exe mais d'ou ça sort tout ca j'ai viré les points de réstaurations je pense qu'il faut aussi virer la sauvegarde ghost c'est plus sur bon je vais finir de voir le championnat du monde de snooker a sheffield @ +
  4. babar91
    bonjour c'est fait mais j'ai fait une erreur j'ai tout viré Webcamfirst est un logiciel pour webCam sinon a part le clavier ça roule pour mémoire la touche caps lock fait office de touche windows donc je peu pas frapper en majuscule a plus tard
  5. babar91
    1 To a scaner C'est long voila ça donne ça Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt[.xiti.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@xiti[1].txt Adware:Adware/Lop No Désinfecté C:\Documents and Settings\Jean-Pierre\Menu Démarrer\Programmes\Nettoyage\new_uninstall.exe Adware:Adware/Trebuh No Désinfecté C:\RECYCLER\NPROTECT\00273479.exe Virus Eventuel. No Désinfecté C:\WINDOWS\system32\dmzva.exe Virus Eventuel. No Désinfecté D:\ATF-cleaner\ATF-Cleaner.exe Outil indésirable:Application/FunWeb No Désinfecté D:\Hijackthis\backups\backup-20060423-185244-671.inf Virus Eventuel. No Désinfecté D:\Webcamfirst\webcamfirst.exe
  6. babar91
    Bonsoir --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 00:20:44, 24/04/2006 + Somme de contrôle: BABB8F6D + Résultats du scan: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll -> Adware.ISTBar : Nettoyer et sauvegarder HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Adware.InternetOptimizer : Nettoyer et sauvegarder HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT -> Adware.NaviSearch : Nettoyer et sauvegarder :mozilla.13:C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder :mozilla.14:C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.15:C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.16:C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\WINDOWS\system32\csopg.exe -> Downloader.Agent.uj : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 23:43:20, on 23/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\DVDRAMSV.exe D:\ewido anti-malware\ewidoctrl.exe D:\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe D:\Wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Anvshell.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe D:\ASUSTek\ASUSDVD\PDVDServ.exe C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe D:\Winpooch\Winpooch.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe C:\WINDOWS\system32\RAMASST.exe D:\Change Ecran\Change Ecran.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe D:\HotKeys\HotKeys.exe D:\MB Softs\MB Clock\mbclock.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE C:\WINDOWS\system32\cidaemon.exe D:\eMule\emule.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Onfolio Helper - {ba727652-f90e-4d82-9ce4-98766dffc375} - C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfoliox.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\STARDO~1\SDIEInt.dll O3 - Toolbar: Onfolio - {1fea1109-9f65-4fdc-aec5-033f6cc60641} - mscoree.dll (file missing) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - D:\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [OnfolioStorage] "C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe" nosignal O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] D:\ASUSTek\ASUSDVD\PDVDServ.exe O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Change Ecran.LNK = D:\Change Ecran\Change Ecran.exe O4 - Startup: HotKeys.lnk = ? O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: MSN Pictures Displayer.lnk = D:\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Capture &Image To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Capture &Page To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddLinkEntryFromDocument.html O8 - Extra context menu item: Capture &Snippet To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentSelection.html O8 - Extra context menu item: Capture &Target To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Chercher avec Copernic Agent - D:\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - file://C:\WINDOWS\web\nvcadre.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger avec Star Downloader - D:\Star Downloader\sdie.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Capture... - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra button: Onfolio - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Collection Explorer - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Downloads - {FA89F458-2DF1-494a-A66D-47BF7F04E713} - C:\WINDOWS\system32\Shdocvw.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ewido anti-malware\ewidoguard.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe c'est quoi ce truc > ctfmon.exe (3868) : Reg::SetValue (HKU\S-1-5-21-1644491937-1482476501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run, ctfmon.exe) -> rejected pour blacklight ya pas de case (x)scan though Windows Explorer ?? ya pas de txt non plus il a rien trouvé bon @ +
  7. babar91
    bon voila Logfile of HijackThis v1.99.1 Scan saved at 19:29:11, on 23/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Onfolio Helper - {ba727652-f90e-4d82-9ce4-98766dffc375} - C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfoliox.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\STARDO~1\SDIEInt.dll O3 - Toolbar: Onfolio - {1fea1109-9f65-4fdc-aec5-033f6cc60641} - mscoree.dll (file missing) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - D:\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [OnfolioStorage] "C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe" nosignal O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] D:\ASUSTek\ASUSDVD\PDVDServ.exe O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Change Ecran.LNK = D:\Change Ecran\Change Ecran.exe O4 - Startup: HotKeys.lnk = ? O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: MSN Pictures Displayer.lnk = D:\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Capture &Image To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Capture &Page To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddLinkEntryFromDocument.html O8 - Extra context menu item: Capture &Snippet To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentSelection.html O8 - Extra context menu item: Capture &Target To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Chercher avec Copernic Agent - D:\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - file://C:\WINDOWS\web\nvcadre.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger avec Star Downloader - D:\Star Downloader\sdie.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Capture... - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra button: Onfolio - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Collection Explorer - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Downloads - {FA89F458-2DF1-494a-A66D-47BF7F04E713} - C:\WINDOWS\system32\Shdocvw.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ewido anti-malware\ewidoguard.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe voila voila bonne soirée a lundi
