Aller au contenu

K38

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    96

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par K38

  1. K38
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:16:35, on 25/01/2009 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINNT\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINNT\system32\mscdt.exe c:\winnt\system32\microsoft\user\FireDaemon.EXE c:\winnt\system32\microsoft\user\dll39.exe C:\WINNT\system32\stisvc.exe C:\WINNT\Installer\{9DE006A5-B484-4ADE-A760-0F217136B8EA}\system.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://intranet.upmf-grenoble.fr/qp2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1132315772357 O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MS System Spooler (MSpool) - Unknown owner - C:\WINNT\system32\mscdt.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe O23 - Service: FireDaemon Service: QOS (QOS) - Unknown owner - c:\winnt\system32\microsoft\user\FireDaemon.EXE O23 - Service: Service Controler - Unknown owner - C:\WINNT\system32\drivers\SbCtri.exe (file missing) O23 - Service: system - Unknown owner - C:\WINNT\Installer\{9DE006A5-B484-4ADE-A760-0F217136B8EA}\system.exe -- End of file - 7860 bytes
  2. K38
    Malwarebytes' Anti-Malware 1.33 Version de la base de données: 1690 Windows 5.0.2195 Service Pack 4 24/01/2009 23:49:49 mbam-log-2009-01-24 (23-49-49).txt Type de recherche: Examen rapide Eléments examinés: 64616 Temps écoulé: 22 minute(s), 9 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 13 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINNT\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\9.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\A.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\C.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\D.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\E.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINNT\system32\F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
  3. K38
    Fichier Info.txt info.txt logfile of random's system information tool 1.05 2009-01-24 22:42:17 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c Adobe Download Manager 2.0 (Supprimer uniquement)-->"C:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe" Adobe Flash Player 10 Plugin-->C:\WINNT\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\WINNT\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player ActiveX-->C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70500000002} Adobe Shockwave Player-->C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B} ANIO Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe" ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Correctif cumulatif 1 pour Windows 2000 SP4-->"C:\WINNT\$NtUpdateRollupPackUninstall$\spuninst\spuninst.exe" Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]-->C:\WINNT\$NtUninstallKB885492$\spuninst\spuninst.exe Correctif pour DirectX 8.1 - KB839643-->C:\WINNT\$NtUninstallKB839643-DirectX81$\spuninst\spuninst.exe Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]-->C:\WINNT\$NtUninstallQ828026$\spuninst\spuninst.exe Correctif Windows 2000 - KB842773-->C:\WINNT\$NtUninstallKB842773$\spuninst\spuninst.exe Correctif Windows 2000 - KB890046-->"C:\WINNT\$NtUninstallKB890046$\spuninst\spuninst.exe" Correctif Windows 2000 - KB893756-->"C:\WINNT\$NtUninstallKB893756$\spuninst\spuninst.exe" Correctif Windows 2000 - KB896358-->"C:\WINNT\$NtUninstallKB896358$\spuninst\spuninst.exe" Correctif Windows 2000 - KB896422-->"C:\WINNT\$NtUninstallKB896422$\spuninst\spuninst.exe" Correctif Windows 2000 - KB896423-->"C:\WINNT\$NtUninstallKB896423$\spuninst\spuninst.exe" Correctif Windows 2000 - KB896424-->"C:\WINNT\$NtUninstallKB896424$\spuninst\spuninst.exe" Correctif Windows 2000 - KB896688-->"C:\WINNT\$NtUninstallKB896688-IE6SP1-20051004.130236$\spuninst\spuninst.exe" Correctif Windows 2000 - KB897715-->"C:\WINNT\$NtUninstallKB897715-OE6SP1-20050503.210336$\spuninst\spuninst.exe" Correctif Windows 2000 - KB899587-->"C:\WINNT\$NtUninstallKB899587$\spuninst\spuninst.exe" Correctif Windows 2000 - KB899589-->"C:\WINNT\$NtUninstallKB899589$\spuninst\spuninst.exe" Correctif Windows 2000 - KB900725-->"C:\WINNT\$NtUninstallKB900725$\spuninst\spuninst.exe" Correctif Windows 2000 - KB901017-->"C:\WINNT\$NtUninstallKB901017$\spuninst\spuninst.exe" Correctif Windows 2000 - KB901214-->"C:\WINNT\$NtUninstallKB901214$\spuninst\spuninst.exe" Correctif Windows 2000 - KB902400-->"C:\WINNT\$NtUninstallKB902400$\spuninst\spuninst.exe" Correctif Windows 2000 - KB905414-->"C:\WINNT\$NtUninstallKB905414$\spuninst\spuninst.exe" Correctif Windows 2000 - KB905495-->"C:\WINNT\$NtUninstallKB905495-IE6SP1-20050805.184113$\spuninst\spuninst.exe" Correctif Windows 2000 - KB905749-->"C:\WINNT\$NtUninstallKB905749$\spuninst\spuninst.exe" Correctif