a beluga

ok, mais c'est parce que mon ordinateur est très lent par rapport à ces capacités, alors peut-être saurais-tu comment.... on peut essatyer d'optimiser le rapport... voir si ça changera quelquechose... merci

bonjour, je suis entrain de faire le scan kaspersky, entre temps, peux-tu me dire comment optimiser mon hijackthis pour qu'il soit un peu moins long? c'est-à-dire d'enlever des choses inutiles? merci

bonjour, non je n'utilise plus norton. et il n'y avait pas ces lignes dans hijackthis : O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL et O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~ aussi il n'y avait pas ce fichier : pxwma.dll voici le rapport ewido : --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 13:43:00 2006-08-21 + Scan result: C:\WINDOWS\Downloaded Program Files\valent.inf -> Adware.BetterInternet : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1960408961-1801674531-725345543-1004\Dc21\vmntoolbar.dll -> Adware.BHO : Cleaned with backup (quarantined). HKLM\SOFTWARE\Microsoft\VisualStudio\Analyzer\Events\{6C736D71-BCBF-11D0-8A23-00AA00B58E10} -> Adware.CoolWebSearch : Cleaned with backup (quarantined). HKU\S-1-5-21-1960408961-1801674531-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A2595F37-48D0-46A1-9B51-478591A97764} -> Adware.Generic : Cleaned with backup (quarantined). HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTbarISTbar -> Adware.HotBar : Cleaned with backup (quarantined). HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006 -> Adware.IntCodec : Cleaned with backup (quarantined). HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On -> Adware.IntCodec : Cleaned with backup (quarantined). HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 -> Adware.IntCodec : Cleaned with backup (quarantined). HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Cleaned with backup (quarantined). C:\Downloads\AquabbleQuestSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\AseaSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\AtlantisSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\Chainz2_Setup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\FortuneTiles-WinSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\GaminoSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\PiratesOfTreasureIsland-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\SuperSwapDeluxeSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\VortHexSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\Wonders_Setup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\aquabblesSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Downloads\geomsetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\Documents and Settings\Alexis\Local Settings\Temp\uninstall.exe -> Adware.VMN : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1960408961-1801674531-725345543-1004\Dc21\uninstall.exe -> Adware.VMN : Cleaned with backup (quarantined). C:\Documents and Settings\Alexis\Mes documents\hijackthis\backups\backup-20060821-121601-625.dll -> Adware.Webdir : Cleaned with backup (quarantined). HKU\S-1-5-21-1960408961-1801674531-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F07DD3-924D-4141-BC74-299F523A95F1} -> Adware.WebDir : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\VacPro.canada_ver3 -> Dialer.Generic : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\VacPro.canada_ver3\Clsid -> Dialer.Generic : Cleaned with backup (quarantined). :mozilla.10:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.7:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.8:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.9:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.11:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.123:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.127:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.140:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.6:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Alexis\Cookies\alexis@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. :mozilla.14:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.15:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.16:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.6:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Addynamix : Cleaned. :mozilla.65:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.66:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.67:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.19:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.20:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Adtech : Cleaned. C:\Documents and Settings\Marie-Hélène\Cookies\marie-hélène@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.267:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.64:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.65:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.66:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.67:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.47:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.228:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Cqcounter : Cleaned. :mozilla.76:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.7:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.15:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Gator : Cleaned. :mozilla.242:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Masterstats : Cleaned. :mozilla.76:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Masterstats : Cleaned. :mozilla.250:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.251:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.153:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.52:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.68:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned. :mozilla.69:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned. :mozilla.166:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.167:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.168:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.169:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.40:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Alexis\Cookies\alexis@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.50:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.51:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.52:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.53:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.54:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.55:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.56:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.57:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.58:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.59:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.54:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Starware : Cleaned. :mozilla.55:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Starware : Cleaned. :mozilla.179:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.182:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.183:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.184:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.189:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.190:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.58:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.59:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.60:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.61:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.191:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.192:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.62:C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.206:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Web-stat : Cleaned. :mozilla.207:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Web-stat : Cleaned. :mozilla.208:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Web-stat : Cleaned. :mozilla.203:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.204:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.229:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.230:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.222:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.223:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.224:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.41:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\mp8bpj4v.Alexis\cookies.txt -> TrackingCookie.Zedo : Cleaned. C:\Documents and Settings\Alexis\Cookies\alexis@zedo[2].txt -> TrackingCookie.Zedo : Cleaned. ::Report end et le rapport hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 13:52:58, on 2006-08-21 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\gearsec.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Xfire\Xfire.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Opera\Opera.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Documents and Settings\Alexis\Mes documents\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\prefs.js) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

