Canon560
-
Compteur de contenus
69 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Canon560
-
[Résolu] Infection de Virus ?
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
P.S: Je pense continuer la manipulation plus tard (en passant tout mes antivirus je n'ai rien trouvé de spécial) donc je vais attendre 3-4 jours et si j'en retrouve je vous ferais signe! Si je n'en ai plus je metterais ce sujet comme résolu!Merci deja pour votre aide que vous m'avez apporté jusqu'ici! -
[Résolu] Infection de Virus ?
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Petite chose pour la manip msn plus c'est pas la peine le fichier la c'était le reste de mon ancien programme. J'ai mis Msn plus live et je n'ai PAS pris le sponsor donc je pense que ce serait inutile de le faire ;=). Une autre question quels chiffres dois-je entrer dans lopremover? -
[Résolu] Infection de Virus ?
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Avast me dit que lopremover un virus... Comment faire?Et backlight ne fontcionne pas (Regarde la capture du message précédent!!!) -
[Résolu] Infection de Virus ?
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
J'ai dù me tromper j'ai vu une methode ce matin...Il s'est peut etre trompé... donc j'ai toujours ces fameuses publicités... que faire? -
[Résolu] Infection de Virus ?
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
En réponse à Regis 56: Bonjour! Voici mon rapport AVG: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 21:19:59 03/07/2007 + Résultat de l'analyse: Rien à signaler. Fin du rapport Backlight en revanche ne fonctionne pas donc il me sera impossible de te donner un rapport de celui ci. Voici la capture de ce qu'il me dit: En réponse a malekal: Bonjour Je vais me lancer dans ta procédure. Je vais fixer tout de suite les lignes que tu m'a demandées et je vias te renvoyer un rapport qui sera dans ce message. Je ferais la suite de la procédure ce soir ( le collège c'est pénible ) En réponse à Regis56 et malekal: Voici mon rapport d'analyse HijackThis (bah ca c'est la meilleure y'a meme pu les lignes que tu m'a montrées) Mais par contre je crois avoir repérée une ligne suspecte je te la mettrai en rouge sur ce rapport Logfile of HijackThis v1.99.1 Scan saved at 06:48:08, on 03/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Steganos Trace Destructor 6.5\itd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\InterVideo\WinDVR\WinScheduler.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tele2internet.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.tele2internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Aim Knob Internet Move] C:\Documents and Settings\All Users\Application Data\Meow new aim knob\RegsStupid.exe O4 - HKCU\..\Run: [iTD65_ITD] "C:\Program Files\Steganos Trace Destructor 6.5\itd.exe" /booting O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [mpeg keep] C:\DOCUME~1\PC\APPLIC~1\slowidol\Compblue.exe O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1131789185968 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\WINDOWS\System32\x10nets.exe (file missing) P.S: La ligne en rouge me paraît vraiment bizarre le dossier existe bien et a été crée entre le 2 et le 3 mars. J'ai aussi supprimé de moi même plusieurs dossiers tels que BitDownload alors que je ne download pas en torrent ect... -
[Résolu] Infection de Virus ?