Windows 2000 - KB905915-->"C:\WINNT\$NtUninstallKB905915-IE6SP1-20051122.175908$\spuninst\spuninst.exe" Correctif Windows 2000 - KB908519-->"C:\WINNT\$NtUninstallKB908519$\spuninst\spuninst.exe" Correctif Windows 2000 - KB908523-->"C:\WINNT\$NtUninstallKB908523$\spuninst\spuninst.exe" Correctif Windows 2000 - KB908531-->"C:\WINNT\$NtUninstallKB908531$\spuninst\spuninst.exe" Correctif Windows 2000 - KB911280-->"C:\WINNT\$NtUninstallKB911280$\spuninst\spuninst.exe" Correctif Windows 2000 - KB911567-->"C:\WINNT\$NtUninstallKB911567-OE6SP1-20060316.165634$\spuninst\spuninst.exe" Correctif Windows 2000 - KB912812-->"C:\WINNT\$NtUninstallKB912812-IE6SP1-20060322.182418$\spuninst\spuninst.exe" Correctif Windows 2000 - KB912919-->"C:\WINNT\$NtUninstallKB912919$\spuninst\spuninst.exe" Correctif Windows 2000 - KB913580-->"C:\WINNT\$NtUninstallKB913580$\spuninst\spuninst.exe" Correctif Windows 2000 - KB914388-->"C:\WINNT\$NtUninstallKB914388$\spuninst\spuninst.exe" Correctif Windows 2000 - KB914389-->"C:\WINNT\$NtUninstallKB914389$\spuninst\spuninst.exe" Correctif Windows 2000 - KB917008-->"C:\WINNT\$NtUninstallKB917008$\spuninst\spuninst.exe" Correctif Windows 2000 - KB917159-->"C:\WINNT\$NtUninstallKB917159$\spuninst\spuninst.exe" Correctif Windows 2000 - KB917422-->"C:\WINNT\$NtUninstallKB917422$\spuninst\spuninst.exe" Correctif Windows 2000 - KB917537-->"C:\WINNT\$NtUninstallKB917537$\spuninst\spuninst.exe" Correctif Windows 2000 - KB917736-->"C:\WINNT\$NtUninstallKB917736$\spuninst\spuninst.exe" Correctif Windows 2000 - KB917953-->"C:\WINNT\$NtUninstallKB917953$\spuninst\spuninst.exe" Correctif Windows 2000 - KB918118-->"C:\WINNT\$NtUninstallKB918118$\spuninst\spuninst.exe" Correctif Windows 2000 - KB918899-->"C:\WINNT\$NtUninstallKB918899-IE6SP1-20060725.123917$\spuninst\spuninst.exe" Correctif Windows 2000 - KB920213-->"C:\WINNT\$NtUninstallKB920213$\spuninst\spuninst.exe" Correctif Windows 2000 - KB920670-->"C:\WINNT\$NtUninstallKB920670$\spuninst\spuninst.exe" Correctif Windows 2000 - KB920683-->"C:\WINNT\$NtUninstallKB920683$\spuninst\spuninst.exe" Correctif Windows 2000 - KB920685-->"C:\WINNT\$NtUninstallKB920685$\spuninst\spuninst.exe" Correctif Windows 2000 - KB920958-->"C:\WINNT\$NtUninstallKB920958$\spuninst\spuninst.exe" Correctif Windows 2000 - KB921398-->"C:\WINNT\$NtUninstallKB921398$\spuninst\spuninst.exe" Correctif Windows 2000 - KB921503-->"C:\WINNT\$NtUninstallKB921503$\spuninst\spuninst.exe" Correctif Windows 2000 - KB921883-->"C:\WINNT\$NtUninstallKB921883$\spuninst\spuninst.exe" Correctif Windows 2000 - KB922582-->"C:\WINNT\$NtUninstallKB922582$\spuninst\spuninst.exe" Correctif Windows 2000 - KB922616-->"C:\WINNT\$NtUninstallKB922616$\spuninst\spuninst.exe" Correctif Windows 2000 - KB922760-->"C:\WINNT\$NtUninstallKB922760-IE6SP1-20061018.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB923191-->"C:\WINNT\$NtUninstallKB923191$\spuninst\spuninst.exe" Correctif Windows 2000 - KB923414-->"C:\WINNT\$NtUninstallKB923414$\spuninst\spuninst.exe" Correctif Windows 2000 - KB923694-->"C:\WINNT\$NtUninstallKB923694-OE6SP1-20061106.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB923810-->"C:\WINNT\$NtUninstallKB923810$\spuninst\spuninst.exe" Correctif Windows 2000 - KB923980-->"C:\WINNT\$NtUninstallKB923980$\spuninst\spuninst.exe" Correctif Windows 2000 - KB924191-->"C:\WINNT\$NtUninstallKB924191$\spuninst\spuninst.exe" Correctif Windows 2000 - KB924270-->"C:\WINNT\$NtUninstallKB924270$\spuninst\spuninst.exe" Correctif Windows 2000 - KB924667-->"C:\WINNT\$NtUninstallKB924667$\spuninst\spuninst.exe" Correctif Windows 2000 - KB925454-->"C:\WINNT\$NtUninstallKB925454-IE6SP1-20061116.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB925486-->"C:\WINNT\$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB925902-->"C:\WINNT\$NtUninstallKB925902$\spuninst\spuninst.exe" Correctif Windows 2000 - KB926122-->"C:\WINNT\$NtUninstallKB926122$\spuninst\spuninst.exe" Correctif Windows 2000 - KB926436-->"C:\WINNT\$NtUninstallKB926436$\spuninst\spuninst.exe" Correctif Windows 2000 - KB927891-->"C:\WINNT\$NtUninstallKB927891$\spuninst\spuninst.exe" Correctif Windows 2000 - KB928090-->"C:\WINNT\$NtUninstallKB928090-IE6SP1-20070125.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB928843-->"C:\WINNT\$NtUninstallKB928843$\spuninst\spuninst.exe" Correctif Windows 2000 - KB929969-->"C:\WINNT\$NtUninstallKB929969-IE6SP1-20061220.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB930178-->"C:\WINNT\$NtUninstallKB930178$\spuninst\spuninst.exe" Correctif Windows 2000 - KB931768-->"C:\WINNT\$NtUninstallKB931768-IE6SP1-20070219.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB931784-->"C:\WINNT\$NtUninstallKB931784$\spuninst\spuninst.exe" Correctif Windows 2000 - KB932168-->"C:\WINNT\$NtUninstallKB932168$\spuninst\spuninst.exe" Correctif Windows 2000 - KB933566-->"C:\WINNT\$NtUninstallKB933566-IE6SP1-20070417.