Aller au contenu

Sousou

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    41

  • Inscription

  • Dernière visite

Tout ce qui a été posté par Sousou

  1. Sousou
    re, Pas grave Voici les rapports : Le log BFU : Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe" "KBD"="C:\\HP\\KBD\\KBD.EXE" "Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize" "nwiz"="nwiz.exe /install" "IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe" "HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe" "PS2"="C:\\WINDOWS\\system32\\ps2.exe" "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "KAVPersonal50"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus Personal\\kav.exe\" /minimize" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "!ewido"="\"C:\\Désinfection\\ewido anti-spyware 4.0\\ewido.exe\" /minimized" "KernelFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\ 00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\ 5c,00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,6b,\ 00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" Silent runner : "Silent Runners.vbs", revision 46, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS] "Microsoft Works Update Detection" = "C:\Program Files\Microsoft Works\WkDetect.exe" [file not found] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"" [file not found] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "hpsysdrv" = "c:\windows\system\hpsysdrv.exe" ["Hewlett-Packard Company"] "KBD" = "C:\HP\KBD\KBD.EXE" ["Hewlett-Packard Company"] "Recguard" = "C:\WINDOWS\SMINST\RECGUARD.EXE" [empty string] "dla" = "C:\WINDOWS\system32\dla\tfswctrl.exe" ["VERITAS Software, Inc."] "NvCplDaemon" = "RUNDLL32.EXE NvQTwk,NvCplDaemon initialize" [MS] "nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"] "IgfxTray" = "C:\WINDOWS\System32\igfxtray.exe" ["Intel Corporation"] "HotKeysCmds" = "C:\WINDOWS\System32\hkcmd.exe" ["Intel Corporation"] "PS2" = "C:\WINDOWS\system32\ps2.exe" ["Hewlett-Packard Company"] "ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."] "TkBellExe" = ""C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."] "KAVPersonal50" = ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize" ["Kaspersky Lab"] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "!ewido" = ""C:\Désinfection\ewido anti-spyware 4.0\ewido.exe" /minimized" ["Anti-Malware Development a.s."] "KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 -k" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "AcroIEHlprObj Class" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string] {53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = "Windows Live Sign-in Helper" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = "Google Toolbar Helper" \InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration" -> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Explorateur de Bureau" -> {HKLM...CLSID} = "Explorateur de Bureau" \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS] "{AB77609F-2178-4E6F-9C4B-44AC179D937A}" = "a² Context Menu Shell Extension" -> {HKLM...CLSID} = "a² Context Menu Shell Extension" \InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" [null data] "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band" -> {HKLM...CLSID} = "Shell Search Band" \InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS] "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player" -> {HKLM...CLSID} = "RealOne Player Context Menu Class" \InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Outlook File Icon Extension" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\Office\OLKFSTUB.DLL" [MS] "{780BCB64-0CAF-473c-A9FC-E08C03D75515}" = "Matroska Shell