nick774

ok merci ! J'ai fait un scan de mon DD sur le site de panda: voici le rapport: Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.xiti.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.weborama.fr/] Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][2].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@adtech[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/Server.iad.Liveperson No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@serving-sys[1].txt Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[2].txt Spyware:Cookie/Systemdoctor No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@xiti[1].txt Hacktool:Exploit/Metafile No Désinfecté C:\Documents and Settings\Administrateur\Local Settings\Temp\s0kuesjc.wmf Spyware:Cookie/Adtech No Désinfecté C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\l945xnty.default\cookies.txt[.adtech.de/] Spyware:Cookie/2o7 No Désinfecté C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\l945xnty.default\cookies.txt[.microsofteup.112.2o7.net/] Spyware:Cookie/Xiti No Désinfecté C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\l945xnty.default\cookies.txt[.xiti.com/] Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\hbbcfxasen.exe Outil indésirable:Application/Webmediaplayer No Désinfecté C:\WINDOWS\Temp\Install_WMP.exe[WebMediaPlayer.exe] Merci d'avance

Mon pc me propose des choses bizarres en ce moment: Démarrage de certains programmes impossibles, le pc rame plus qu'à l'accoutumé. J'ai comme l'impression qu'un trojan est venu se glisser dans tout ça Je me permet de vous envoyer mon scan hijack car je ne sais plus quoi faire à part un formatage. Merci d'avance Logfile of HijackThis v1.99.1 Scan saved at 13:57:43, on 24/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\MICROS~3\GAMECO~1\common\swtrayv4.exe C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\Program Files\Creative\Shared Files\CTSched.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Sweex WiFi LAN 140 Nitro XM Utility\WlanUtl.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://numericable.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.38.109.143:3124 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MICROS~3\GAMECO~1\common\swtrayv4.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Sweex WiFi LAN 140 Nitro XM Utility.lnk = ? O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\content\include\XPPatchInstaller.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1139426573687 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\Content\include\msSecUcd.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/ve...n7/DLHelper.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/f/532/6712/5m/vir...5/installer.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

Je ne sais pas quel port est utilisé par mon jeu mais ce que j'ai fait, c'est ouvrir tous les ports de la livebox (sachant que j'ai un firewall en local), via Configuration-> Avancée->Routeur en UDP et TCP de 1 a 65300 environ !!! Mais impossible de rejoindre une partie Merci de votre aide

Bonjour, J'ai un souci pour rejoindre une partie d'un jeu en reseau via internet. Pourtant tous les parefeu ont été désactivés(hote et client), les ports de la livebox tous ouverts... J'ai fait un scan sur Panda anti virus en ligne , ci-dessous le rapport De même jai fait un scan sur hijackthis Merci d'avance pour votre aide Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.xiti.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.adtech.de/] Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.adultfriendfinder.com/] Spyware:Cookie/cs.sexcounter No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.cs.sexcounter.com/] Spyware:Cookie/PayCounter No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.paycounter.com/] Spyware:Cookie/SexList No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.sexlist.com/] Spyware:Cookie/WebPower No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.webpower.com/] Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.toplist.cz/] Spyware:Cookie/DomainSponsor No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[landing.domainsponsor.com/] Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.zedo.com/] Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.overture.com/] Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Yadro No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.yadro.ru/] Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.2o7.net/] Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.microsoftwga.112.2o7.net/] Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.2o7.net/] Spyware:Cookie/MediaTickets No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.kinghost.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.realmedia.com/] Spyware:Cookie/Ccbill No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.ccbill.com/] Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.hg1.hitbox.com/] Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.hg1.hitbox.com/] Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Valueclick No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.valueclick.com/] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.advertising.com/] Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.ehg-eline.hitbox.com/] Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rsnzdqjt.default\cookies.txt[.atdmt.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@247realmedia[2].txt Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@2o7[2].txt Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][2].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@adtech[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[2].txt Spyware:Cookie/Netster No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@tradedoubler[2].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@xiti[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\NetworkService\Application Data\Mozilla\Firefox\Profiles\ijmyrgi4.default\cookies.txt[.xiti.com/] Outil indésirable:Application/HideWindow.A No Désinfecté C:\WINDOWS\system32\hid.exe Hacktool:Hacktool/RegPatch.A No Désinfecté C:\WINDOWS\wpi\Keygen\ultraiso.exe ----------------------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 19:36:37, on 12/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C'est parfait, plus de problème. Merci pour tout

Ok merci. Voici le rapport de mon scan via panda Incident Status Location Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.xiti.com/] Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\123\Application Data\Mozilla\Firefox\Profiles\cj4wtpb1.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.xiti.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.adtech.de/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.com.com/] Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[as1.falkag.de/] Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\otaa0g3q.default\cookies.txt[.2o7.net/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrateur\Cookies\administrateur@adtech[2].txt Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrateur\Cookies\[email protected][2].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[2].txt Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrateur\Cookies\administrateur@tradedoubler[1].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrateur\Cookies\administrateur@xiti[1].txt Virus:Exploit/Metafile Disinfected C:\Documents and Settings\Administrateur\Local Settings\Temp\0l36spul.wm Spyware:Cookie/Adtech Not disinfected C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\l945xnty.default\cookies.txt[.adtech.de/] Spyware:Cookie/2o7 Not disinfected C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\l945xnty.default\cookies.txt[.microsofteup.112.2o7.net/] Spyware:Cookie/Xiti Not disinfected C:\WINDOWS\system32\config\systemprofile\Application Data\Mozilla\Firefox\Profiles\l945xnty.default\cookies.txt[.xiti.com/] Virus:W32/Sdbot.ftp.worm Disinfected C:\WINDOWS\system32\i

Bonjour, Je scan mon disque dur avec AVG anti-virus et voila qu'il me trouve un virus nommé WMF.exploit, mais impossible de le virer de mon DD. Celui-ci se trouve dans un fichier temp. Je vous met mon log en ligne vu que je ne sais pas trop comment procéder. Merci d'avance, A+ Logfile of HijackThis v1.99.1 Scan saved at 08:16:42, on 04/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\MICROS~3\GAMECO~1\common\swtrayv4.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Sweex WiFi LAN 140 Nitro XM Utility\WlanUtl.exe C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\FRU\Remind32.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://numericable.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.38.109.143:3124 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MICROS~3\GAMECO~1\common\swtrayv4.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - Startup: Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\FRU\Remind32.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Sweex WiFi LAN 140 Nitro XM Utility.lnk = ? O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\content\include\XPPatchInstaller.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1139426573687 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\Content\include\msSecUcd.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/ve...n7/DLHelper.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/f/532/6712/5m/vir...5/installer.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe