molokoi

désolé, là je pense que c'est bon

bonjour merci pour ton aide. je ne répond qu'aujourd'hui car le scan n'en finissait pas hier soir. ça n'utilise pas de logiciel de messagerie. ci-joint le rapport EWIDO __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@112.2o7[1].txt Risk: Medium Name: TrackingCookie.247realmedia Path: C:\Documents and Settings\Alban\Cookies\alban@247realmedia[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@2o7[2].txt Risk: Medium Name: TrackingCookie.Pointroll Path: C:\Documents and Settings\Alban\Cookies\alban@ads.pointroll[2].txt Risk: Medium Name: TrackingCookie.Adtech Path: C:\Documents and Settings\Alban\Cookies\alban@adtech[1].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Documents and Settings\Alban\Cookies\alban@advertising[1].txt Risk: Medium Name: TrackingCookie.Adviva Path: C:\Documents and Settings\Alban\Cookies\alban@adviva[2].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Documents and Settings\Alban\Cookies\alban@atdmt[2].txt Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\Documents and Settings\Alban\Cookies\alban@bluestreak[1].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\Alban\Cookies\alban@bs.serving-sys[2].txt Risk: Medium Name: TrackingCookie.Casalemedia Path: C:\Documents and Settings\Alban\Cookies\alban@casalemedia[1].txt Risk: Medium Name: TrackingCookie.Overture Path: C:\Documents and Settings\Alban\Cookies\alban@data3.perf.overture[2].txt Risk: Medium Name: TrackingCookie.Dealtime Path: C:\Documents and Settings\Alban\Cookies\alban@dealtime[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@divx.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\Alban\Cookies\alban@doubleclick[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6wbl4qlazilp.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6wdkosjdpelo.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6wfl4kgczoep.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6wfmyagdpmaq.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6wgkoapdpihq.stats.esomniture[1].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6wgmyqmdzofo.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6wgmywpczeeo.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6whk4sldjgcp.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Esomniture Path: C:\Documents and Settings\Alban\Cookies\alban@e-2dj6whliaiczefp.stats.esomniture[2].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Alban\Cookies\alban@ehg-citenumerique.hitbox[1].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Alban\Cookies\alban@ehg-francetel.hitbox[2].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Alban\Cookies\alban@ehg-linksys.hitbox[1].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Alban\Cookies\alban@ehg-orangefrance.hitbox[2].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Alban\Cookies\alban@ehg-telecomitalia.hitbox[2].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Alban\Cookies\alban@ehg-youtube.hitbox[2].txt Risk: Medium Name: TrackingCookie.Estat Path: C:\Documents and Settings\Alban\Cookies\alban@estat[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@excedence.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Fastclick Path: C:\Documents and Settings\Alban\Cookies\alban@fastclick[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@fnac.112.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@himedia.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Alban\Cookies\alban@hitbox[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@hotelscom.122.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@karavel.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Webtrends Path: C:\Documents and Settings\Alban\Cookies\alban@m.webtrends[1].txt Risk: Medium Name: TrackingCookie.Mediaplex Path: C:\Documents and Settings\Alban\Cookies\alban@mediaplex[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@mistergooddeal.112.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@nissaneurope.112.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@notrefamille.112.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@opodo.122.2o7[1].txt Risk: Medium Name: TrackingCookie.Overture Path: C:\Documents and Settings\Alban\Cookies\alban@overture[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Cookies\alban@paypal.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Overture Path: C:\Documents and Settings\Alban\Cookies\alban@perf.overture[1].txt Risk: Medium Name: TrackingCookie.Questionmarket Path: C:\Documents and Settings\Alban\Cookies\alban@questionmarket[2].txt Risk: Medium Name: TrackingCookie.Revsci Path: C:\Documents and Settings\Alban\Cookies\alban@revsci[1].txt Risk: Medium Name: TrackingCookie.Information Path: C:\Documents and Settings\Alban\Cookies\alban@searchportal.information[1].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\Alban\Cookies\alban@serving-sys[2].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Documents and Settings\Alban\Cookies\alban@smartadserver[2].txt Risk: Medium Name: TrackingCookie.Netflame Path: C:\Documents and Settings\Alban\Cookies\alban@ssl-hints.netflame[1].txt Risk: Medium Name: TrackingCookie.Dealtime Path: C:\Documents and Settings\Alban\Cookies\alban@stat.dealtime[1].txt Risk: Medium Name: TrackingCookie.Statcounter Path: C:\Documents and Settings\Alban\Cookies\alban@statcounter[1].txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: C:\Documents and Settings\Alban\Cookies\alban@tradedoubler[1].txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: C:\Documents and Settings\Alban\Cookies\alban@tribalfusion[2].txt Risk: Medium Name: TrackingCookie.Web-stat Path: C:\Documents and Settings\Alban\Cookies\alban@web-stat[1].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\Alban\Cookies\alban@weborama[2].txt Risk: Medium Name: Dialer.Generic Path: HKLM\SOFTWARE\Classes\WEBINSTALL.WEBInstallCtrl.1 Risk: High Name: TrackingCookie.Advertising Path: C:\Documents and Settings\Alban\Cookies\alban@advertising[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Alban\Local Settings\Temp\Cookies\alban@2o7[2].txt Risk: Medium Name: TrackingCookie.Estat Path: C:\Documents and Settings\Alban\Local Settings\Temp\Cookies\alban@estat[1].txt Risk: Medium Name: TrackingCookie.Overture Path: C:\Documents and Settings\Alban\Local Settings\Temp\Cookies\alban@overture[1].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Documents and Settings\Alban\Local Settings\Temp\Cookies\alban@smartadserver[2].txt Risk: Medium Name: Downloader.Delf.ain Path: C:\Mes Documents\programme a moi\Windows.XP.Pro.Corporate.SP2.Optimise.V4.7.iso\WINXPPRO4_7\I386\SVCPACK\SYSTEM32.EXE Risk: High Name: Downloader.Delf.ain Path: C:\WINDOWS\system32\cmdow.exe Risk: High ET HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:59:07, on 07/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\NetAppel\NetAppel.exe C:\Program Files\ATnotes\ATnotes.exe C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Stickies\stickies.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\phoneaxess\calls-axess.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Mes Documents\programme a moi\anti log publicitaire\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized O4 - HKCU\..\Run: [phoneaxess] "C:\Program Files\phoneaxess\phoneaxess_srv.exe" O4 - HKCU\..\Run: [WellPhone XT Sagem] "C:\Program Files\SmartCom\WellPhone XT Sagem\wellphone2.exe" /background O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User '?') O4 - HKUS\S-1-5-21-527237240-1659004503-1801674531-1003\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User '?') O4 - HKUS\.DEFAULT\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - S-1-5-21-527237240-1659004503-1801674531-1003 Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe (User '?') O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ? O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O20 - Winlogon Notify: mscat - C:\WINDOWS\SYSTEM32\mscat.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 9119 bytes