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB933729-->"C:\WINNT\$NtUninstallKB933729$\spuninst\spuninst.exe" Correctif Windows 2000 - KB935839-->"C:\WINNT\$NtUninstallKB935839$\spuninst\spuninst.exe" Correctif Windows 2000 - KB935840-->"C:\WINNT\$NtUninstallKB935840$\spuninst\spuninst.exe" Correctif Windows 2000 - KB936021-->"C:\WINNT\$NtUninstallKB936021$\spuninst\spuninst.exe" Correctif Windows 2000 - KB937143-->"C:\WINNT\$NtUninstallKB937143-IE6SP1-20070717.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB937894-->"C:\WINNT\$NtUninstallKB937894$\spuninst\spuninst.exe" Correctif Windows 2000 - KB938127-->"C:\WINNT\$NtUninstallKB938127-IE6SP1-20070626.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB938464-->"C:\WINNT\$NtUninstallKB938464-IE6SP1-20080429.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB938827-->"C:\WINNT\$NtUninstallKB938827$\spuninst\spuninst.exe" Correctif Windows 2000 - KB938829-->"C:\WINNT\$NtUninstallKB938829$\spuninst\spuninst.exe" Correctif Windows 2000 - KB939653-->"C:\WINNT\$NtUninstallKB939653-IE6SP1-20070817.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB941202-->"C:\WINNT\$NtUninstallKB941202-OE6SP1-20070820.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB941644-->"C:\WINNT\$NtUninstallKB941644$\spuninst\spuninst.exe" Correctif Windows 2000 - KB941693-->"C:\WINNT\$NtUninstallKB941693$\spuninst\spuninst.exe" Correctif Windows 2000 - KB942615-->"C:\WINNT\$NtUninstallKB942615-IE6SP1-20071029.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB943055-->"C:\WINNT\$NtUninstallKB943055$\spuninst\spuninst.exe" Correctif Windows 2000 - KB943485-->"C:\WINNT\$NtUninstallKB943485$\spuninst\spuninst.exe" Correctif Windows 2000 - KB944338-->"C:\WINNT\$NtUninstallKB944338$\spuninst\spuninst.exe" Correctif Windows 2000 - KB944533-->"C:\WINNT\$NtUninstallKB944533-IE6SP1-20071210.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB945553-->"C:\WINNT\$NtUninstallKB945553$\spuninst\spuninst.exe" Correctif Windows 2000 - KB947864-->"C:\WINNT\$NtUninstallKB947864-IE6SP1-20080215.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB948590-->"C:\WINNT\$NtUninstallKB948590$\spuninst\spuninst.exe" Correctif Windows 2000 - KB948881-->"C:\WINNT\$NtUninstallKB948881-IE6SP1-20080313.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB950749-->"C:\WINNT\$NtUninstallKB950749$\spuninst\spuninst.exe" Correctif Windows 2000 - KB950759-->"C:\WINNT\$NtUninstallKB950759-IE6SP1-20080418.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB950760-->"C:\WINNT\$NtUninstallKB950760$\spuninst\spuninst.exe" Correctif Windows 2000 - KB950974-->"C:\WINNT\$NtUninstallKB950974$\spuninst\spuninst.exe" Correctif Windows 2000 - KB951066-->"C:\WINNT\$NtUninstallKB951066-OE6SP1-20080625.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB951748-->"C:\WINNT\$NtUninstallKB951748$\spuninst\spuninst.exe" Correctif Windows 2000 - KB952954-->"C:\WINNT\$NtUninstallKB952954$\spuninst\spuninst.exe" Correctif Windows 2000 - KB953838-->"C:\WINNT\$NtUninstallKB953838-IE6SP1-20080620.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB953839-->"C:\WINNT\$NtUninstallKB953839$\spuninst\spuninst.exe" Correctif Windows 2000 - KB954211-->"C:\WINNT\$NtUninstallKB954211$\spuninst\spuninst.exe" Correctif Windows 2000 - KB955069-->"C:\WINNT\$NtUninstallKB955069$\spuninst\spuninst.exe" Correctif Windows 2000 - KB956390-->"C:\WINNT\$NtUninstallKB956390-IE6SP1-20080820.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB956391-->"C:\WINNT\$NtUninstallKB956391$\spuninst\spuninst.exe" Correctif Windows 2000 - KB956802-->"C:\WINNT\$NtUninstallKB956802$\spuninst\spuninst.exe" Correctif Windows 2000 - KB957095-->"C:\WINNT\$NtUninstallKB957095$\spuninst\spuninst.exe" Correctif Windows 2000 - KB957097-->"C:\WINNT\$NtUninstallKB957097$\spuninst\spuninst.exe" Correctif Windows 2000 - KB958215-->"C:\WINNT\$NtUninstallKB958215-IE6SP1-20081016.120000$\spuninst\spuninst.exe" Correctif Windows 2000 - KB958644-->"C:\WINNT\$NtUninstallKB958644$\spuninst\spuninst.exe" Correctif Windows 2000 - KB958687-->"C:\WINNT\$NtUninstallKB958687$\spuninst\spuninst.exe" Correctif Windows 2000 - KB960714-->"C:\WINNT\$NtUninstallKB960714-IE6SP1-20081211.120000$\spuninst\spuninst.exe" Creative PC-CAM Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove Creative WebCam Monitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove Creative WebCam NX Pro Driver (1.03.03.0326)-->C:\WINNT\CtDrvIns.exe -uninstall -script Pd1131.uns -unsext NT -plugin P1131Pin.dll -pluginres P1131Pin.crl Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70} DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC eMule-->"C:\Program Files\eMule\Uninstall.exe" Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe FreePCvcR