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Oui il est Apparu je vais te mettre aussi celui de Findlop: Pour Findlop: [TRACE] Enumerating jobs and queues [TRACE] Activating job 'AAFC5B749187CFB0.job' [TRACE] Printing all job properties ApplicationName: 'c:\docume~1\pc\applic~1\slowidol\InfoCreativeCast.exe' Parameters: '' WorkingDirectory: '' Comment: '' Creator: 'PC' Priority: NORMAL MaxRunTime: 259200000 (3d 0:00:00) IdleWait: 10 IdleDeadline: 60 MostRecentRun: 03/06/2007 20:00:00 NextRun: 03/07/2007 20:00:00 StartError: 0x80070002 ExitCode: 0 Status: SCHED_S_TASK_READY ScheduledWorkItem Flags: DeleteWhenDone = 0 Suspend = 0 StartOnlyIfIdle = 0 KillOnIdleEnd = 0 RestartOnIdleResume = 0 DontStartIfOnBatteries = 0 KillIfGoingOnBatteries = 0 RunOnlyIfLoggedOn = 1 SystemRequired = 0 Hidden = 1 TaskFlags: 0 1 Trigger Trigger 0: Type: Daily DaysInterval: 1 StartDate: 06/18/2000 EndDate: 00/00/0000 StartTime: 00:00 MinutesDuration: 1440 MinutesInterval: 60 Flags: HasEndDate = 0 KillAtDuration = 0 Disabled = 0 Et Pour Lfiles: C:\Documents and Settings\PC\applic~1\ACAMPREF\wacam.ini -->12/24/2006 15:40:45 C:\Documents and Settings\PC\applic~1\ACAMPREF\InvTable.cfg -->08/21/2006 09:34:48 C:\Documents and Settings\PC\applic~1\MSN6\msndata009.dat -->01/23/2007 20:29:15 C:\Documents and Settings\PC\applic~1\MSN6\msndata008.dat -->03/06/2006 17:02:17 C:\Documents and Settings\PC\applic~1\MSN6\msndata007.dat -->08/03/2005 20:05:02 C:\Documents and Settings\PC\applic~1\MSN6\msndata006.dat -->08/02/2005 21:46:33 C:\Documents and Settings\PC\applic~1\MSN6\msndata005.dat -->08/01/2005 20:10:53 C:\Documents and Settings\PC\applic~1\MSN6\msndata004.dat -->06/29/2005 19:24:27 C:\Documents and Settings\PC\applic~1\MSN6\msndata.dat -->02/19/2005 08:55:24 C:\Documents and Settings\PC\applic~1\MSN6\msndata003.dat -->12/26/2004 22:03:29 C:\Documents and Settings\PC\applic~1\MSN6\msndata002.dat -->01/14/2004 12:49:08 C:\Documents and Settings\PC\applic~1\MSN6\msndata001.dat -->01/04/2004 19:01:53 C:\Documents and Settings\PC\applic~1\Template\Normal.wpt -->08/03/2000 18:36:58 C:\Documents and Settings\PC\applic~1\$_hpcst$.hpc -->12/24/2006 16:38:32 C:\Documents and Settings\PC\applic~1\dm.ini -->04/26/2006 18:55:59 C:\Documents and Settings\PC\applic~1\AdobeDLM.log -->04/26/2006 18:55:59 C:\Documents and Settings\PC\applic~1\desktop.ini -->09/30/2002 12:55:18 Voila tout je vais continuer la suite de ta procédure! Et merci encore!(En esperant que ca réusisse ) P.S: Ton lien AVG ne marche pas... Aurai tu un autre lien stp? -
[Résolu] Infection de Virus ?
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Salut! Merci de ta réponse aussi rapide. Je voudrais savoir si c'est normal que Lfiles me marque Erreur d'execution 9 'indices en dehors de la plage"? Merci de me repondre Stp -
Bonjour! Voila j'ai un GROS problème. Depuis quelques jours, j'ai sans arrêt des publicités alors qu'avant je n'en avait jamais (Grâce a ma barre Google). C'est venu comme ca et je n'en trouve pas la cause par mes propres moyens. Merci de m'aider S.V.P Voici le resultat de mon analyse HjackThis: Logfile of HijackThis v1.99.1 Scan saved at 18:15:03, on 03/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Steganos Trace Destructor 6.5\itd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\InterVideo\WinDVR\WinScheduler.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tele2internet.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.tele2internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Aim Knob Internet Move] C:\Documents and Settings\All Users\Application Data\Meow new aim knob\RegsStupid.exe O4 - HKCU\..\Run: [iTD65_ITD] "C:\Program Files\Steganos Trace Destructor 6.5\itd.exe" /booting O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [mpeg keep] C:\DOCUME~1\PC\APPLIC~1\slowidol\Compblue.exe O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1131789185968 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\WINDOWS\System32\x10nets.exe (file missing) P.S: Je précise que le nom de ces pubs est CiD et j'ai retrouvé dans mon ajout suppression de programmes CiD Help (j'ai tenté de le desinstaller mais il m'a dit qu'il ne pouvait pas et il m'a demander si je voulais le supprimer de l'ajout supression de programmes) et il m'est impossible de mettre la main dessus. En esperant avoir une réponse rapide. @++++ et merci d'avance
-
Virus inconnu bloquant le démarrage de Windows
Canon560 a posté un sujet dans Analyses et éradication malwares
Bonjour je ne sait pas si j'ai posté ce sujet sur la bonne section mais bon,voila j'ai un ami qui a son ordi de bloqué. Lorsque je démarre le PC il reste sous DOS (enfin je pense, l'écran reste noir) et il me met un trait ( _ celui la). Je pense qu'il a du avoir une virus dangereux. Y'a t-il un moyen de la faire demmarer en mode sans echec ou autre chose? J'espere avoir de l'aide rapidement. Merci d'avance. -
Bonjour, Moi aussi j'ai eu affaire a un nail.exe mais moi je m'en suis debarrassé avec tuneup utilities sur l'analyse en ligne.