bonsoir, en tout cas merci pour ton message c'est constructif. a+

Bonjour merci a tous ceux qui vont m'aider : mon pc envoie des mails tout seul. je suis obligé de couper ma connexion internet et j'utilise le portable d'un pote pour vous appeler a l'aide. que faire ?

au secours !!!!!!!!!!!!! mon pc envoie 10 mails par secondes, parfois norton en bloque mais ne detecte pas le virus. que faire ?? ci-dessous rapport HijackThis merci d'avance pour votre aide !! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:43:40, on 06/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\NetAppel\NetAppel.exe C:\Program Files\phoneaxess\phoneaxess_srv.exe C:\Program Files\SmartCom\WellPhone XT Sagem\wellphone2.exe C:\Program Files\ATnotes\ATnotes.exe C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Stickies\stickies.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\phoneaxess\calls-axess.exe C:\Program Files\Data-Concept\Cyberlux Serveur 7 Fusion\Cyberlux.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Mes Documents\programme a moi\anti log publicitaire\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized O4 - HKCU\..\Run: [phoneaxess] "C:\Program Files\phoneaxess\phoneaxess_srv.exe" O4 - HKCU\..\Run: [WellPhone XT Sagem] "C:\Program Files\SmartCom\WellPhone XT Sagem\wellphone2.exe" /background O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User '?') O4 - HKUS\S-1-5-21-527237240-1659004503-1801674531-1003\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User '?') O4 - HKUS\.DEFAULT\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - S-1-5-21-527237240-1659004503-1801674531-1003 Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe (User '?') O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ? O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O20 - Winlogon Notify: mscat - C:\WINDOWS\SYSTEM32\mscat.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 9389 bytes