Extension, Properties Page CLSID" -> {HKLM...CLSID} = "The Matroska Shell Extension, Prop Page CLSID" \InProcServer32\(Default) = "C:\Program Files\Matroska Pack\MSE\MatroskaProp.dll" [" "] "{78DC191E-EFC1-4532-9A71-224577A86A7D}" = "Matroska Shell Extension, Thumbnail Handler CLSID" -> {HKLM...CLSID} = "The Matroska Shell Extension, Thumbnail Handler CLSID" \InProcServer32\(Default) = "C:\Program Files\Matroska Pack\MSE\MatroskaProp.dll" [" "] "{794D04CA-70AC-4020-80EB-FFD59DEF8027}" = "Matroska Shell Extension, Tooltip Provider CLSID" -> {HKLM...CLSID} = "The Matroska Shell Extension, Tooltip Provider CLSID" \InProcServer32\(Default) = "C:\Program Files\Matroska Pack\MSE\MatroskaProp.dll" [" "] "{789111D8-68A3-46a3-9663-145A3FF4C9C9}" = "Matroska Shell Extension, ContextMenu CLSID" -> {HKLM...CLSID} = "The Matroska Shell Extension, Context Menu CLSID" \InProcServer32\(Default) = "C:\Program Files\Matroska Pack\MSE\MatroskaProp.dll" [" "] "{781395AF-A127-469f-A06F-59B482AF4F3F}" = "Matroska Shell Extension, Column Provider CLSID" -> {HKLM...CLSID} = "The Matroska Shell Extension, Column Provider CLSID" \InProcServer32\(Default) = "C:\Program Files\Matroska Pack\MSE\MatroskaProp.dll" [" "] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "Mes dossiers de partage" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0792.00.dll" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ INFECTION WARNING! "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "ewido anti-spyware 4.0" -> {HKLM...CLSID} = "CShellExecuteHookImpl Object" \InProcServer32\(Default) = "C:\Désinfection\ewido anti-spyware 4.0\shellexecutehook.dll" ["Anti-Malware Development a.s."] HKLM\System\CurrentControlSet\Control\Session Manager\ INFECTION WARNING! "BootExecute" = "autocheck autochk * stera" [file not found], [MS], [file not found], [file not found] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ INFECTION WARNING! igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {781395AF-A127-469f-A06F-59B482AF4F3F}\(Default) = "The Matroska Shell Extension, Column Provider CLSID" -> {HKLM...CLSID} = "The Matroska Shell Extension, Column Provider CLSID" \InProcServer32\(Default) = "C:\Program Files\Matroska Pack\MSE\MatroskaProp.dll" [" "] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}" -> {HKLM...CLSID} = "CContextScan Object" \InProcServer32\(Default) = "C:\Désinfection\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."] Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll" ["Kaspersky Lab"] MatroskaContextMenu\(Default) = "{789111D8-68A3-46a3-9663-145A3FF4C9C9}" -> {HKLM...CLSID} = "The Matroska Shell Extension, Context Menu CLSID" \InProcServer32\(Default) = "C:\Program Files\Matroska Pack\MSE\MatroskaProp.dll" [" "] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}" -> {HKLM...CLSID} = "CContextScan Object" \InProcServer32\(Default) = "C:\Désinfection\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}" -> {HKLM...CLSID} = "a² Context Menu Shell Extension" \InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" [null data] Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll" ["Kaspersky Lab"] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Startup items in "Propriétaire" & "All Users" startup folders: -------------------------------------------------------------- C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage INFECTION WARNING! "desktop(2).ini" [null data] "OpenOffice.org 2.0" -> shortcut to: "C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe" [null data] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage "Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l" [MS] "Sitecom Wireless Utility" -> shortcut to: "C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE -s" ["Ralink Technology, Corp."] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" -> {HKLM...CLSID} = "Yahoo! Toolbar" \InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" [file not found] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided) -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {FB5F1910-F110-11D2-BB9E-00C04F795683}\ "ButtonText" = "Messenger" "MenuText" = "Windows Messenger" "Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS] Miscellaneous IE Hijack Points ------------------------------ C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings") Added lines (compared with English-language version): [strings]: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome [strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/" Missing lines (compared with English-language version): [strings]: 2 lines Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."] ewido anti-spyware 4.0 guard, ewido anti-spyware 4.0 guard, "C:\Désinfection\ewido anti-spyware 4.0\guard.exe" ["Anti-Malware Development a.s."] kavsvc, kavsvc, ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"" ["Kaspersky Lab"] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points and all Registry CLSIDs for dormant Explorer Bars, use the -supp parameter or answer "No" at the first message box. ---------- (total run time: 26 seconds, including 4 seconds for message boxes) hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 18:43:02, on 30/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Désinfection\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Désinfection\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\VideoLAN\VLC\vlc.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Désinfection\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Désinfection\ewido anti-spyware 4.0\guard.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Voila a+ et encore merci
  2. Sousou
    Cédric tu es un pire type Okkkkkkkkkkkkkkk t'sais
  3. Sousou
    Bûche Whahhahhahahha
  4. Sousou
    re, J'ai toujours le problème sur msn aussi le fond d'écrand qui c'est mis.(j'avais oublié) Merci a+
  5. Sousou
    Salut, Il n'y a plus de dysfonctionnements à part c'est pub doctor 2006 et casino qui font que apparaitre dés que je me connecte à internet et aussi je n'arrive pas a supprimer MagicControl.Agent.(ordi lent au démarrage mais sans importance). Voici les rapports : Logfile of HijackThis v1.99.1 Scan saved at 22:59:26, on 27/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Désinfection\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Désinfection\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Désinfection\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Désinfection\ewido anti-spyware 4.0\guard.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe ____________________ 07/27/06 23:10:31 [info]: BlackLight Engine 1.0.42 initialized 07/27/06 23:10:31 [info]: OS: 5.1 build 2600 (Service Pack 2) 07/27/06 23:10:31 [Note]: 7019 4 07/27/06 23:10:31 [Note]: 7005 0 07/27/06 23:10:35 [Note]: 7006 0 07/27/06 23:10:35 [Note]: 7011 468 07/27/06 23:10:35 [Note]: 7026 0 07/27/06 23:10:36 [Note]: 7026 0 07/27/06 23:10:36 [Note]: 7015 1716 07/27/06 23:10:36 [Note]: 7015 5 07/27/06 23:10:36 [Note]: 7015 2092 07/27/06 23:10:36 [Note]: 7015 5 07/27/06 23:10:40 [Note]: FSRAW library version 1.7.1019 07/27/06 23:10:40 [Error]: 4028 29896 07/27/06 23:10:40 [Error]: 4028 29896 07/27/06 23:10:45 [Error]: 4028 29896 07/27/06 23:10:45 [Error]: 4028 29896 07/27/06 23:10:46 [Error]: 4028 29896 07/27/06 23:10:46 [Error]: 4028 29896 07/27/06 23:10:46 [Error]: 4028 29896 07/27/06 23:10:46 [Error]: 