-
Bonjour, J'ai deja tenté de faire une restauration système mais cela n'a rien donné. Merci quand même.
-
Personne n'a t-il une idée?
-
Voila, j'ai un pc avec windows xp service pack 2 et depuis un mois, lorsque je clique avec le bouton droit dans un espace vide du breau il planteet ne revient pas a windows. Le plus etrange, c'est que lorsque j'appuie sur une icone du bureau avec ce bouton il fonctionne. Quelqu'un peut-il m'aider a résoudre ce problème?
-
Problème pc urgent!
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Quelqu'un peut-il m'aider??? -
Problème pc urgent!
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Re! Voici mon rapport kaspersky. Comment fait-on pour les supprimer car je peux les cocher mais je n'arrive pas a les supprimer. Voici le rapport: ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER - RAPPORT samedi 8 juillet 2006 16:54:29 Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Version de Kaspersky On-line Scanner: 5.0.78.0 Dernière mise à jour de la base antivirus Kaspersky : 8/07/2006 Enregistrements dans la base antivirus Kaspersky : 205821 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: étendue Analyser les archives: vrai Analyser les bases de messagerie.: vrai Cible de l'analyse - Poste de travail: A:\ C:\ D:\ E:\ F:\ G:\ Statistiques de l'analyse: Total d'objets analysés :: 93045 Nombre de virus trouvés: 4 Nombre d'objets infectés: 6 Nombre d'objets suspects: 0 Durée de l'analyse: 01:50:31 Nom de l'objet infecté / Nom du virus / Dernière action C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP8\A0001393.dll Infecté: not-a-virus:Porn-Dialer.Win32.CDUpdater ignoré C:\WINDOWS\system32\70tovmto.ini Infecté: not-a-virus:AdWare.Win32.Sahat.ao ignoré D:\install.exe/Num.exe Infecté: not-a-virus:Porn-Dialer.Win32.Generic ignoré D:\install.exe Gentee: infecté - 1 ignoré G:\folder.htt Infecté: Virus.VBS.Saraci ignoré G:\FOUND.000\FILE0000.CHK Infecté: Virus.VBS.Saraci ignoré Analyse terminée. -
Problème pc urgent!
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
D'accord je vais m'y mettre! -
Problème pc urgent!
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Merci beaucoup. Mais le "virus" que j'ai sur mon pc y est encore. Pendant que je suis sur mon ordinateur, une fenêtre s'affiche et me demande d'aller sur leur site pour regler le problème mais je sais que ca ne vient pas de windows. Que faire pour cela? -
Problème pc urgent!