  8. babar91
    re 4e Logfile of HijackThis v1.99.1 Scan saved at 14:35:27, on 23/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe D:\Wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Anvshell.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe D:\ASUSTek\ASUSDVD\PDVDServ.exe C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\kernels8.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe D:\Winpooch\Winpooch.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\RAMASST.exe D:\Change Ecran\Change Ecran.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe D:\HotKeys\HotKeys.exe D:\MB Softs\MB Clock\mbclock.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe D:\GetRight\GETRIGHT.EXE D:\GetRight\GETRIGHT.EXE D:\Mozilla\mozilla.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Onfolio Helper - {ba727652-f90e-4d82-9ce4-98766dffc375} - C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfoliox.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\STARDO~1\SDIEInt.dll O3 - Toolbar: Onfolio - {1fea1109-9f65-4fdc-aec5-033f6cc60641} - mscoree.dll (file missing) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - D:\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [OnfolioStorage] "C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe" nosignal O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] D:\ASUSTek\ASUSDVD\PDVDServ.exe O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\kernels8.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ActionScr] runload32.exe O4 - HKCU\..\Run: [Kargo] Uint32.exe O4 - HKCU\..\Run: [backd] clamav.exe O4 - Startup: Change Ecran.LNK = D:\Change Ecran\Change Ecran.exe O4 - Startup: HotKeys.lnk = ? O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: MSN Pictures Displayer.lnk = D:\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Capture &Image To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Capture &Page To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddLinkEntryFromDocument.html O8 - Extra context menu item: Capture &Snippet To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentSelection.html O8 - Extra context menu item: Capture &Target To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Chercher avec Copernic Agent - D:\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - file://C:\WINDOWS\web\nvcadre.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger avec Star Downloader - D:\Star Downloader\sdie.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Capture... - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra button: Onfolio - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Collection Explorer - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Downloads - {FA89F458-2DF1-494a-A66D-47BF7F04E713} - C:\WINDOWS\system32\Shdocvw.dll O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...etup1.0.0.8.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://G:\content\include\XPPatchInstaller.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5F05A225-0F66-43DE-89E4-6FFD589C4F01} (OC web Installer) - http://www.objectcube.com/dc5/aebn/files/o...CubeInstall.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1122828321359 O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe ya du mieux win doctor c'est exécuté tout seul sinon j'ai un vieux problème a résoudre quand j'appuis sur la touche caps loock elle a l'action de la touche windows se qui fait que je ne peu plus écrire en majuscule bon sinon vous etes génial merci a toi pour ton aide PS : pour les chocolats dit moi ou je les envois
  9. babar91
    3e édition bonjour Fixwareout ver 1.003 Last edited 04/09/2006 Post this report in the forums please Reg Entries that were deleted HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\xedocne HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\repiwoh HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\23plhps HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\mgcppp HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\tesvaf HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\32refaselif HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\avzmd HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\xedocne HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\gib_ogol HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwoh HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\llun HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\23plhps HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\mgcppp HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\tesvaf HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\32refaselif ... Microsoft ® Windows Script Host Version 5.6 Random Runs removed from HKLM "dmzva.exe"=- ... PLEASE NOTE, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. Example ipsec6.exe is lagitamate »»»»» Search by size and names... * csr.exe C:\WINDOWS\System32\CSOPG.EXE »»»»» Misc files »»»»» Checking for older varients covered by the Rem3 tool suite Logfile of HijackThis v1.99.1 Scan saved at 14:03:45, on 23/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe D:\Wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Anvshell.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe D:\ASUSTek\ASUSDVD\PDVDServ.exe C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\kernels8.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe D:\Winpooch\Winpooch.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\RAMASST.exe D:\Change Ecran\Change Ecran.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe D:\HotKeys\HotKeys.exe D:\MB Softs\MB Clock\mbclock.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\SDNTC.EXE C:\Program Files\Norton SystemWorks\Norton Utilities\WDSCAN.EXE D:\Hijackthis\HijackThis.exe C:\WINDOWS\system32\cidaemon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Onfolio Helper - {ba727652-f90e-4d82-9ce4-98766dffc375} - C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfoliox.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\STARDO~1\SDIEInt.dll O3 - Toolbar: Onfolio - {1fea1109-9f65-4fdc-aec5-033f6cc60641} - mscoree.dll (file missing) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - D:\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [OnfolioStorage] "C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe" nosignal O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] D:\ASUSTek\ASUSDVD\PDVDServ.exe O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\kernels8.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [bnui] porka_.exe O4 - HKLM\..