Aller au contenu

coco-shhh

Membres
  • Compteur de contenus

    65
  • Inscription

  • Dernière visite

Tout ce qui a été posté par coco-shhh

  1. Ok alors ca c'est fait par contre ça n'a rien changé au problème que mon pc plante souvent et ça souvent quand je lance une vidéo.
  2. ca y'est c'est fait
  3. oki merci pour tout et à demain (non, ah si juste avec un pc portable mais assez rarement)
  4. Oki alors le scan du pc en son entier est enfin terminé : ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Wednesday, February 06, 2008 7:34:34 PM Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 6/02/2008 Enregistrements dans la base antivirus Kaspersky : 510630 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: standard Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Poste de travail: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ Statistiques de l'analyse: Total d'objets analysés: 108791 Nombre de virus trouvés: 0 Nombre d'objets infectés: 0 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 01:31:32 Nom de l'objet infecté / Nom du virus / Dernière action C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cert8.db L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\history.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\key3.db L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\parent.lock L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\search.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\urlclassifier2.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix\Reboot.exe L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\ATI\ACE\Log\MOM-0.log L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012008020620080207\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Temp\Perflib_Perfdata_470.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF4351.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Administrateur\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Program Files\ASUS\PC Probe II\Pci.tab L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{DD8F2256-1113-4885-B8F0-8F143B2B922E}\RP515\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\fwdbglog.txt L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\fwpktlog.txt L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\IAMDB.RDB L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\PCCYRIL.ldb L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\tvDebug.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ZLT06e7a.TMP L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ZLT06fb9.TMP L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\atapi.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\fidbox.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\fidbox.idx L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré E:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré E:\System Volume Information\_restore{DD8F2256-1113-4885-B8F0-8F143B2B922E}\RP515\change.log L'objet est verrouillé ignoré F:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré F:\System Volume Information\_restore{DD8F2256-1113-4885-B8F0-8F143B2B922E}\RP515\change.log L'objet est verrouillé ignoré G:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré G:\System Volume Information\_restore{DD8F2256-1113-4885-B8F0-8F143B2B922E}\RP515\change.log L'objet est verrouillé ignoré H:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré H:\System Volume Information\_restore{DD8F2256-1113-4885-B8F0-8F143B2B922E}\RP515\change.log L'objet est verrouillé ignoré Analyse terminée.
  5. Bon alors pour les cookies c'est bien noté je vais supprimé ça, quant au scan Kasperski voilà le premier scan, la je suis en train de scanner le pc complet mais ca prends beaucoup de temps. Pour le premier : ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Wednesday, February 06, 2008 6:02:11 PM Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 6/02/2008 Enregistrements dans la base antivirus Kaspersky : 510630 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: standard Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Zones critiques: C:\WINDOWS C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ Statistiques de l'analyse: Total d'objets analysés: 19720 Nombre de virus trouvés: 0 Nombre d'objets infectés: 0 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 00:09:30 Nom de l'objet infecté / Nom du virus / Dernière action C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\fwdbglog.txt L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\fwpktlog.txt L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\IAMDB.RDB L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\PCCYRIL.ldb L'objet est verrouillé ignoré C:\WINDOWS\Internet Logs\tvDebug.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ZLT06e7a.TMP L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ZLT06fb9.TMP L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\atapi.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\fidbox.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\fidbox.idx L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_470.dat L'objet est verrouillé ignoré C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DF4351.tmp L'objet est verrouillé ignoré Analyse terminée.
  6. Désolé ca a pris du temps alors voilà d'abord le rapport d'ewido : __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\Administrateur\Cookies\administrateur@bs.serving-sys[2].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\Administrateur\Cookies\administrateur@serving-sys[1].txt Risk: Medium Name: TrackingCookie.Adviva Path: :mozilla.14:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.15:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.16:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.17:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.18:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.34:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.46:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.47:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.48:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.49:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Estat Path: :mozilla.61:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Overture Path: :mozilla.87:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Name: TrackingCookie.Doubleclick Path: :mozilla.100:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rxpx4fpw.default\cookies.txt Risk: Medium Je lance maintenant le scan de KASPERSKY
  7. Puisque tu me dis que le plus gros du problème est résolu je te remercies oqu Au vu de mon dernier HijackThis est ce qu'il reste des choses à faire? Est ce que cela va me permettre de retrouver de la vitesse?
  8. Merci pour la proposition, tout ce qui va dans le sens de l'optimisation me plait plutot. Merci pour tout en tout cas. Concernant les lignes O4 je ne sais pas à quoi elles correspondent et pour ZA c'est le bon fichier. Voilà mon dernier rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:52:51, on 05/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\ASUS\PC Probe II\Probe2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1 O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\system32\E_S870.tmp" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1993962763-261478967-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8120 bytes