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Bonsoir ou Bonjour. Voici les rapports après la procedure: Logfile of HijackThis v1.99.1 Scan saved at 22:51:40, on 07/07/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Steganos Internet Trace Destructor 7\ITD7.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\Propriétaire\Mes documents\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr8.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr8.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/startpage/adsl/fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr8.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr8.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr8.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [showShifter TVTV EPG Daemon] "C:\Program Files\Home Media Networks Limited\ShowShifter\TVTVD.exe" O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [iTD7] "C:\Program Files\Steganos Internet Trace Destructor 7\ITD7.exe" -boot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Et voici le rapport antivir: Creation date of the report file: vendredi 7 juillet 2006 20:51 AntiVir®/XP (2000 + NT) PersonalEdition Classic Build 1114 of 04.11.2005 Mainprogram 6.32.00.51 of 03.11.2005 VDF file 6.33.1.5 (0) of 18.02.2006 This program is for PERSONAL USE only. Any other use is PROHIBITED. Informations regarding commercial versions of AntiVir may be obtained from: www.hbedv.com. Scanning for 316650 virus strains and unwanted programs. Licensed for: Serial number: 0000149991-WURGE-0001 Please enter the workstation and contact name with phone number in this form: Name ___________________________________________ Street ___________________________________________ Town ___________________________________________ Phone/Fax ___________________________________________ Email ___________________________________________ Platform: Windows NT Workstation Windows version: 5.1 Build 2600 (Service Pack 1) Username: Administrateur Processor: Pentium Working memory: 261488 KB free Version information: AVWIN.DLL : 6.32.00.51 561192 04.11.2005 07:50:54 AVEWIN32.DLL : 6.33.0.81 1012224 26.01.2006 12:29:12 AVGNT.EXE : 6.32.00.02 180327 03.11.2005 17:06:56 AVGUARD.EXE : 6.32.00.12 208424 03.11.2005 17:06:58 GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 10:24:12 AVGCMSG.DLL : 6.32.00.01 295029 03.11.2005 17:06:58 AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16 AVPACK32.DLL : 6.32.00.02 319528 03.11.2005 16:57:42 AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 17:10:20 AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 17:10:22 AVSched32.EXE : 6.32.00.01 110632 20.09.2005 14:16:26 AVSched32.DLL : 6.30.00.00 122880 01.02.2005 10:24:12 AVREG.DLL : 6.31.00.05 41000 07.09.2005 16:34:50 AVRep.DLL : 6.33.01.00 1687592 16.02.2006 15:11:54 INETUPD.EXE : 6.32.00.53 262203 04.11.2005 07:49:30 INETUPD.DLL : 6.32.00.53 143360 04.11.2005 07:49:30 CTL3D32.DLL : 2.31.000 27136 21.01.2003 17:09:00 MFC42.DLL : 6.00.8665.0 995383 21.01.2003 20:14:00 MSVCRT.DLL : 7.0.2600.1106 (xpsp1.020828-1920 MSVCRT.DLL : 7.0.2600.1106 323072 21.01.2003 17:01:00 CTL3DV2.DLL : 2.31.000 27632 07.08.1996 00:00:00 Configuration file: Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG Start path: C:\Program Files\AVPersonal Command line: /ah /bask /ns Start mode: Selected drives Mode of report file: [ ] Do not create report [X] Overwrite report [ ] Append new report Data in report file: [X] Infected files [ ] Infected files with paths [ ] All scanned files [ ] Full information Abridge report file: [ ] Abridge report file Warnings in report: [X] Access denied/file locked [X] Wrong file size in directory [X] Wrong creation time in directory [ ] COM file is too large [X] Invalid start address [X] Invalid EXE header [X] Possibly damaged Summary report: [X] Create summary report Output file: AVWIN.ACT Maximum number of entries: 100 Where to search: [X] Memory [X] Boot record of selected drives [ ] Report unknown boot sectors [ ] All files [X] Program files Extensions: .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP Response in case of a detection: [X] Repair with prompt [ ] Repair without prompt [ ] Delete with prompt [ ] Delete without prompt [ ] Write in report file only [X] Acoustic alarm Response in case of destroyed files: [X] Delete with prompt [ ] Delete without prompt [ ] Ignore Response in case of destroyed files: [X] No change [ ] Current system time [ ] Correct date Drag&drop settings: [X] Scan subdirectories Profile settings: [X] Scan subdirectories Archive options [X] Search archive [X] All archive types Miscellaneous options: Temporary path: %TEMP% -> C:\DOCUME~1\ADMINI~1.000\LOCALS~1\Temp [X] Overwrite infected files [ ] Detect idle time [X] Allow interruptions of scan [X] Load AVWin®/NT Guard on System start General settings: [X] Save options on exiting AntiVir Priority: medium Drives: A: Floppy drive C: Hard disk D: Hard disk E: CD-ROM F: CD-ROM G: Floppy drive Start of scan: vendredi 7 juillet 2006 20:51 Memory test OK Master boot record of hard disk HD0 OK Master boot record of hard disk HD1 The record could not be read! Error code: 0x0057 Boot record of drive C: OK Boot record of drive D: OK Drive: C: Volume ID: HP_PAVILION Serial No.: C0EC-2F5E Access denied! Error during file opening! Error code: 0x0002 C:\ WARNING! Access error/file locked! C:\8bd9d5554b5b20101dffa944 browseui.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! iecustom.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! inseng.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mshtml.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! shdocvw.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! shlwapi.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! spmsg.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! spuninst.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! urlmon.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! wininet.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! Error! Could not change directory: update C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys 04cbbba4e4480378990552037efb9728_c9799222-4636-4dd1-9ca0-f6967c3e434d Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! 3afad663a3bfff9ec4ec05f05ff3efe5_c9799222-4636-4dd1-9ca0-f6967c3e434d Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! 