4028 29896 07/27/06 23:10:46 [Error]: 4028 29896 07/27/06 23:10:46 [Error]: 4028 29896 07/27/06 23:10:47 [Error]: 4028 29896 07/27/06 23:10:47 [Error]: 4028 29896 07/27/06 23:10:47 [Error]: 4028 29896 07/27/06 23:10:47 [Error]: 4028 29896 07/27/06 23:10:48 [Error]: 4028 29896 07/27/06 23:10:48 [Error]: 4028 29896 07/27/06 23:10:48 [Error]: 4028 29896 07/27/06 23:10:48 [Error]: 4028 29896 07/27/06 23:10:49 [Error]: 4028 29896 07/27/06 23:10:49 [Error]: 4028 29896 07/27/06 23:10:49 [Error]: 4028 29896 07/27/06 23:10:49 [Error]: 4028 29896 07/27/06 23:10:50 [Error]: 4028 29896 07/27/06 23:10:50 [Error]: 4028 29896 07/27/06 23:10:50 [Error]: 4028 29896 07/27/06 23:10:50 [Error]: 4028 29896 07/27/06 23:10:51 [Error]: 4028 29896 07/27/06 23:10:51 [Error]: 4028 29896 07/27/06 23:10:52 [Error]: 4028 29896 07/27/06 23:10:52 [Error]: 4028 29896 07/27/06 23:10:53 [Error]: 4028 29896 07/27/06 23:10:53 [Error]: 4028 29896 07/27/06 23:10:54 [Error]: 4028 29896 07/27/06 23:10:54 [Error]: 4028 29896 07/27/06 23:10:55 [Error]: 4028 29896 07/27/06 23:10:55 [Error]: 4028 29896 07/27/06 23:10:56 [Error]: 4028 29896 07/27/06 23:10:56 [Error]: 4028 29896 07/27/06 23:10:57 [Error]: 4028 29896 07/27/06 23:10:57 [Error]: 4028 29896 07/27/06 23:10:58 [Error]: 4028 29896 07/27/06 23:10:58 [Error]: 4028 29896 07/27/06 23:10:59 [Error]: 4028 29896 07/27/06 23:10:59 [Error]: 4028 29896 07/27/06 23:11:00 [Error]: 4028 29896 07/27/06 23:11:00 [Error]: 4028 29896 07/27/06 23:11:01 [Error]: 4028 29896 07/27/06 23:11:01 [Error]: 4028 29896 07/27/06 23:11:02 [Error]: 4028 29896 07/27/06 23:11:02 [Error]: 4028 29896 07/27/06 23:11:04 [Error]: 4028 29896 07/27/06 23:11:04 [Error]: 4028 29896 07/27/06 23:11:05 [Error]: 4028 29896 07/27/06 23:11:05 [Error]: 4028 29896 07/27/06 23:11:06 [Error]: 4028 29896 07/27/06 23:11:06 [Error]: 4028 29896 07/27/06 23:11:07 [Error]: 4028 29896 07/27/06 23:11:07 [Error]: 4028 29896 07/27/06 23:11:08 [Error]: 4028 29896 07/27/06 23:11:08 [Error]: 4028 29896 07/27/06 23:11:10 [Error]: 4028 29896 07/27/06 23:11:10 [Error]: 4028 29896 07/27/06 23:11:11 [Error]: 4028 29896 07/27/06 23:11:11 [Error]: 4028 29896 07/27/06 23:11:12 [Error]: 4028 29896 07/27/06 23:11:12 [Error]: 4028 29896 07/27/06 23:11:13 [Error]: 4028 29896 07/27/06 23:11:13 [Error]: 4028 29896 07/27/06 23:11:14 [Error]: 4028 29896 07/27/06 23:11:14 [Error]: 4028 29896 07/27/06 23:11:15 [Error]: 4028 29896 07/27/06 23:11:15 [Error]: 4028 29896 07/27/06 23:11:16 [Error]: 4028 29896 07/27/06 23:11:16 [Error]: 4028 29896 07/27/06 23:11:17 [Error]: 4028 29896 07/27/06 23:11:17 [Error]: 4028 29896 07/27/06 23:11:18 [Error]: 4028 29896 07/27/06 23:11:18 [Error]: 4028 29896 07/27/06 23:11:19 [Error]: 4028 29896 07/27/06 23:11:19 [Error]: 4028 29896 07/27/06 23:11:20 [Error]: 4028 29896 07/27/06 23:11:20 [Error]: 4028 29896 07/27/06 23:11:21 [Error]: 4028 29896 07/27/06 23:11:21 [Error]: 4028 29896 07/27/06 23:11:23 [Error]: 4028 29896 07/27/06 23:11:23 [Error]: 4028 29896 07/27/06 23:11:24 [Error]: 4028 29896 07/27/06 23:11:24 [Error]: 4028 29896 07/27/06 23:11:25 [Error]: 4028 29896 07/27/06 23:11:25 [Error]: 4028 29896 07/27/06 23:11:26 [Error]: 4028 29896 07/27/06 23:11:26 [Error]: 4028 29896 07/27/06 23:11:27 [Error]: 4028 29896 07/27/06 23:11:27 [Error]: 4028 29896 07/27/06 23:11:29 [Error]: 4028 29896 07/27/06 23:11:29 [Error]: 4028 29896 07/27/06 23:11:30 [Error]: 4028 29896 07/27/06 23:11:30 [Error]: 4028 29896 07/27/06 23:11:31 [Error]: 4028 29896 07/27/06 23:11:31 [Error]: 4028 29896 07/27/06 23:11:32 [Error]: 4028 29896 07/27/06 23:11:32 [Error]: 4028 29896 07/27/06 23:11:33 [Error]: 4028 29896 07/27/06 23:11:33 [Error]: 4028 29896 07/27/06 23:11:34 [Error]: 4028 29896 