bonjour, voici le rapport de smitfraudfix : SmitFraudFix v2.81 Rapport fait à 22:30:51,73, 2006-08-20 Executé à partir de C:\Documents and Settings\Alexis\Bureau\smitfraud\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé C:\Program Files\IntCodec\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin voici celui de hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 22:35:13, on 2006-08-20 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\gearsec.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe C:\Program Files\Xfire\Xfire.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Alexis\Mes documents\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\prefs.js) O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\IntCodec\isaddon.dll (file missing) O2 - BHO: (no name) - {40D20724-5D3A-43C8-9FF5-2B6F209DBD27} - C:\WINDOWS\system32\bhrw.dll (file missing) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe p.s. j'habite au québec alors je répond très en retard, à cause du décalage horaire

»»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Alexis\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT ! C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Alexis\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\IntCodec\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

voici le log : "Silent Runners.vbs", revision 46, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ {++} "homepage.monitor.exe" = "C:\Program Files\IntCodec\isamonitor.exe" [null data] "pmsngr.exe" = "C:\Program Files\IntCodec\pmsngr.exe" [null data] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "avgnt" = ""C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min" ["Avira GmbH"] "NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ {++} "SpybotSnD" = ""C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck" ["Safer Networking Limited"] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {202a961f-23ae-42b1-9505-ffe3c818d717}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\IntCodec\isaddon.dll" [null data] {40D20724-5D3A-43C8-9FF5-2B6F209DBD27}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\bhrw.dll" [file not found] {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}\(Default) = (no title provided) -> {HKLM...CLSID} = "VMN Toolbar" \InProcServer32\(Default) = "C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL" [empty string] {53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"] {58F07DD3-924D-4141-BC74-299F523A95F1}\(Default) = (no title provided) -> {HKLM...CLSID} = "CInterfaceObj Object" \InProcServer32\(Default) = "C:\WINDOWS\pxwma.dll" [null data] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration" -> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."] "{BDA77241-42F6-11d0-85E2-00AA001FE28C}" = "LDVP Shell Extensions" -> {HKLM...CLSID} = "VpshellEx Class" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Symantec Shared\SSC\vpshell2.dll" ["Symantec Corporation"] "{59850401-6664-101B-B21C-00AA004BA90B}" = "Microsoft Office Binder Unbind" -> {HKLM...CLSID} = "Microsoft Office Binder Unbind" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\1036\UNBIND.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Outlook File Icon Extension" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL" [MS] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] "{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] "{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] "{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] "{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] "{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices" -> {HKLM...CLSID} = "Portable Media Devices" \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS] "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu" -> {HKLM...CLSID} = "Portable Media Devices Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{C38C9EFF-166C-11D4-98D6-204C4F4F5020}" = "Piky Basket" -> {HKLM...CLSID} = "Basket Class" \InProcServer32\(Default) = "C:\Program Files\Conceptworld\Piky\Piky.dll" ["Conceptworld Corporation"] "{6B19FEC2-A45B-11CF-9045-00A0C9039735}" = "Registered ActiveX Controls" -> {HKLM...CLSID} = "Registered ActiveX Controls" \InProcServer32\(Default) = "C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\IDE\DEVXPGL.DLL" [file not found] "{D545EBD1-BD92-11CF-8772-00A0C9039735}" = "Developer Studio Components" -> {HKLM...CLSID} = "Developer Studio Components" \InProcServer32\(Default) = "C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\IDE\DEVXPGL.DLL" [file not found] "{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band" -> {HKLM...CLSID} = "Shell Search Band" \InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS] "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll" ["H+BEDV Datentechnik GmbH"] "{1EBC3533-B289-409F-9924-B84B3F0717D2}" = "AceFTP Context Menu Shell Extension" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll" ["Visicom Media Inc."] HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ "load" = (value not set) "run" = (value not set) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ "AppInit_DLLs" = (value not set) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ INFECTION WARNING! ckpNotify\DLLName = "ckpNotify.dll" ["Check Point Software Technologies"] INFECTION WARNING! NavLogon\DLLName = "C:\WINDOWS\System32\NavLogon.dll" [null data] INFECTION WARNING! WgaLogon\DLLName = "WgaLogon.dll" [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ FTP Expert\(Default) = "{1EBC3533-B289-409F-9924-B84B3F0717D2}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll" ["Visicom Media Inc."] LDVPMenu\(Default) = "{BDA77241-42F6-11d0-85E2-00AA001FE28C}" -> {HKLM...CLSID} = "VpshellEx Class" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Symantec Shared\SSC\vpshell2.dll" ["Symantec Corporation"] Piky\(Default) = "{C38C9EFF-166C-11D4-98D6-204C4F4F5020}" -> {HKLM...CLSID} = "Basket Class" \InProcServer32\(Default) = "C:\Program Files\Conceptworld\Piky\Piky.dll" ["Conceptworld Corporation"] Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll" ["H+BEDV Datentechnik GmbH"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ FTP Expert\(Default) = "{1EBC3533-B289-409F-9924-B84B3F0717D2}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll" ["Visicom Media Inc."] Piky\(Default) = "{C38C9EFF-166C-11D4-98D6-204C4F4F5020}" -> {HKLM...CLSID} = "Basket Class" \InProcServer32\(Default) = "C:\Program Files\Conceptworld\Piky\Piky.dll" ["Conceptworld Corporation"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ LDVPMenu\(Default) = "{BDA77241-42F6-11d0-85E2-00AA001FE28C}" -> {HKLM...CLSID} = "VpshellEx Class" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Symantec Shared\SSC\vpshell2.dll" ["Symantec Corporation"] Piky\(Default) = "{C38C9EFF-166C-11D4-98D6-204C4F4F5020}" -> {HKLM...CLSID} = "Basket Class" \InProcServer32\(Default) = "C:\Program Files\Conceptworld\Piky\Piky.dll" ["Conceptworld Corporation"] Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll" ["H+BEDV Datentechnik GmbH"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Alexis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\WINDOWS\system32\logon.scr" [MS] Startup items in "Alexis" & "All Users" startup folders: -------------------------------------------------------- C:\Documents and Settings\Alexis\Menu Démarrer\Programmes\Démarrage "Xfire" -> shortcut to: "C:\Program Files\Xfire\Xfire.exe" ["Xfire Inc."] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000004\LibraryPath = "C:\WINDOWS\System32\Hummingbird\Connectivity\7.00\Socks\\hclsock5.dll" ["Hummingbird Ltd."] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: C:\WINDOWS\System32\Hummingbird\Connectivity\7.00\Socks\\hclsock5.dll ["Hummingbird Ltd."], 01 - 02, 08 %SystemRoot%\system32\mswsock.dll [MS], 03 - 05, 09 - 18 %SystemRoot%\system32\rsvpsp.dll [MS], 06 - 07 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" -> {HKLM...CLSID} = "Yahoo! Toolbar" \InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" [file not found] "{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}" -> {HKLM...CLSID} = "VMN Toolbar" \InProcServer32\(Default) = "C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL" [empty string] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}" = (no title provided) -> {HKLM...CLSID} = "VMN Toolbar" \InProcServer32\(Default) = "C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL" [empty string] "{A2595F37-48D0-46A1-9B51-478591A97764}" = (no title provided) -> {HKLM...CLSID} = "Protection Bar" \InProcServer32\(Default) = "C:\Program Files\IntCodec\iesplugin.dll" [file not found] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Console Java (Sun)" "CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.5.0_06" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."] Miscellaneous IE Hijack Points ------------------------------ C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings") Added lines (compared with English-language version): [strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/" Missing lines (compared with English-language version): [strings]: 1 line Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ AntiVir PersonalEdition Classic Guard, AntiVirService, "C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe" ["AVIRA GmbH"] AntiVir PersonalEdition Classic Scheduler, AntiVirScheduler, "C:\Program Files\AntiVir PersonalEdition Classic\sched.exe" ["Avira GmbH"] Check Point SecuRemote Service, SR_Service, ""C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe"" ["Check Point Software Technologies"] Check Point SecuRemote WatchDog, SR_WatchDog, ""C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe"" ["Check Point Software Technologies"] HTTP SSL, HTTPFilter, "C:\WINDOWS\System32\svchost.exe -k HTTPFilter" {"C:\WINDOWS\System32\w3ssl.dll" [MS]} LexBce Server, LexBceS, "C:\WINDOWS\system32\LEXBCES.EXE" ["Lexmark International, Inc."] NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"] Service de sécurité matérielle, GEARSecurity, "C:\WINDOWS\System32\gearsec.exe" ["GEAR Software"] Symantec AntiVirus Client, Norton AntiVirus Server, "C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe" ["Symantec Corporation"] Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Lexmark Network Port\Driver = "LEXLMPM.DLL" ["Lexmark International, Inc."] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points and all Registry CLSIDs for dormant Explorer Bars, use the -supp parameter or answer "No" at the first message box. ---------- (total run time: 52 seconds, including 14 seconds for message boxes)

bonjour, j'ai déjà eu des problèmes avec un autre ordinateur et je l'ai réglé en venant ici. maintenant j'ai des problèmes sur cet ordinateur alors je viens ici. j'ai des pop-ups et mon pc est très lent. voici mon rapport hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 13:38:51, on 2006-08-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\gearsec.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Xfire\Xfire.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\VentriloMIX\Ventrilo 2.3.0.exe C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe C:\Program Files\Opera\Opera.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Alexis\Mes documents\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\prefs.js) O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\IntCodec\isaddon.dll O2 - BHO: (no name) - {40D20724-5D3A-43C8-9FF5-2B6F209DBD27} - C:\WINDOWS\system32\bhrw.dll (file missing) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: Protection Bar - {a2595f37-48d0-46a1-9b51-478591a97764} - C:\Program Files\IntCodec\iesplugin.dll (file missing) O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe

bonjour, j'ai déjà eu un problème sur un autre ordinateur et je suis venu ici et le problème a été réglé alors je reviens poster ici pour cet ordinateur. j'ai des pop-ups qui s'ouvrent et j'ai des lenteurs sur mon ordinateur. voici mon log hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 13:38:51, on 2006-08-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\gearsec.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Xfire\Xfire.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\VentriloMIX\Ventrilo 2.3.0.exe C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe C:\Program Files\Opera\Opera.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Alexis\Mes documents\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\xucp7z0o.slt\prefs.js) O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\IntCodec\isaddon.dll O2 - BHO: (no name) - {40D20724-5D3A-43C8-9FF5-2B6F209DBD27} - C:\WINDOWS\system32\bhrw.dll (file missing) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: Protection Bar - {a2595f37-48d0-46a1-9b51-478591a97764} - C:\Program Files\IntCodec\iesplugin.dll (file missing) O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe

bon je viens d'ouvrir un fichier que j'avais downloadé avec bloc-notes sur le 1er site et j'ai compris comment ça marchais, j'ai écris : [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "LogonType"=dword:00000001 dans bloc-notes, j'ai sauvegardé en .reg, et ça a pas marché :'(

bon, sur le premier site, j'ai essayé : Restore the Welcome Screen - Gina.Dll Error, Enable the Welcome Screen, Restore: On Resume, Display Welcome Screen et ça ne marche pas. hum, j'm'y connais pas vraiment en registre alors comment je peux changer le 00000000 par 000000001? merci!