  9. Alors j'ai bien désinstallé Ad Aware et Desktop et suite à ça plus de 018 à supprimer. Mon antivirus c Zone Alarme oui oui l'antivirus. Je n'ai pas utilisé Nlite Easybox est un logiciel de musique. Je vais le virer plus nécessaire. Voilà le dernier rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:04:45, on 05/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\ASUS\PC Probe II\Probe2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [EasyMod] C:\Program Files\EasyBox\EasyMod.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1 O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\system32\E_S870.tmp" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8116 bytes
  10. C'est fait. Pour info il n'y avait rien dans les serveurs DNS : il était coché Obtenir les adresses automatiquement. J'ai quand même rempli les coordonnés avec celles que tu m'as donné. Pour le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:25:01, on 05/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\ASUS\PC Probe II\Probe2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [EasyMod] C:\Program Files\EasyBox\EasyMod.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1 O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\system32\E_S870.tmp" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: bw+0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 20361 bytes
  11. Free
  12. Le nouveau rapport : Username "Administrateur" - 05/02/2008 19:40:37 [Fixwareout edited 9/01/2007] ~~~~~ Prerun check Cache de résolution DNS vidé. System was rebooted successfully. ~~~~~ Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... ~~~~~ Misc files. .... ~~~~~ Checking for older varients. .... ~~~~~ Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "tsnpstd3"="C:\\WINDOWS\\tsnpstd3.exe" "snpstd3"="C:\\WINDOWS\\vsnpstd3.exe" "ISUSPM Startup"="C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" "ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start" "EasyMod"="C:\\Program Files\\EasyBox\\EasyMod.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\"" "Launch PC Probe II"="\"C:\\Program Files\\ASUS\\PC Probe II\\Probe2.exe\" 1" "FileZilla Server Interface"="\"C:\\Program Files\\FileZilla Server\\FileZilla Server Interface.exe\"" "JMB36X Configure"="C:\\WINDOWS\\system32\\JMRaidTool.exe boot" "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "TaskSwitchXP"="C:\\Program Files\\TaskSwitchXP\\TaskSwitchXP.exe" "StartCCC"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe" "updateMgr"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9" "EPSON Stylus C62 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S10IC2.EXE /A \"C:\\WINDOWS\\system32\\E_S870.tmp\"" "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" .... Hosts file was reset, If you use a custom hosts file please replace it... ~~~~~ End report ~~~~~
  13. et voilà : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:18:13, on 05/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\ASUS\PC Probe II\Probe2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [EasyMod] C:\Program Files\EasyBox\EasyMod.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1 O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\system32\E_S870.tmp" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.114 85.255.112.148 O18 - Protocol: bw+0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {EA5DB128-D41B-45C7-BF01-D595EFC4883A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 20210 bytes
  14. merci de votre rapidité : je commence par la première aide arrivée : Voilà le premier rapport de Fixwareout : Username "Administrateur" - 05/02/2008 19:08:29 [Fixwareout edited 9/01/2007] ~~~~~ Prerun check HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters "nameserver"="85.255.116.114 85.255.112.148" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74} "nameserver"="85.255.116.114,85.255.112.148" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CCC33EB2-2709-427E-8065-7125E403D96A} "nameserver"="85.255.116.114,85.255.112.148" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74} "DhcpNameServer"="85.255.116.114,85.255.112.148" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{AD8871B3-A778-44C7-9821-142F2C999A41} "DhcpNameServer"="85.255.116.114,85.255.112.148" <Value cleared. Cache de résolution DNS vidé. System was rebooted successfully. ~~~~~ Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... ~~~~~ Misc files. .... ~~~~~ Checking for older varients. .... ~~~~~ Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "tsnpstd3"="C:\\WINDOWS\\tsnpstd3.exe" "snpstd3"="C:\\WINDOWS\\vsnpstd3.exe" "ISUSPM Startup"="C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" "ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start" "EasyMod"="C:\\Program Files\\EasyBox\\EasyMod.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\"" "Launch PC Probe II"="\"C:\\Program Files\\ASUS\\PC Probe II\\Probe2.exe\" 1" "FileZilla Server Interface"="\"C:\\Program Files\\FileZilla Server\\FileZilla Server Interface.exe\"" "JMB36X Configure"="C:\\WINDOWS\\system32\\JMRaidTool.exe boot" "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "TaskSwitchXP"="C:\\Program Files\\TaskSwitchXP\\TaskSwitchXP.exe" "StartCCC"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe" "updateMgr"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9" "EPSON Stylus C62 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S10IC2.EXE /A \"C:\\WINDOWS\\system32\\E_S870.tmp\"" "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" .... Hosts file was reset, If you use a custom hosts file please replace it... ~~~~~ End report ~~~~~ Je lance le hijackthis
  15. Bonjour à tous alors voilà ca fait un petit moment que jai l'impression que mon pc ralenti, tant au démarrage qu'à l'utilisation. De plus il lui arrive de freezer d'un coup il là il n'y a ruen d'autre à faire que rebooter. J'ai alors lancer une analyse avec SmitFraudix et voilà ce que j'obtiens : »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.114 DNS Server Search Order: 85.255.112.148 HKLM\SYSTEM\CCS\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CCS\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CCS\Services\Tcpip\..\{AD8871B3-A778-44C7-9821-142F2C999A41}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CCS\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CCS\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS1\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS1\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS1\Services\Tcpip\..\{AD8871B3-A778-44C7-9821-142F2C999A41}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS2\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS2\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS2\Services\Tcpip\..\{AD8871B3-A778-44C7-9821-142F2C999A41}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS2\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS2\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS3\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS3\Services\Tcpip\..\{8B4CF429-FBE9-40EC-A78B-6422C49B1B74}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS3\Services\Tcpip\..\{AD8871B3-A778-44C7-9821-142F2C999A41}: DhcpNameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CS3\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS3\Services\Tcpip\..\{CCC33EB2-2709-427E-8065-7125E403D96A}: NameServer=85.255.116.114,85.255.112.148 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.114 85.255.112.148 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.114 85.255.112.148 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.116.114 85.255.112.148 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.116.114 85.255.112.148 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Si quelqu'un peut m'aider. Merci d'avance.
×
×
  • Créer...