v0.5.3a-->C:\Program Files\FreePCvcR\Uninstal.exe FreePCvcR v0.6-->C:\Program Files\FreePCvcR\Uninstal.exe Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" Hackman Hex Editor-->"C:\Program Files\Hackman\Uninstall.exe" "C:\Program Files\Hackman\install.log" Hattrick Control 2.12-->"C:\Games\Hattrick Control\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for MDAC 2.80 (KB911562)-->"C:\WINNT\$SQLUninstallMDAC28-KB911562-x86-FRA$\spuninst\spuninst.exe" Hotfix for MDAC 2.80 (KB927779)-->"C:\WINNT\$SQLUninstallMDAC28-KB927779-x86-FRA$\spuninst\spuninst.exe" HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{A023A2D1-8BD3-4B3D-8077-CD9DDA489CB5} hp psc 1100 series-->MsiExec.exe /X{01161F64-6897-4885-93A0-A9F7BE9A4253} IrfanView (remove only)-->d:\Documents and Settings\Karim\Bureau\IrfanView\iv_uninstall.exe Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Manuel d'utilisation de Creative WebCam NX Pro (Français)-->C:\WINNT\IsUn040c.exe -f"C:\Program Files\Creative\Creative WebCam NX Pro\Manuel d'utilisation de Creative WebCam NX Pro\French\CTManual.isu" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1 Hotfix (KB947742)-->"C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M947742\M947742Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7} mIRC-->"C:\winnt\system32\Lavan\system32.exe" -uninstall Mise à jour de sécurité for DirectX 8 (KB941568)-->"C:\WINNT\$NtUninstallKB941568_DX8$\spuninst\spuninst.exe" Mise à jour de sécurité for DirectX 8 (KB951698)-->"C:\WINNT\$NtUninstallKB951698_DX8$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINNT\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINNT\$NtUninstallKB952069_WM71$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINNT\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB954600)-->"C:\WINNT\$NtUninstallKB954600_WM41$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINNT\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINNT\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782)-->"C:\WINNT\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows 2000 (KB923689)-->"C:\WINNT\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows 2000 (KB941569)-->"C:\WINNT\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour système du Lecteur Windows Media (Série 9)-->C:\PROGRA~1\WINDOW~3\setup_wm.exe /Uninstall Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN Messenger 7.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820} Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B} Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1} Photo et imagerie HP 2.0 - hp psc 1100 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot PowerArchiver 2007 French-->MsiExec.exe /I{8E397FED-07AB-439C-80C5-1DA3A1E4C827} Radmin Viewer 3.0-->"C:\Program Files\Radmin Viewer 3.0\uninstall.exe" RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Skype 2.0-->"C:\Program Files\Skype\Phone\unins000.exe" SopCast 1.1.1-->C:\Program Files\SopCast\uninst.exe Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Defender Signatures-->MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C} Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Installer 3.1 (KB893803)-->"C:\WINNT\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe =====HijackThis Backups===== R3 - URLSearchHook: {EA551C00-2AE5-11d3-8592-00A0C98E9EA4} - - (no file) O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm (file missing) O4 - HKLM\..\RunServices: [updt Service] updt.pif O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm (file missing) O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - Startup: FreePCvcR.lnk = C:
  4. K38
    Fichier log.txt Logfile of random's system information tool 1.05 (written by random/random) Run by Karim at 2009-01-24 23:00:27 Microsoft Windows 2000 Professionnel Service Pack 4 System drive C: has 1 GB (12%) free of 9 GB Total RAM: 191 MB (4% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:02:01, on 24/01/2009 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINNT\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINNT\system32\mscdt.exe c:\winnt\system32\microsoft\user\FireDaemon.EXE c:\winnt\system32\microsoft\user\dll39.exe C:\WINNT\system32\stisvc.exe C:\WINNT\Installer\{9DE006A5-B484-4ADE-A760-0F217136B8EA}\system.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Mozilla Firefox\firefox.exe d:\Documents and Settings\Karim\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Karim.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe %windir%\system32\drivers\SbCtri.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://intranet.upmf-grenoble.fr/qp2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1132315772357 O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MS System Spooler (MSpool) - Unknown owner - C:\WINNT\system32\mscdt.