\Run: [boundRec] ERTYDF.exe O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ActionScr] runload32.exe O4 - HKCU\..\Run: [Kargo] Uint32.exe O4 - HKCU\..\Run: [backd] clamav.exe O4 - Startup: Change Ecran.LNK = D:\Change Ecran\Change Ecran.exe O4 - Startup: HotKeys.lnk = ? O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: MSN Pictures Displayer.lnk = D:\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Capture &Image To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Capture &Page To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddLinkEntryFromDocument.html O8 - Extra context menu item: Capture &Snippet To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentSelection.html O8 - Extra context menu item: Capture &Target To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Chercher avec Copernic Agent - D:\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - file://C:\WINDOWS\web\nvcadre.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger avec Star Downloader - D:\Star Downloader\sdie.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Capture... - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra button: Onfolio - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Collection Explorer - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Downloads - {FA89F458-2DF1-494a-A66D-47BF7F04E713} - C:\WINDOWS\system32\Shdocvw.dll O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...etup1.0.0.8.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://G:\content\include\XPPatchInstaller.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5F05A225-0F66-43DE-89E4-6FFD589C4F01} (OC web Installer) - http://www.objectcube.com/dc5/aebn/files/o...CubeInstall.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1122828321359 O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{30C6946C-45EC-43AE-A2CB-7F98C467FF0F}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{6E8D2A18-EE09-44BA-9C6B-8846EBCB8C8C}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{B3CE9BC5-874D-45F3-9AC9-DAC5C25C1426}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{BBD9C008-4DF4-4843-88B3-4E2C8DC40766}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{CEC19058-8439-430B-8F58-E7F840FA9C33}: NameServer = 85.255.114.52,85.255.112.12 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe qui dit mieux merci beaucoup mais quand comprend l'anglais c'est plus facile @ +
  10. babar91
  11. babar91
    :love:merci beaucoup je mi attelle tout de suite
  12. babar91
    [ résolu ] Logfile of HijackThis v1.99.1 Scan saved at 11:48:00, on 22/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Anvshell.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe D:\ASUSTek\ASUSDVD\PDVDServ.exe C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\kernels8.exe C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\RAMASST.exe D:\Change Ecran\Change Ecran.exe C:\WINDOWS\system32\wdfmgr.exe D:\Wamp\mysql\bin\mysqld-nt.exe D:\HotKeys\HotKeys.exe D:\MB Softs\MB Clock\mbclock.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\cidaemon.exe D:\Winpooch\Winpooch.exe C:\WINDOWS\explorer.exe D:\Mozilla\mozilla.exe C:\Program Files\MSN Messenger\msnmsgr.exe D:\GetRight\getright.exe D:\GetRight\getright.exe C:\Program Files\Messenger\msmsgs.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing) O2 - BHO: Onfolio Helper - {ba727652-f90e-4d82-9ce4-98766dffc375} - C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfoliox.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\STARDO~1\SDIEInt.dll O3 - Toolbar: Onfolio - {1fea1109-9f65-4fdc-aec5-033f6cc60641} - mscoree.dll (file missing) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing) O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - D:\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [OnfolioStorage] "C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe" nosignal O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] D:\ASUSTek\ASUSDVD\PDVDServ.exe O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\kernels8.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [bnui] porka_.exe O4 - HKLM\..\Run: [boundRec] ERTYDF.exe O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ActionScr] runload32.exe O4 - HKCU\..\Run: [Kargo] Uint32.exe O4 - HKCU\..\Run: [backd] clamav.exe O4 - Startup: Change Ecran.LNK = D:\Change Ecran\Change Ecran.exe O4 - Startup: HotKeys.lnk = ? O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: MSN Pictures Displayer.lnk = D:\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Capture &Image To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Capture &Page To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddLinkEntryFromDocument.html O8 - Extra context menu item: Capture &Snippet To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentSelection.html O8 - Extra context menu item: Capture &Target To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Chercher avec Copernic Agent - D:\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - file://C:\WINDOWS\web\nvcadre.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger avec Star Downloader - D:\Star Downloader\sdie.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Capture... - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra button: Onfolio - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Collection Explorer - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Downloads - {FA89F458-2DF1-494a-A66D-47BF7F04E713} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...etup1.0.0.8.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://G:\content\include\XPPatchInstaller.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5F05A225-0F66-43DE-89E4-6FFD589C4F01} (OC web Installer) - http://www.objectcube.com/dc5/aebn/files/o...CubeInstall.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1122828321359 O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{30C6946C-45EC-43AE-A2CB-7F98C467FF0F}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{6E8D2A18-EE09-44BA-9C6B-8846EBCB8C8C}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{B3CE9BC5-874D-45F3-9AC9-DAC5C25C1426}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{BBD9C008-4DF4-4843-88B3-4E2C8DC40766}: NameServer = 85.255.114.52,85.255.112.12 O17 - HKLM\System\CCS\Services\Tcpip\..\{CEC19058-8439-430B-8F58-E7F840FA9C33}: NameServer = 85.255.114.52,85.255.112.12 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe avec ad-Aware j'ai trouvé ca > Fournisseur:Adware.Toolband Catégorie :Malware Type d'objet :Fichier Taille :155648 Bytes Emplacement :C:\...\RP733\A0171024.dll Der. activité :22-04-2006 09:56:20 Niveau de risque :Faible Index TAC :3 Comm. : Description:a browser helper object, adds a tool bar on windows explorer and Internet Explorer
×
×
  • Créer...