07/27/06 23:11:34 [Error]: 4028 29896 07/27/06 23:11:35 [Error]: 4028 29896 07/27/06 23:11:35 [Error]: 4028 29896 07/27/06 23:11:36 [Error]: 4028 29896 07/27/06 23:11:36 [Error]: 4028 29896 07/27/06 23:11:37 [Error]: 4028 29896 07/27/06 23:11:37 [Error]: 4028 29896 07/27/06 23:11:38 [Error]: 4028 29896 07/27/06 23:11:38 [Error]: 4028 29896 07/27/06 23:11:39 [Error]: 4028 29896 07/27/06 23:11:39 [Error]: 4028 29896 07/27/06 23:11:40 [Error]: 4028 29896 07/27/06 23:11:40 [Error]: 4028 29896 07/27/06 23:11:41 [Error]: 4028 29896 07/27/06 23:11:41 [Error]: 4028 29896 07/27/06 23:11:42 [Error]: 4028 29896 07/27/06 23:11:42 [Error]: 4028 29896 07/27/06 23:11:43 [Error]: 4028 29896 07/27/06 23:11:43 [Error]: 4028 29896 07/27/06 23:11:44 [Error]: 4028 29896 07/27/06 23:11:44 [Error]: 4028 29896 07/27/06 23:11:45 [Error]: 4028 29896 07/27/06 23:11:45 [Error]: 4028 29896 07/27/06 23:11:46 [Error]: 4028 29896 07/27/06 23:11:46 [Error]: 4028 29896 07/27/06 23:11:46 [Error]: 4028 29896 07/27/06 23:11:46 [Error]: 4028 29896 07/27/06 23:11:47 [Error]: 4028 29896 07/27/06 23:11:47 [Error]: 4028 29896 07/27/06 23:11:48 [Error]: 4028 29896 07/27/06 23:11:48 [Error]: 4028 29896 07/27/06 23:11:48 [Error]: 4028 29896 07/27/06 23:11:48 [Error]: 4028 29896 07/27/06 23:11:49 [Error]: 4028 29896 07/27/06 23:11:49 [Error]: 4028 29896 07/27/06 23:11:49 [Error]: 4028 29896 07/27/06 23:11:49 [Error]: 4028 29896 07/27/06 23:11:50 [Error]: 4028 29896 07/27/06 23:11:50 [Error]: 4028 29896 07/27/06 23:11:50 [Error]: 4028 29896 07/27/06 23:11:50 [Error]: 4028 29896 07/27/06 23:11:51 [Error]: 4028 29896 07/27/06 23:11:51 [Error]: 4028 29896 07/27/06 23:11:51 [Error]: 4028 29896 07/27/06 23:11:51 [Error]: 4028 29896 07/27/06 23:11:52 [Error]: 4028 29896 07/27/06 23:11:52 [Error]: 4028 29896 07/27/06 23:11:53 [Error]: 4028 29896 07/27/06 23:11:53 [Error]: 4028 29896 07/27/06 23:11:54 [Error]: 4028 29896 07/27/06 23:11:54 [Error]: 4028 29896 07/27/06 23:11:54 [Error]: 4028 29896 07/27/06 23:11:54 [Error]: 4028 29896 07/27/06 23:11:55 [Error]: 4028 29896 07/27/06 23:11:55 [Error]: 4028 29896 07/27/06 23:11:55 [Error]: 4028 29896 07/27/06 23:11:55 [Error]: 4028 29896 07/27/06 23:11:56 [Error]: 4028 29896 07/27/06 23:11:56 [Error]: 4028 29896 07/27/06 23:11:56 [Error]: 4028 29896 07/27/06 23:11:56 [Error]: 4028 29896 07/27/06 23:11:57 [Error]: 4028 29896 07/27/06 23:11:57 [Error]: 4028 29896 07/27/06 23:11:58 [Error]: 4028 29896 07/27/06 23:11:58 [Error]: 4028 29896 07/27/06 23:11:59 [Error]: 4028 29896 07/27/06 23:11:59 [Error]: 4028 29896 07/27/06 23:11:59 [Error]: 4028 29896 07/27/06 23:11:59 [Error]: 4028 29896 07/27/06 23:12:00 [Error]: 4028 29896 07/27/06 23:12:00 [Error]: 4028 29896 07/27/06 23:12:01 [Error]: 4028 29896 07/27/06 23:12:01 [Error]: 4028 29896 07/27/06 23:12:01 [Error]: 4028 29896 07/27/06 23:12:01 [Error]: 4028 29896 07/27/06 23:12:02 [Error]: 4028 29896 07/27/06 23:12:02 [Error]: 4028 29896 07/27/06 23:12:03 [Error]: 4028 29896 07/27/06 23:12:03 [Error]: 4028 29896 07/27/06 23:12:03 [Error]: 4028 29896 07/27/06 23:12:03 [Error]: 4028 29896 07/27/06 23:12:04 [Error]: 4028 29896 07/27/06 23:12:04 [Error]: 4028 29896 07/27/06 23:12:05 [Error]: 4028 29896 07/27/06 23:12:05 [Error]: 4028 29896 07/27/06 23:12:06 [Error]: 4028 29896 07/27/06 23:12:06 [Error]: 4028 29896 07/27/06 23:12:07 [Error]: 4028 29896 07/27/06 23:12:07 [Error]: 4028 29896 07/27/06 23:12:09 [Error]: 4028 29896 07/27/06 23:12:09 [Error]: 4028 29896 07/27/06 23:12:09 [Error]: 4028 29896 07/27/06 23:12:09 [Error]: 4028 29896 07/27/06 23:12:10 [Error]: 4028 29896 07/27/06 23:12:10 [Error]: 4028 29896 07/27/06 23:12:11 [Error]: 4028 29896 07/27/06 23:12:11 [Error]: 4028 29896 07/27/06 23:12:12 [Error]: 4028 29896 07/27/06 23:12:12 [Error]: 4028 29896 07/27/06 23:12:13 [Error]: 4028 29896 07/27/06 23:12:13 [Error]: 4028 29896 07/27/06 23:12:13 [Error]: 4028 29896 07/27/06 23:12:13 [Error]: 4028 29896 07/27/06 23:12:14 [Error]: 4028 29896 07/27/06 23:12:14 [Error]: 4028 29896 07/27/06 23:12:15 [Error]: 4028 29896 07/27/06 23:12:15 [Error]: 4028 29896 07/27/06 23:12:16 [Error]: 4028 29896 07/27/06 23:12:16 [Error]: 4028 29896 07/27/06 23:12:16 [Error]: 4028 29896 07/27/06 23:12:16 [Error]: 4028 29896 07/27/06 23:12:17 [Error]: 4028 29896 07/27/06 23:12:17 [Error]: 4028 29896 07/27/06 23:12:18 [Error]: 4028 29896 07/27/06 23:12:18 [Error]: 4028 29896 07/27/06 23:12:19 [Error]: 4028 29896 07/27/06 23:12:19 [Error]: 4028 29896 07/27/06 23:12:20 [Error]: 4028 29896 07/27/06 23:12:20 [Error]: 4028 29896 07/27/06 23:12:22 [Error]: 4028 29896 07/27/06 23:12:22 [Error]: 4028 29896 07/27/06 23:12:23 [Error]: 4028 29896 07/27/06 23:12:23 [Error]: 4028 29896 07/27/06 23:12:24 [Error]: 4028 29896 07/27/06 23:12:24 [Error]: 4028 29896 07/27/06 23:12:27 [Error]: 4028 29896 07/27/06 23:12:27 [Error]: 4028 29896 07/27/06 23:12:28 [Error]: 4028 29896 07/27/06 23:12:28 [Error]: 4028 29896 07/27/06 23:12:29 [Error]: 4028 29896 07/27/06 23:12:29 [Error]: 4028 29896 07/27/06 23:12:30 [Error]: 4028 29896 07/27/06 23:12:30 [Error]: 4028 29896 07/27/06 23:12:32 [Error]: 4028 29896 07/27/06 23:12:32 [Error]: 4028 29896 07/27/06 23:12:34 [Error]: 4028 29896 07/27/06 23:12:34 [Error]: 4028 29896 07/27/06 23:12:51 [Error]: 4028 29896 07/27/06 23:12:51 [Error]: 4028 29896 07/27/06 23:12:55 [Error]: 4028 29896 07/27/06 23:12:55 [Error]: 4028 29896 07/27/06 23:13:00 [Error]: 4028 29896 07/27/06 23:13:00 [Error]: 4028 29896 07/27/06 23:13:04 [Error]: 4028 29896 07/27/06 23:13:04 [Error]: 4028 29896 07/27/06 23:13:09 [Error]: 4028 29896 07/27/06 23:13:09 [Error]: 4028 29896 07/27/06 23:13:15 [Error]: 4028 29896 07/27/06 23:13:15 [Error]: 4028 29896 07/27/06 23:13:23 [Error]: 4028 29896 07/27/06 23:13:23 [Error]: 4028 29896 07/27/06 23:13:26 [Error]: 4028 29896 07/27/06 23:13:26 [Error]: 4028 29896 07/27/06 23:13:28 [Error]: 4028 29896 07/27/06 23:13:28 [Error]: 4028 29896 07/27/06 23:13:40 [Error]: 4028 29896 07/27/06 23:13:40 [Error]: 4028 29896 07/27/06 23:13:54 [Error]: 4028 29896 07/27/06 23:13:54 [Error]: 4028 29896 07/27/06 23:14:05 [Error]: 4028 29896 07/27/06 23:14:05 [Error]: 4028 29896 07/27/06 23:14:07 [Error]: 4028 29896 07/27/06 23:14:07 [Error]: 4028 29896 07/27/06 23:14:08 [Error]: 4028 29896 07/27/06 23:14:08 [Error]: 4028 29896 07/27/06 23:14:09 [Error]: 4028 29896 07/27/06 23:14:09 [Error]: 4028 29896 07/27/06 23:14:57 [Note]: 7007 0 Beaucoup d'error c'est grave??? Merci a+
  6. Sousou
    re kevin, Pourquoi y a t il écrit sur ton dernier message ATTENTION PROCEDURE EN COURS DE REDACTION, NE PAS APPLIQUER TOUT DE SUITE , se n était pas écrit tout a l'heure et je viend de les appliquer j'espèré que se n'est pas grave. Je poste quand même le rapport : Logfile of HijackThis v1.99.1 Scan saved at 18:35:23, on 27/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Désinfection\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Désinfection\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Désinfection\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Désinfection\ewido anti-spyware 4.0\guard.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Je n'ai plus le problème de l'ordi qui s'allume et redémarre tout seul en m'affichan qu'il c'est produit une erreur, par contre je n'arrive par a suprimer Magicontrol.Agent quand je fais le scan avec spybot. Merci a+
  7. Sousou
    re, ContexPlus n'y est pas
  8. Sousou