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe O23 - Service: FireDaemon Service: QOS (QOS) - Unknown owner - c:\winnt\system32\microsoft\user\FireDaemon.EXE O23 - Service: Service Controler - Unknown owner - C:\WINNT\system32\drivers\SbCtri.exe (file missing) O23 - Service: system - Unknown owner - C:\WINNT\Installer\{9DE006A5-B484-4ADE-A760-0F217136B8EA}\system.exe -- End of file - 7857 bytes ======Scheduled tasks folder====== C:\WINNT\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1132827445.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-24 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-02-14 1171456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-24 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-24 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\WINNT\system32\msdxm.ocx [2005-06-03 848656] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-02-14 1171456] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"=mobsync.exe /logon [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-24 136600] "Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-06-14 282624] "CamMonitor"=C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe [2002-10-07 90112] "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2004-12-16 49152] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-07-07 2156368] d:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\nwprovau] C:\WINNT\system32\nwprovau.dll [2006-09-01 143632] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .reg - open - regedit.exe "%1" %* .scr - open - "%1" %* ======List of files/folders created in the last 1 months====== 2009-01-24 22:41:06 ----D---- C:\rsit 2009-01-24 10:07:33 ----A---- C:\WINNT\system32\javaws.exe 2009-01-24 10:07:33 ----A---- C:\WINNT\system32\javaw.exe 2009-01-24 10:07:33 ----A---- C:\WINNT\system32\java.exe 2009-01-24 10:07:33 ----A---- C:\WINNT\system32\deploytk.dll 2009-01-14 01:44:19 ----HDC---- C:\WINNT\$NtUninstallKB958687$ 2008-12-28 20:20:35 ----D---- C:\Program Files\VTech ======List of files/folders modified in the last 1 months====== 2009-01-24 22:41:12 ----RASHD---- C:\WINNT\system32 2009-01-24 22:24:21 ----D---- C:\Program Files\Mozilla Firefox 2009-01-24 22:19:38 ----D---- C:\WINNT\temp 2009-01-24 22:19:36 ----AD---- C:\WINNT\Debug 2009-01-24 22:19:26 ----D---- C:\WINNT\system32\NtmsData 2009-01-24 12:38:47 ----RAD---- C:\Program Files 2009-01-24 10:09:50 ----SHD---- C:\WINNT\Installer 2009-01-24 10:08:21 ----ASHD---- C:\Config.Msi 2009-01-24 10:04:30 ----D---- C:\Program Files\Java 2009-01-23 21:42:46 ----RSHD---- C:\WINNT\system32\Lavan 2009-01-23 21:00:14 ----RASHD---- C:\WINNT 2009-01-23 20:23:56 ----D---- C:\Program Files\Hackman 2009-01-23 19:48:44 ----AD---- C:\WINNT\system32\drivers 2009-01-22 18:04:46 ----SHD---- C:\WINNT\CSC 2009-01-21 20:36:25 ----A---- C:\WINNT\system32\sfc.dll 2009-01-14 01:44:48 ----HD---- C:\WINNT\inf 2009-01-14 01:44:30 ----RASHDC---- C:\WINNT\system32\dllcache 2009-01-10 02:35:28 ----A---- C:\WINNT\system32\MRT.exe 2008-12-28 19:27:25 ----HD---- C:\Program Files\InstallShield Installation Information 2008-12-28 18:48:44 ----D---- C:\Program Files\7-Zip ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINNT\system32\drivers\AFS2K.sys [2005-11-18 82380] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINNT\system32\DRIVERS\avipbb.sys [2008-11-25 75072] R1 Cdr4_2K;Cdr4_2K; C:\WINNT\system32\drivers\Cdr4_2K.sys [2006-01-01 58000] R1 Cdralw2k;Cdralw2k; C:\WINNT\system32\drivers\Cdralw2k.sys [2006-01-01 23420] R1 ssmdrv;ssmdrv; C:\WINNT\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 ANIO;ANIO Service; \??\C:\WINNT\system32\ANIO.SYS [] R2 NwlnkNb;NWLink NetBIOS; C:\WINNT\system32\DRIVERS\nwlnknb.sys [2003-06-19 65520] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINNT\system32\DRIVERS\nwlnkspx.sys [2001-05-08 58480] R2 tmcomm;tmcomm; \??\C:\WINNT\system32\drivers\tmcomm.sys [] R3 atirage3;atirage3; C:\WINNT\system32\DRIVERS\atimpab.sys [1999-12-14 71792] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINNT\system32\DRIVERS\CmBatt.sys [2003-06-19 9904] R3 ds1;Pilote audio DS1 YAMAHA (WDM); C:\WINNT\system32\drivers\ds1wdm.sys [1999-11-06 358928] R3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits); C:\WINNT\system32\DRIVERS\fbxusb32.sys [2007-08-27 31128] R3 NWRDR;NetWare Rdr; C:\WINNT\system32\DRIVERS\nwrdr.sys [2006-09-01 161520] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139; C:\WINNT\system32\DRIVERS\RTL8139.SYS [1999-09-25 18704] R3 uhcd;Pilote de contrôleur hôte universel USB Microsoft; C:\WINNT\system32\DRIVERS\uhcd.sys [2003-06-19 32848] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINNT\system32\DRIVERS\usbhub.sys [2003-06-19 40176] S2 HidUsb;Pilote de classe HID Microsoft; C:\WINNT\system32\DRIVERS\hidusb.sys [1999-10-04 