les pop ups je crois que c'est réglé, j'en ai de temps en temps mais c'est probablemement un pop up du site. je n'ai plus de redirection non plus

quand je démarre mon pc, je n'ai plus l'écran de bienvenue où on choisi notre compte, c'est une fenêtre qui me demande d'entrer mon nom d'utilisateur et mon mot de passe. c'est comme quand on fait ctrl+alt+supprim 2 fois à l'écran de bienvenue de windows. comment puis-je le faire revenir à la normal? merci

mais c'est pas que c'est gris, c'est qui faut écrire le nom du compte, aulieu de juste cliquer dessus Windows Registry Editor Version 5.00 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ThemeManager] "WCreatedUser"="1" "LMVersion"="103" "LoadedBefore"="1" "ThemeActive"="1" "DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,52,00,65,00,73,00,6f,00,75,00,72,00,63,00,65,00,73,00,5c,\ 00,74,00,68,00,65,00,6d,00,65,00,73,00,5c,00,4c,00,75,00,6e,00,61,00,5c,00,\ 4c,00,75,00,6e,00,61,00,2e,00,6d,00,73,00,73,00,74,00,79,00,6c,00,65,00,73,\ 00,00,00 "LastUserLangID"="1036" "ColorName"="NormalColor" "SizeName"="NormalSize"

bon j'ai fait une analyse spy sweeper, quand le scan a fini, j'ai pesé sur démarrer au lieu de suivant mais tout ce qu'il avait trouvé, c'était des cookies. pour le démarrage, il y a plusieurs comptes sur l'ordinateur alors je ne veux pas faire démarrer l'ordinateur direct dans mon compte. quand je dis page de bienvenue, c'est pas le bureau, c'est la page ou on voit tous les comptes, avec un petite image à coté, on clique dessus pour aller dans notre compte.