    re, Voila le rapport Blacklight : 07/26/06 21:32:08 [info]: BlackLight Engine 1.0.42 initialized 07/26/06 21:32:08 [info]: OS: 5.1 build 2600 (Service Pack 2) 07/26/06 21:32:08 [Note]: 7019 4 07/26/06 21:32:08 [Note]: 7005 0 07/26/06 21:32:25 [Note]: 7006 0 07/26/06 21:32:25 [Note]: 7011 188 07/26/06 21:32:26 [Note]: 7026 0 07/26/06 21:32:26 [Note]: 7026 0 07/26/06 21:32:26 [Note]: 7015 1388 07/26/06 21:32:26 [Note]: 7015 5 07/26/06 21:32:26 [Note]: 7024 3 07/26/06 21:32:26 [info]: Hidden process: C:\windows\system32\ivfzoqk.exe 07/26/06 21:32:26 [Note]: 7015 1692 07/26/06 21:32:26 [Note]: 7015 5 07/26/06 21:32:26 [Note]: FSRAW library version 1.7.1019 07/26/06 21:36:52 [Error]: 4028 29896 07/26/06 21:36:52 [Error]: 4028 29896 07/26/06 21:36:52 [Error]: 4028 29896 07/26/06 21:36:52 [Error]: 4028 29896 07/26/06 21:39:09 [info]: Hidden file: c:\WINDOWS\Prefetch\IVFZOQK.EXE-049DD1FF.pf 07/26/06 21:39:09 [Note]: 10002 1 07/26/06 21:39:36 [info]: Hidden file: c:\WINDOWS\system32\ivfzoqk.dat 07/26/06 21:39:36 [Note]: 10002 1 07/26/06 21:39:36 [info]: Hidden file: C:\windows\system32\ivfzoqk.exe 07/26/06 21:39:37 [Note]: 10002 1 07/26/06 21:39:37 [info]: Hidden file: c:\WINDOWS\system32\ivfzoqk_nav.dat 07/26/06 21:39:37 [Note]: 10002 1 07/26/06 21:39:37 [info]: Hidden file: c:\WINDOWS\system32\ivfzoqk_navps.dat 07/26/06 21:39:37 [Note]: 10002 1 07/26/06 21:41:49 [Note]: 7007 0 a+
  9. Sousou
    re, Désolé j'ai complètement oublié le rapport Hijackthis le voici : Logfile of HijackThis v1.99.1 Scan saved at 21:14:05, on 26/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Désinfection\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Désinfection\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Désinfection\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Désinfection\ewido anti-spyware 4.0\guard.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Et pour desktop(2).ini je ne l'est pas trouver il n'était pas présent il n'y avait que [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21786 un 6 à la place du 7 a+ je donne les autres rapports plus tard
  10. Sousou
    re, J'ai reussit a faire le scan Panda, voici le rapport (je voudrais savoir comment on fait pour supprimer les resultats) : Incident Statut Analyse Adware:adware/cws No Désinfecté Registre Windows Outil indésirable:application/regfreeze No Désinfecté hkey_current_user\software\actualresearch\RegistryFreeze Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@2o7[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bluestreak[1].txt Spyware:Cookie/cs.sexcounter No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cs.sexcounter[2].txt Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[1].txt Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@tradedoubler[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@xiti[1].txt Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@zedo[2].txt Et voici le rapport que tu ma demandé : SmitFraudFix v2.74 Rapport fait à 13:54:36,51, 26/07/2006 Executé à partir de C:\D‚sinfection\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Encore merci pour votre patiense a+
  11. Sousou
    re, En faite les problèmes n'ont pas disparus, les dysfonctionnement sont toujours la. Et pour Kaspersky j'aimerais bien avoir une reponse SVP Merci pour votre aide
  12. Sousou
    re, J'ai un probléme avec le scan en ligne sur Kaspersky, je n'arrive pas à télécharger contôle active x. Quand je click dessus une page s'ouvre sa ne se passe pas comme dans l'example , je ne peux pas le télécharger . Merci d'avance a+
  13. Sousou
    J'ai Kaspersky comme antivirus je voudrais savoir si je pouvais faire une analyse avec mon scan au lieu de celui d'internet????