511a0f3f9e960fa97de3d0b74adfc574_c9799222-4636-4dd1-9ca0-f6967c3e434d Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ba988c226c241a2f799e20051456b4fe_c9799222-4636-4dd1-9ca0-f6967c3e434d Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery AlexaRelated.zip ArchiveType: ZIP NOTE! The whole archive is password protected CometCursors.zip ArchiveType: ZIP NOTE! The whole archive is password protected ConnectMFCApplication.zip ArchiveType: ZIP ConnectMFCApplication1.zip ArchiveType: ZIP ConnectMFCApplication2.zip ArchiveType: ZIP ConnectMFCApplication3.zip ArchiveType: ZIP ConnectMFCApplication4.zip ArchiveType: ZIP ConnectMFCApplication5.zip ArchiveType: ZIP RegistryCleaner.zip ArchiveType: ZIP NOTE! The whole archive is password protected RegistryCleaner1.zip ArchiveType: ZIP NOTE! The whole archive is password protected RegistryCleaner2.zip ArchiveType: ZIP NOTE! The whole archive is password protected RegistryCleaner3.zip ArchiveType: ZIP NOTE! The whole archive is password protected RegistryCleaner4.zip ArchiveType: ZIP NOTE! The whole archive is password protected RegistryCleaner5.zip ArchiveType: ZIP NOTE! The whole archive is password protected RegistryOptimizer.zip ArchiveType: ZIP NOTE! The whole archive is password protected C:\Documents and Settings\Propriétaire\Mes documents WMP_3.zip ArchiveType: ZIP C:\Program Files\WinRAR rarnew.dat ArchiveType: RAR NOTE! The archive is created by multiple volumes Error! Could not change directory: System Volume Information C:\WINDOWS Eve.dll [DETECTION] Contains signature of the dial-up program DIAL/62976.A.5 WAS DELETED! C:\WINDOWS\$NtUninstallKB824141$ user32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! win32k.sys Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB828035$ msgsvc.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! wkssvc.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB828741$ catsrv.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! catsrvut.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! clbcatex.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! clbcatq.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! colbact.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comadmin.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comrepl.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comsvcs.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! comuid.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! es.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! migregdb.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msdtcprx.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msdtctm.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msdtcuiu.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mtxclu.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mtxoci.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ole32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! rpcrt4.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! rpcss.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! txflog.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB835732$ callcont.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! gdi32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! h323.tsp Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! h323msp.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! helpctr.exe Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! ipnathlp.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! lsasrv.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mf3216.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msasn1.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msgina.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mst120.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! netapi32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! nmcom.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! rtcdll.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! schannel.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB837001$ dao360.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! expsrv.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msexch40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msexcl40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjet40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjetol1.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjetoledb40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjint40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjter40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msjtes40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msltus40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mspbde40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msrd2x40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msrd3x40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msrepl40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mstext40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mswdat10.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! mswstr10.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! msxbde40.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! vbajet32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallKB839645$ fldrclnr.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! shell32.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! shlwapi.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! sxs.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! xpsp2res.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! C:\WINDOWS\$NtUninstallQ828026$ msdxm.ocx Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! wmp.dll Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! Access denied! Error during file opening! Error code: 0x0002 C:\WINDOWS\system32 WARNING! Access error/file locked! C:\WINDOWS\system32\config default Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SAM Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! SECURITY Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! software Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! system Access denied! Error during file opening! Error code: 0x000D WARNING! Access error/file locked! Drive: D: Volume ID: HP_RECOVERY Serial No.: 416B-1FF7 End of scan: vendredi 7 juillet 2006 22:42 Time taken: 110:49 min 6255 directories were scanned 139107 files were scanned 87 warning messages were issued 1 file was deleted 0 files were repaired 1 detection -
Problème pc urgent!