13904] S2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINNT\system32\DRIVERS\nwlnkipx.sys [2003-06-19 91408] S3 CCDECODE;Closed Caption Decoder; C:\WINNT\system32\DRIVERS\CCDECODE.sys [2001-10-08 15264] S3 EL3C574;Pilote pour périphérique FE574B-3Com 10/100 LAN PCCard; C:\WINNT\system32\DRIVERS\el574nd4.sys [1999-09-25 24848] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINNT\system32\DRIVERS\HPZid412.sys [2003-03-09 51024] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINNT\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINNT\system32\DRIVERS\HPZius12.sys [2003-03-09 21456] S3 mouhid;Pilote HID de souris; C:\WINNT\system32\DRIVERS\mouhid.sys [2003-06-19 11824] S3 MPE;BDA MPE Filter; C:\WINNT\system32\DRIVERS\MPE.sys [2001-10-16 13952] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINNT\system32\drivers\MSTEE.sys [2001-10-30 4896] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINNT\system32\DRIVERS\NABTSFEC.sys [2001-10-08 86016] S3 P1131VID;Creative WebCam NX Pro (WDM); C:\WINNT\system32\DRIVERS\P1131Vid.sys [2004-03-26 91241] S3 RT61;D-Link Wireless Driver; C:\WINNT\system32\DRIVERS\RT61.sys [2005-06-04 319104] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINNT\system32\DRIVERS\usbprint.sys [2003-06-19 21872] S3 usbscan;Pilote de scanneur USB; C:\WINNT\system32\DRIVERS\usbscan.sys [2003-06-19 12592] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINNT\system32\DRIVERS\USBSTOR.SYS [2003-06-19 21552] S3 WSTCODEC;World Standard Teletext Codec; C:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2001-10-08 18208] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-24 152984] R2 MSpool;MS System Spooler; C:\WINNT\system32\mscdt.exe [2005-08-04 603136] R2 QOS;FireDaemon Service: QOS; c:\winnt\system32\microsoft\user\FireDaemon.EXE [2004-05-16 81920] R2 StiSvc;Still Image Service; C:\WINNT\system32\stisvc.exe [2003-06-19 62224] R2 system;system; C:\WINNT\I [2008-07-05 988] R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINNT\system32\mspmspsv.exe [2001-10-01 53248] S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2004-10-22 49152] S2 NWCWorkstation;Service client pour NetWare; C:\WINNT\system32\services.exe [2005-06-03 92944] S2 Service Controler;Service Controler; C:\WINNT\system32\drivers\SbCtri.exe [] S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINNT\system32\HPZipm12.exe [2003-03-09 65795] S3 WmdmPmSN;Service de numéro de série du lecteur multimédia portable; C:\WINNT\System32\svchost.exe [2001-05-08 7952] -----------------EOF-----------------
  5. K38
    Bonjour, Lorsque je démarre mon portable, j'ai le message suivant : Le fichier SbCtri.exe (ou un de ses composants) est introuvable. Vérifiez que le chemin et le nom de fichier sont corrects, et que toutes les bibliothèques requises sont disponibles. Que dois-je faire ? Merci.
  6. K38
    Ok je vais désinstaller Ad-Aware 2007. Merci.
  7. K38
    Bonjour, Est ce que le rapport est bon parce que mon portable rame à mort et que j'ai régulièrement internet qui se déconnecte. Merci. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:06:07, on 30/08/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://intranet.upmf-grenoble.fr/qp2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1132315772357 O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe -- End of file - 6535 bytes
  8. K38
    Up
  9. K38
    Bonjour, La semaine dernière, j'ai chopé un virus que j'ai éliminé grâce à l'aide très précieuse sur ce forum de Falkra. Mon portable est maintenant clean. Sauf que depuis hier, mon portable se déconnecte régulièrement toutes les 5 minutes environ. Pour pouvoir récupérer la connexion, je suis obligé de rebooter ma freebox !!! Mon portable est connecté en ethernet. Merci pour votre aide.
  10. K38
    Ok je met IE à jour. Merci
  11. K38
    Bon j'ai de nouveau le même problème : perte de connexion Internet et obligation de rebooter la freebox pour retrouver la connexion... Voici mon rapport hickjackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:42:27, on 31/07/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINNT\system32\internat.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://intranet.upmf-grenoble.fr/qp2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1132315772357 O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe -- End of file - 6016 bytes
  12. K38
    Encore une fois merci pour tout. Bonne fin de soirée.
  13. K38
    Bon ça a l'air nickel... Pas de problème particulier !!!
  14. K38
    Ok pas de problème !!! A demain soir. Bonne nuit.
  15. K38
    Bon ben je vais peut-être utiliser un peu plus souvent Mozilla. Encore merci pour tout.
  16. K38
    Ca rame un peu mais pour l'instant plus besoin de rebooter ma freebox pour avoir la connection Internet !!!
  17. K38
    C'est bon c'est fait !!! Dois-je relancer quelque chose ?