  14. Sousou
    Je ne crois pas que cela à marché : Logfile of HijackThis v1.99.1 Scan saved at 20:11:19, on 24/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Désinfection\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\wuauclt.exe C:\Désinfection\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bonelitebirdknob] C:\Documents and Settings\All Users\Application Data\INTERNETROADBONELITE\multibits.exe O4 - HKLM\..\Run: [!ewido] "C:\Désinfection\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Désinfection\ewido anti-spyware 4.0\guard.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Je pense avoir tout bien appliqué En meme temps y a t-il un logiciel qui permet de bloquer les pages publicitaires???
  15. Sousou
    Salut Kevin, Il n'y a plus de dysfonctionnements à part qu'il est toujours aussi lent et qu'il y a toujours cette pub DOCTOR 2006 qui s'affiche tout le temps. A si sur msn le fond d'écrand qui c'est installé n'est tooujours pas parti. Et pour le fichier Defy Blue.exe je sais pas si je l'est suprimé
  16. Sousou
    J'ai oublié de préciser , que HijackThis a refusé de suprimer cette ligne "O4 - Startup: desktop(2).ini" Merci a+
  17. Sousou
    re, Voici les rapports: Rapport Ewido ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 22:37:02 23/07/2006 + Scan result: C:\Documents and Settings\Sébastien\Cookies\sébastien@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@counter.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Sébastien\Cookies\sébastien@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). C:\Documents and Settings\Propriétaire\Local Settings\Temp\NI.UWA6PV_0001_N76M1904\setup.exe -> Trojan.Fakealert : Cleaned with backup (quarantined). ::Report end Rapport Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 22:46:18, on 23/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Désinfection\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Désinfection\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bonelitebirdknob] C:\Documents and Settings\All Users\Application Data\INTERNETROADBONELITE\multibits.exe O4 - HKLM\..\Run: [!ewido] "C:\Désinfection\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Désinfection\ewido anti-spyware 4.0\guard.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  18. Sousou
    Bonjour, Voici mon nouveau rapport Logfile of HijackThis v1.99.1 Scan saved at 18:16:29, on 22/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bonelitebirdknob] C:\Documents and Settings\All Users\Application Data\INTERNETROADBONELITE\multibits.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe O4 - HKCU\..\Run: [Multi64] C:\DOCUME~1\PROPRI~1\APPLIC~1\EXTRAK~1\Defy blue.exe O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing) Il me semble qu'il est comme le premier
  19. Sousou
    J'ai oublié de parler des problèmes: ordinateur trés lent, des pubs qui s'affiche (souvent la pub doctor 2006 même en clikan sur non), l ordi s'éteind a cause d une erreur (sa arrive souvent) et le pire je croi c'est sur msn un arriere plan c'est installé sans que je le demande et est impossible a enlevé je ne c'est pas comment cela est possible (malwayr, spayware ou autre) je ne connai rein a tout sa . Merci de m'aidé
  20. Sousou
    Salut, j'ai déja fai le pré-nétoyage mais j'ai apparement oublié de faire la configuration d'Antivir donc je recomence et je donne mon nouveau rapport demain Merci
  21. Sousou
    voici mon rapport Logfile of HijackThis v1.99.1 Scan saved at 19:55:54, on 21/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr5.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bonelitebirdknob] C:\Documents and Settings\All Users\Application Data\INTERNETROADBONELITE\multibits.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe O4 - HKCU\..\Run: [Multi64] C:\DOCUME~1\PROPRI~1\APPLIC~1\EXTRAK~1\Defy blue.exe O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize O4 - Startup: desktop(2).ini O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Wireless Network USB Adapter 54G WL-113_002\Installer\WLANUTL.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing)
×
×
  • Créer...