voici le rapport antivir, le scan a été beaucoup moins long que d'habitude (c'est bon signe?) et il a détecté popup[1].php, dans les alertes, il détectait popup[1].htm ou le popup[2].htm et as-tu une idée pour l'overture de session windows? edit -> juste après avoir posté le message, j'ai eu une nouvelle alerte de popup1, c'est un EXP/Agent.B si ça peut t'aider AntiVir PersonalEdition Classic Report file date: 22 juin 2006 11:06 Scanning for 413913 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Alexis Computer name: NOM-8ABC2A6DAF0 Version informations: AVSCAN.EXE : 7.0.0.42 557096 2006-06-22 14:57:00 AVSCAN.DLL : 7.0.0.42 53288 2006-06-22 14:57:00 LUKE.DLL : 7.0.0.42 118824 2006-06-22 14:57:00 LUKERES.DLL : 7.0.0.42 25640 2006-06-22 14:57:00 ANTIVIR0.VDF : 6.35.0.1 7371264 2006-06-22 14:57:00 ANTIVIR1.VDF : 6.35.0.5 2048 2006-06-22 14:57:00 ANTIVIR2.VDF : 6.35.0.62 208384 2006-06-22 14:57:00 ANTIVIR3.VDF : 6.35.0.67 51200 2006-06-22 14:57:00 AVEWIN32.DLL : 7.1.0.15 1536512 2006-06-22 14:57:00 AVPREF.DLL : 7.0.0.1 49192 2006-06-22 14:57:00 AVREP.DLL : 6.35.0.47 679976 2006-06-22 14:57:00 AVRPBASE.DLL : 7.0.0.0 2162728 2006-06-22 14:57:00 AVPACK32.DLL : 7.1.0.1 335912 2006-06-22 14:57:00 AVREG.DLL : 6.31.0.90 27688 2006-06-22 14:57:00 NETNT.DLL : 6.32.0.0 6696 2006-06-22 14:57:00 NETNW.DLL : 6.32.0.0 9768 2006-06-22 14:57:00 RCIMAGE.DLL : 7.0.0.71 1642536 2006-06-22 14:57:01 RCTEXT.DLL : 7.0.0.75 77864 2006-06-22 14:57:01 Configuration settings for the scan: Jobname: '%s'.................: Local Hard Disks Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldiscs.avp Boot sectors..................: C Scan memory...................: 1 Process scan..................: 1 Scan all files................: 2 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Macro heuristic...............: 1 File heuristic................: -1 Primary action................: 1 Secondary action..............: 0 Start of the scan: 22 juin 2006 11:06 The scan over running processes will be started 33 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 10 files ). Starting the file scan: C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6ZKH2Z\popup[1].php [0] Archive type: GZ --> popup[1] [DETECTION] Contains signature of the exploits EXP/Agent.B [iNFO] The file was deleted! C:\Documents and Settings\LocalService\NTUser.dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS022AFA52-8D3B-447E-80D0-5C2F1C01D21C.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0339DD4F-10D2-4C61-AB45-AA8EDF7A48BB.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS03ADDFF3-E167-431B-B8DA-05B2976A638E.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS04E484AB-75D3-4720-928E-68B9E5AFD36C.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS105ABD9C-D8C2-4266-8104-B1B28098BE7F.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS130BF084-2C37-4B0E-8092-4E508033812A.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS156BBD24-B0A0-4188-8590-91AABFE33E7F.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS17C168B3-1967-421E-A3F4-BD423D0F4BBD.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS19F6C724-1A8D-42A0-956A-054ADF6FED6A.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS1B62527C-B169-4B48-BDBA-13E598A0B0A8.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS20308475-06AE-4742-AEE0-93DBAB7675E2.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS20C90862-71E6-4E29-91D6-93958C1A443C.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2197BC9C-CF26-4F7C-841C-CD9D146F9528.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS246FD869-785B-4BBF-BA3A-39FEE6E30748.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS25584B14-A08B-4611-BD69-75218111FA42.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS293E5DA0-58AB-44B9-A397-0F7A8B457A9A.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2CD9D760-6DCD-4B6C-B82B-E448B0650DC4.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2DBCE21D-77C4-4C76-86C5-8C16FA3DE02A.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS30160D1C-5D32-4ED5-9565-E8D1848412A4.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS318B4F33-8AB9-400A-AD17-A9FD419D004E.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS32254763-24C1-4F28-BD34-7A7E0949C0B3.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS37B071A9-1ACD-4C54-AA6A-BC952F181A1F.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3AF38E68-FE8E-4BE4-9CA5-996C871AFFAB.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3B795FAE-92FF-47C8-BDE8-56815E022D07.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3B978986-BCEE-47C6-B316-F872A3E54945.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3C8B426D-1C53-44E8-B8A0-25FCFED44C2F.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3CF40043-B0CA-4DCC-8705-AF2B6A0AA08D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3DB42697-1B3A-449C-B208-E6EB47837F4D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3E637EBD-6C3D-4188-9BB8-374817670508.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4209DB59-C2E2-4825-8820-73C488D8BBC0.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS436A9D49-D753-48FA-8700-E2E3D2BE75FE.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS465B4BFC-C9CC-4F1E-8B55-D5D871B8AB65.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4AF0E1D0-3F61-404B-AB10-AB713AE3BAFB.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4BA3EF1D-2BF6-49DB-88C9-170C54D808DC.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS54583DF2-4051-4097-9C33-E663688464A1.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS565C6028-C55E-44A1-85ED-0931A87FAFD8.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS567BAF6E-BC94-4248-B7E8-0A65468EF420.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS574D21AC-69FC-432E-962B-1AA6C58E018E.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS57934BD9-CEF8-4388-935A-5FBCA5370914.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS594A1166-805C-4FAD-8D02-B835A1550155.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS5CECA347-5DD6-4648-9FA0-DE4570A53FFE.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS62B352C3-5DAD-4ECC-BF74-1A4BD48D0520.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS63F0C091-E568-4721-9E88-67A3DD9691BC.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS649E35EF-90E2-4660-A6DE-7F6936B30349.