  18. K38
    Voici le rapport HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:08:44, on 29/07/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINNT\system32\internat.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\FreePCvcR\FreePCvcR.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINNT\explorer.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINNT\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: {EA551C00-2AE5-11d3-8592-00A0C98E9EA4} - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\RunServices: [updt Service] updt.pif O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Startup: FreePCvcR.lnk = C:\Program Files\FreePCvcR\FreePCvcR.exe O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm (file missing) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://intranet.upmf-grenoble.fr/qp2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1132315772357 O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe -- End of file - 7284 bytes
  19. K38
    Voici le rapport ComboFix ComboFix 08-07-28.7 - Karim 29/07/2008 22:58:06.2 - NTFSx86 Endroit: D:\Documents and Settings\Karim\Bureau\ComboFix.exe Command switches used :: d:\Documents and Settings\Karim\Bureau\CFScript.txt AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-06-28 to 2008-07-29 )))))))))))))))))))))))))))))))))))) . 2008-07-29 20:37 . 08-07-29 20:37 <DIR> d-------- C:\Program Files\Trend Micro 2008-07-27 14:02 . 08-07-28 15:56 <DIR> d-------- C:\Program Files\RegCleaner 2008-07-27 14:00 . 08-07-27 14:00 553,687 --a------ C:\RegCleaner.exe 2008-07-27 01:27 . 08-07-29 14:39 <DIR> d-------- d:\Documents and Settings\Karim\.housecall6.6 2008-07-26 01:00 . 08-07-26 07:57 96,559 --a------ C:\WINNT\system32\drivers\klin.dat 2008-07-26 01:00 . 08-07-26 07:57 87,855 --a------ C:\WINNT\system32\drivers\klick.dat 2008-07-26 00:59 . 08-07-29 22:14 <DIR> d-------- d:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-07-26 00:59 . 08-07-26 00:59 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-07-26 00:49 . 08-07-26 00:49 <DIR> d-------- d:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-07-26 00:49 . 08-07-26 00:49 28,664,592 --a------ C:\kav8.0.0.357fr.exe 2008-07-25 19:16 . 08-07-25 20:13 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-07-05 08:51 . 08-07-05 08:51 2,335 --a------ C:\WINNT\5 2008-07-05 08:51 . 08-07-05 08:51 988 --a------ C:\WINNT\I . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-25 21:01 --------- d-----w d:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition classic 2008-07-25 19:57 --------- d---a-w d:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-21 21:09 --------- d-----w C:\Program Files\Java 2008-07-09 22:59 --------- d-----w C:\Program Files\eMule 2008-06-25 09:42 67,344 ----a-w C:\WINNT\system32\mswsock.dll 2008-06-25 09:42 105,744 ----a-w C:\WINNT\system32\msafd.dll 2008-06-18 10:05 320,528 ----a-w C:\WINNT\system32\drivers\tcpip.sys 2008-05-01 18:09 1,665,536 ----a-w C:\WINNT\system32\quartz.dll 2006-08-18 16:22 302 ---ha-w C:\Program Files\hpothb07.dat 2006-08-18 16:20 513 ---ha-w C:\Program Files\hpothb07.tif 2006-06-10 09:09 164 -c-ha-w d:\Documents and Settings\All Users\hpothb07.dat 2006-06-10 09:09 0 -c-ha-w d:\Documents and Settings\Alain\hpothb07.dat 2006-03-31 22:14 0 -c-ha-w d:\Documents and Settings\Christine\hpothb07.dat 2006-03-31 22:14 0 -c-ha-w d:\Documents and Settings\Administrateur\hpothb07.dat 2005-11-16 21:50 271 ---h--w C:\Program Files\desktop.ini 2005-11-16 21:50 22,115 ---h--w C:\Program Files\folder.htt 2001-05-08 00:00 32,528 -c--a-w C:\WINNT\inf\wbfirdma.sys . ((((((((((((((((((((((((((((( snapshot@mar. 2008-07-29_22.21.41.87 ))))))))))))))))))))))))))))))))))))))))) . - 2005-11-20 14:44:11 2,658 -c--a-w C:\WINNT\mozver.dat + 2008-07-29 20:46:29 3,294 -c--a-w C:\WINNT\mozver.dat + 2008-03-24 18:21:00 2,889,088 ----a-w C:\WINNT\system32\Macromed\Flash\NPSWF32.dll + 2008-03-24 18:21:00 218,496 ----a-w C:\WINNT\system32\Macromed\Flash\NPSWF32_FlashUtil.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [08-07-07 09:42 2156368] "internat.exe"="internat.exe" [01-05-08 02:00 20752 C:\WINNT\system32\internat.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CamMonitor"="C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe" [02-10-07 01:23 90112] "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [02-04-17 11:42 69632] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06-06-14 20:53 282624] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [08-06-10 04:27 144784] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [05-11-21 23:26 180269] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [08-04-25 18:21 201992] "Synchronization Manager"="mobsync.exe" [03-06-19 12:05 111888 C:\WINNT\system32\mobsync.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "Updt Service"="updt.pif" [bU] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "internat.exe"="internat.exe" [01-05-08 02:00 20752 C:\WINNT\system32\internat.