Aller au contenu

Asphx

Membres
  • Compteur de contenus

    12
  • Inscription

  • Dernière visite

Asphx's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Bonjour, j'ai rencontré le problême. Fais le bouton Windows pour afficher la barre des tâches et le bouton démarrage. Dans la barre en bas clic droit sur la fenetre ewido, fais Agrandir
  2. Bon j'essaie de faire avancer les chose un peu... ça me gonfle. J'ai tenté plusieurs restaurations système mais Norton semble bloquer un script rstrui.exe (qui a mon avis a quelque chose à voir avc la restauration). Donc Norton est tj vivant malgré ma tentative de supprésion d'une et il me bloque un programme. Je peux pas régler ça avec HijackThis ? PS : Kerio ne marche pas non plus, ça enclenche Windows Installer qui est pas accéssible à partir du mode sans échec.
  3. Up (désolé pour l'insistance)
  4. Merci pr ta réponse ! J'ai installé ZoneAlarm sur l'ordi que j'utilise actuellement et tout marche. Par contre quand je tente de l'installer sur mon ordi infecté tout marche sauf qu'il faut redémarrer le système pour compléter l'installation ! Et là l'érreur de démarrage fait que je ne peux pas la compléter. ZoneAlarm marche mais il m'indique une érreur système en haut à droite dans la fenetre principale et l'îcone dans la barre des tâches est une croix jaune avc un message quand je passe le pointeur desssus "Le service de sécurité TrueVector n'est pas actif". D'ailleurs il ne se lance pas au démarrage, j'ai lancé zonealarm.exe à partir du dossier de Program Files. J'ai un autre exe zlclient.exe aussi que je n'ai pas touché. Oui, avis personnel, j'ai déinstallé Norton mais bon a mon avis c'est le couple malheureux Norton Kaspersky qui a tout fait foiré. log HijackThis Logfile of HijackThis v1.99.1 Scan saved at 19:10:00, on 22/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lemonde.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  5. Merci pour ta réponse j'ai tout fait sauf qu'après l'analyse ewido, j'ai donc mis en quarantaine un bon nombre de truc mais ensuite je n'ai pas pu redémarrer en normal, toujours l'érreur d'avant. Voici les scans Clean Script clean par Malekal_morte - http://www.malekal.com Microsoft Windows XP [version 5.1.2600] Script execute en mode sans echec *** Suppression de fichiers sur C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 Ewido --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 01:54:59 21/08/2006 + Scan result: HKU\S-1-5-21-1659004503-1682526488-682003330-1004\Software\BTGrab -> Adware.BetterInternet : Cleaned with backup (quarantined). HKU\S-1-5-21-1659004503-1682526488-682003330-1004\Software\ZServ -> Adware.BetterInternet : Cleaned with backup (quarantined). C:\WINDOWS\RmxvcmVudHo\asappsrv.dll -> Adware.CommAd : Cleaned with backup (quarantined). C:\WINDOWS\RmxvcmVudHo\command.exe -> Adware.CommAd : Cleaned with backup (quarantined). C:\WINDOWS\system32\Xcite2.exe -> Adware.F1Organizer : Cleaned with backup (quarantined). HKU\S-1-5-21-1659004503-1682526488-682003330-1004\Software\IST -> Adware.ISTBar : Cleaned with backup (quarantined). C:\WINDOWS\system32\d2j00c1mef.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\system32\m864lijq18oe.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\system32\oreaut32.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined). HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT -> Adware.NaviSearch : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\daF53.tmp -> Adware.SurfSide : Cleaned with backup (quarantined). C:\Program Files\SurfSideKick 3 -> Adware.SurfSide : Cleaned with backup (quarantined). C:\Program Files\SurfSideKick 3\SskBho.dll -> Adware.SurfSide : Cleaned with backup (quarantined). C:\Program Files\SurfSideKick 3\SskCore.dll -> Adware.SurfSide : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Mes documents\MsgPlus-301.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined). C:\Program Files\Fichiers communs\imrz\imrzp.exe -> Downloader.TSUpdate.f : Cleaned with backup (quarantined). C:\Aloap\Aloap.exe -> Not-A-Virus.BadJoke.Win16.Aloap : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Mes documents\Aloap.exe/Aloap.exe -> Not-A-Virus.BadJoke.Win16.Aloap : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UQNSKCDJ\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned with backup (quarantined). C:\Program Files\Network Monitor\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned with backup (quarantined). C:\teamscript36\NukeNabber\nukenabber.exe -> Not-A-Virus.NetTool.Win32.NukeNabber.21 : Cleaned with backup (quarantined). :mozilla.190:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.191:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.192:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.590:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Adition : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined). :mozilla.29:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.40:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.45:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Clickhype : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@com[3].txt -> TrackingCookie.Com : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined). :mozilla.168:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.169:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.170:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.171:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.172:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.173:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). C:\WINDOWS\Temp\Cookies\florentz@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). :mozilla.256:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). :mozilla.62:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). :mozilla.583:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@komtrack[1].txt -> TrackingCookie.Komtrack : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). :mozilla.100:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). :mozilla.101:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). :mozilla.102:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). :mozilla.103:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). :mozilla.213:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.214:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.215:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.216:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.217:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.384:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.398:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.409:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.530:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.531:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.58:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.59:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.60:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.61:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.151:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.152:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@targad[2].txt -> TrackingCookie.Targad : Cleaned with backup (quarantined). :mozilla.88:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.89:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\WINDOWS\Temp\Cookies\florentz@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.90:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined). :mozilla.387:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined). :mozilla.388:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined). :mozilla.104:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.105:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\florentz@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined). :mozilla.20:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.21:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.22:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.23:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.24:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.25:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.26:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\WINDOWS\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.255:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). ::Report end HijackThis Logfile of HijackThis v1.99.1 Scan saved at 11:39:45, on 21/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lemonde.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe O4 - HKLM\..\Run: [avserve.exe] C:\WINDOWS\avserve.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [satmat] C:\WINDOWS\satmat.exe O4 - HKLM\..\Run: [tmbstgdjwqx] C:\WINDOWS\system32\ajusioyz.exe O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunOnce: [NavExcelBar.dll] rundll32.exe "C:\WINDOWS\remover.dll",_remove@16 O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/28af5d87e47b90d7fd20/...RdxIE601_fr.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/AMC.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.servicesalacarte.wanad...gamesplayer.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O18 - Protocol: bw+0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
  6. Voilà le rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 22:26:37, on 20/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lemonde.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {253F37C8-6247-7E07-A176-78D80B0D9108} - C:\PROGRA~1\tonsbias\sendmeta.exe (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe O4 - HKLM\..\Run: [avserve.exe] C:\WINDOWS\avserve.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [chic curb wipe software] C:\Documents and Settings\All Users\Application Data\FlawMfcdChicCurb\readme drive.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [satmat] C:\WINDOWS\satmat.exe O4 - HKLM\..\Run: [tmbstgdjwqx] C:\WINDOWS\system32\ajusioyz.exe O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunServices: [systemSAS] system32.exe O4 - HKLM\..\RunServices: [CMD] cmd32.exe O4 - HKLM\..\RunServices: [doit.exe] doit.exe O4 - HKLM\..\RunOnce: [NavExcelBar.dll] rundll32.exe "C:\WINDOWS\remover.dll",_remove@16 O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/28af5d87e47b90d7fd20/...RdxIE601_fr.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/AMC.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.servicesalacarte.wanad...gamesplayer.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O18 - Protocol: bw+0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - AppInit_DLLs: pushow70.dll MsgPlusLoader.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
  7. Oui tu as bien raison. J'ai tenté la manipulation mais ça ne donne rien, je vois un truc s'exécuter, une fenetre fond noir mais qui disparait en une micro seconde puis rien, rien ne se met en route. Je vais quand même envoyer le rapport AntiVir et HijackThis dès qu'ils seront prêts. Merci
  8. J'ai déjà tenté la restauration mais rien n'y fait, ça redémarre et le même problême apparait, c'est comme si ça n'avait rien fait. Je suis en pleine analyse Antivir là, j'ai gravé ça sur CD avc HijackThis puis j'ai lu à partir du mode sans échec ! J'ai déjà supprimé quelques trojans, j'attends la fin de l'analyse et je reviendrai avec le rapport HijackThis
  9. Je crois que j'ai une idée. Vu que HijackThis fais moins de 1Mb, je vais le foutre sur disquette et le lire en mode sans échec et j'espère l'effectuer sur mon ordinateur infesté. Je serais prêt à prendre des photos s'il faut *courage*
  10. Bonjour à tous. J'ai un gros problême sur mon ordinateur suite à des manipulations avec un adware (SurfSideKick) qui est apparemment innofensif. Je pense que ma méconnaissance et mon impatience ont eu raison de moi. J'ai surement dût modifier ou supprimer un fichier important, mais j'en doute. Description du problême J'allume mon PC (je fonctionne avec XP), je vois la barre de chargement de Windows XP, puis un message comme quoi mon ordi se prépare à démarrer et enfin l'écran de Bienvenue. Ensuite une alerte s'affiche accompagnée d'un son d'alerte. "Certains fichiers système sont absents ou endommagés. Vous ne pouvez pas ouvrir de séssion maintenant. Utilisez votre CD d'installation pour réinstaller Windows. Code d'érreur 0x80040507". Ce qu'il m'est possible de faire A partir de là rien ne marche exepté le Mode sans Echec. J'entre donc en mode sans échec, donc pas de connexion internet (je ne peux malheureusement donc pas fournir de rapport HijackThis) et la plupart des programmes ne fonctionnent pas (ne répondent plus rapidement), comme par exemple Ad-Aware ou Kaspersky. Je peux éffectuer des opérations normales à part ça, je peux rentrer dans le Registre Windows mais seulement par le biais du fichier dans le system32, car Effectuer une tâche > regedit ne marche pas on me dit que ce n'est pas une application Win32 valide. Je pense pouvoir effectuer une sauvegarde de fichier via CD. Ce que j'ai déjà fait J'ai tenté d'insérer le CD Windows XP version Familiale, mais apparemment il représente une version antérieure au système d'exploitation installé sur mon PC, donc j'ai pas de possibilité de réparation, ou du moins ça n'a pas l'air du tout (encore une fois peut être qu'en explorant le CD je pourrais, mais je ne me risque pas) J'espère que je n'ai pas plus que mes yeux pour pleurer. En attendant vos commentaires, merci.
×
×
  • Créer...