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6759400D-17B3-483C-8A28-57AC1E4E2EBE.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS679501F7-7929-474A-A808-A48A4C0BF476.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6A9B8106-2BC3-4568-9EE9-753B744152EE.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS71E1113E-4DA6-42C1-A225-175B9B5EEE06.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS766E3B0E-F9CD-4DA2-95A6-DB4CCF0D27C3.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS76CC8671-CA14-4BC5-BCF1-F1E0F6F0F030.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7CA2D041-49A5-4EFE-AEC5-F3476612A5CF.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7DC1A49C-B557-4A03-9955-BF35CF7B76BF.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7FFC250D-B685-4509-B0B6-942BDDBC853D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS84231F03-78DD-43BC-945F-075B5BF9CB00.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS85C253C1-9F61-4D2E-9E5E-7C0739CE7CB6.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS91CC7FCD-7B72-4B51-AB4C-C9E567C1943D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS91D4BA9B-9F4B-4797-ADB9-3FE73FBC8E7D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS94313B23-FE00-488A-89F6-461AE01CC284.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9F51D034-6E1B-42DC-863C-F7AC76A067E9.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9F7C2C7C-41EB-47A4-B5D8-6912A1E698A5.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA2AA1200-A76C-4270-B423-5A7CF03CA97D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA3A38E0C-0BD3-4316-97E2-626498AA8804.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA44FBF38-77E4-464D-84DC-C5C7C8B8B5F7.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA7A0AAD3-0265-41BB-9266-411A0C5AD8F4.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAA790A5F-F367-4533-A127-D2AA6F935BC0.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAC4D279C-FF7A-46E3-AE42-73B790F0E945.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSB2E6E685-C6A1-41D7-988E-6A4511CB94C2.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSB65A00D1-B0E2-4B0C-AC90-B2BD1F574E39.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBB2A9A7B-AD68-4998-BD52-35715CD8587F.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBC149630-33ED-41CB-8A02-4DF1A3A48E78.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBD058950-C8B2-44C7-A48C-900D8A2DFBDF.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBE43AD7B-A393-4FAD-A152-0B3EC9591D52.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBE803340-A8AD-40F9-92F9-FC2651F800E5.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC021E0E7-7B42-438E-8630-B99441616F0D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC1A93DB9-E710-4662-97BB-7CA940B9D08C.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC31E4965-4E02-4034-AA73-D914DA8B3D52.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC3316231-6FD2-49E6-BDA5-C6EFF1A01D2B.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC50CB28F-1BDC-4C62-B666-ACD91DED61F0.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC7C37498-BAF1-4E3C-B29A-8D9EFF8FFB43.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC7D57B84-5CB9-493C-8B24-8A0E77AF4252.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC7DCEF34-D67D-49C1-A8BC-AF91F58301FC.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSCA725381-F44E-4E35-B92C-3291465D556C.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSCD9DF8DD-7796-4909-9D5E-43DEA34AAC8C.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD2557D4F-CDF2-4F3E-9E3A-E2FA3A7E63F6.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD654559D-64FE-43E2-AA0E-0CAEA202BCA6.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD77D0831-DC67-456D-BBDC-F014F39992EE.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD7FED6B6-DC52-4763-9D18-65B1C894AB44.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDB4044B3-DF51-4815-BDD5-A870DFEE86E0.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDCC364D9-223D-4B62-ADEE-D500CA74EAFF.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDEB36410-7954-4B33-8F6A-B9B274B65EF4.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE162AB2C-8D44-48C9-A89B-5B49E5FAE3A3.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE527A1C9-5DE1-4546-835F-32F7EF452C9D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE95F8200-D2E4-4730-B9A6-2D17AFB37D3C.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEE46575F-820B-4600-8F50-9EE9805D1038.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEE7B85DB-9916-48AC-A206-5F607DB37068.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSEF385B76-C4AC-4506-84C1-0754C10D615A.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF025F30C-8E6F-455C-A14F-205E6FE7D91D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF51CBC9A-C278-4830-9C12-9A4C50FE6A91.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF664D603-CB28-4EF1-BADE-61D5BE50B011.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF6F6C620-F43D-482A-AA4F-001084A9474E.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF7C1AEA3-E691-4943-96FD-90D15944C86D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF8D17330-B38A-4209-91C8-562B37BE7CFB.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF9DB03B1-4373-4DFF-B5B3-5629DF550DBE.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFB7048F1-5C04-4E9C-948A-679B8763355D.tmp [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Réjean\Local Settings\Temp\hsperfdata_Réjean\2036 [WARNING] The file could not be opened! C:\WINDOWS\SoftwareDistribution\EventCache\{0715EC68-3CB8-4A68-B76C-2A873234C760}.bin [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\dtscsi.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd0733.sys [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib2 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib3 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib4 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib5 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib6 [WARNING] The file could not be opened! End of the scan: 22 juin 2006 11:45 Used time: 39:15 min The scan has been done completely. 8865 Scanning directories 297173 Files were scanned 1 viruses and/or unwanted programs was found 1 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 8089 Archives were scanned 138 Warnings 0 Notes