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Je commence la procedure dès maintenant. Merci! -
Voila j'ai un ordinateur qui pose beaucoup de problèmes. Il n'arrête pas de m'afficher plusieurs pages étranges sans aucun rapport avec windows voici mon rapport Hjack This: Logfile of HijackThis v1.99.1 Scan saved at 20:22:42, on 07/07/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Steganos Internet Trace Destructor 7\ITD7.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Propriétaire\Mes documents\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr8.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr8.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/startpage/adsl/fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr8.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr8.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr8.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [showShifter TVTV EPG Daemon] "C:\Program Files\Home Media Networks Limited\ShowShifter\TVTVD.exe" O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [iTD7] "C:\Program Files\Steganos Internet Trace Destructor 7\ITD7.exe" -boot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{E458E66D-D5DE-4A4C-8392-BBFADAACE9DE}: NameServer = 212.151.137.170 212.151.136.246 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Merci de m'aider
-
Je te remercie facks pour tes conseils . je me suis renqeigné sur le net et sur le forum. Je vais désinstaller norton et réinstaller avast!
-
Je savais pas ou ettre ce topic alors je l'ai mis ici. voila je voudrais savoir comment se passe l'activation de norton par internet. Est-ce payant? Car je ne l'ai jamais fait et je voudrais savoir comment ca se passe. Merci à celui qui m'aidera.
-
[Résolu] Virus Win32:horst-C [trj]
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Je vous remercie pour toutes ses informations et pour m'avoir beaucoup aidé a supprimer ce virus car je n'aurai jamis rien pu faire sans vous. Je conserverai toutes vos prcédures et vos rappels au cas ou il y aurai un autre problème.Encore merci! . J'allais oublier, j'ai réinstallé norton internet security 2006 et c'est lui qui me sert de pare feu donc plus besion de telecharger un pare feu. En fait il me sert de tout (protection residente, confidentialité, trojans, spywares, virus et j'en passe!). Mais tes conseils me serons utiles si norton recommence à me lacher (oui car c'est à cause de ça si j'ai eu des virus!norton s'était desactivé et n'avait pas prévenu donc je m'en suis servi une bonne semaine sans protection mais maintenant je pense que ca sera bon!). -
[Résolu] Virus Win32:horst-C [trj]
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Re-bonjour! Voila j'ai passé votre analyse et il n'a rien trouvé (je vous le dis comme ca car j'ai oublié le rapport). J'ai réussi a reinstaller l'antivirus que je voulais (j'ai desinstaller avast et j'ai réinstallé norton internet security 2006).Je tient à vous remercier pour tout ce que vous avez fait pour moi. Peu de gens sont aussi aimables que vous. J'espère vous revoir bientôt sue le forum de Zebulon! Mais pas pour un virus la prochaine fois -
[Résolu] Virus Win32:horst-C [trj]
Canon560 a répondu à un(e) sujet de Canon560 dans Analyses et éradication malwares
Voici le rapport demandé: Logfile of HijackThis v1.99.1 Scan saved at 11:49:55, on 05/27/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Steganos Trace Destructor 6.5\itd.exe C:\Program Files\InterVideo\WinDVR\WinScheduler.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tele2internet.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2internet.fr R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.tele2internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKCU\..\Run: [iTD65_ITD] "C:\Program Files\Steganos Trace Destructor 6.5\itd.exe" /booting O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\ACROREAD\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1131789185968 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - O17 - HKLM\System\CCS\Services\Tcpip\..\{BF299106-F478-44E7-B0A6-7F30FF09C558}: NameServer = 212.151.137.170 212.151.136.246 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\WINDOWS\System32\x10nets.exe (file missing)