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [03-06-19 12:05 189712] D:\Documents and Settings\Karim\Menu D‚marrer\Programmes\D‚marrage\ FreePCvcR.lnk - C:\Program Files\FreePCvcR\FreePCvcR.exe [2006-01-05 19:32:52 1352704] D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-06 02:17:18 147456] hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 02:06:58 28672] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"= mmdrv.dll R0 avgntmgr;avgntmgr;C:\WINNT\system32\drivers\avgntmgr.sys [08-04-20 12:48 ] R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINNT\system32\drivers\klbg.sys [08-01-29 18:29 ] R1 avgntdd;avgntdd;C:\WINNT\system32\DRIVERS\avgntdd.sys [08-07-21 23:10 ] R3 fbxusb;FreeBox USB Network Adapter;C:\WINNT\system32\DRIVERS\fbxusb.sys [03-12-31 12:35 ] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINNT\system32\DRIVERS\klim5.sys [08-03-25 20:07 ] S3 EL3C574;Pilote pour périphérique FE574B-3Com 10/100 LAN PCCard;C:\WINNT\system32\DRIVERS\el574nd4.sys [99-09-25 04:16 ] *Newly Created Service* - IPNAT *Newly Created Service* - SHAREDACCESS . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' 2006-03-19 C:\WINNT\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1132827445.job - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [03-04-06 01:52 ] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-29 23:02:07 Windows 5.0.2195 Service Pack 4 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-07-29 23:06:00 ComboFix-quarantined-files.txt 2008-07-29 21:05:45 ComboFix2.txt 2008-07-29 20:23:50 Pre-Run: 3,239,100,416 octets libres Post-Run: 3,232,841,728 octets libres 108 --- E O F --- 2008-07-09 22:27:06
  20. K38
    Voici le rapport ComboFix ComboFix 08-07-28.7 - Karim 29/07/2008 21:52:19.1 - NTFSx86 Microsoft Windows 2000 Professionnel 5.0.2195.4.1252.1.1036.18.45 [GMT 2:00] Endroit: d:\Documents and Settings\Karim\Bureau\ComboFix.exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINNT\system32\mdm.exe C:\WINNT\Web\default.htt . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-28 to 2008-07-29 )))))))))))))))))))))))))))))))))))) . 2008-07-29 20:37 . 08-07-29 20:37 <DIR> d-------- C:\Program Files\Trend Micro 2008-07-27 14:02 . 08-07-28 15:56 <DIR> d-------- C:\Program Files\RegCleaner 2008-07-27 14:00 . 08-07-27 14:00 553,687 --a------ C:\RegCleaner.exe 2008-07-27 01:27 . 08-07-29 14:39 <DIR> d-------- d:\Documents and Settings\Karim\.housecall6.6 2008-07-26 01:00 . 08-07-26 07:57 96,559 --a------ C:\WINNT\system32\drivers\klin.dat 2008-07-26 01:00 . 08-07-26 07:57 87,855 --a------ C:\WINNT\system32\drivers\klick.dat 2008-07-26 00:59 . 08-07-29 22:14 <DIR> d-------- d:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-07-26 00:59 . 08-07-26 00:59 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-07-26 00:49 . 08-07-26 00:49 <DIR> d-------- d:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-07-26 00:49 . 08-07-26 00:49 28,664,592 --a------ C:\kav8.0.0.357fr.exe 2008-07-25 19:16 . 08-07-25 20:13 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-07-05 08:51 . 08-07-05 08:51 2,335 --a------ C:\WINNT\5 2008-07-05 08:51 . 08-07-05 08:51 988 --a------ C:\WINNT\I . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-25 21:01 --------- d-----w d:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition classic 2008-07-25 19:57 --------- d---a-w d:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-21 21:09 --------- d-----w C:\Program Files\Java 2008-07-09 22:59 --------- d-----w C:\Program Files\eMule 2008-06-25 09:42 67,344 ----a-w C:\WINNT\system32\mswsock.dll 2008-06-25 09:42 105,744 ----a-w C:\WINNT\system32\msafd.dll 2008-06-18 10:05 320,528 ----a-w C:\WINNT\system32\drivers\tcpip.sys 2008-05-01 18:09 1,665,536 ----a-w C:\WINNT\system32\quartz.dll 2006-08-18 16:22 302 ---ha-w C:\Program Files\hpothb07.dat 2006-08-18 16:20 513 ---ha-w C:\Program Files\hpothb07.tif 2006-06-10 09:09 164 -c-ha-w d:\Documents and Settings\All Users\hpothb07.dat 2006-06-10 09:09 0 -c-ha-w d:\Documents and Settings\Alain\hpothb07.dat 2006-03-31 22:14 0 -c-ha-w d:\Documents and Settings\Christine\hpothb07.dat 2006-03-31 22:14 0 -c-ha-w d:\Documents and Settings\Administrateur\hpothb07.dat 2005-11-16 21:50 271 ---h--w C:\Program Files\desktop.ini 2005-11-16 21:50 22,115 ---h--w C:\Program Files\folder.htt 2001-05-08 00:00 32,528 -c--a-w C:\WINNT\inf\wbfirdma.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [08-07-07 09:42 2156368] "internat.exe"="internat.exe" [01-05-08 02:00 20752 C:\WINNT\system32\internat.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CamMonitor"="C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe" [02-10-07 01:23 90112] "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [02-04-17 11:42 69632] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06-06-14 20:53 282624] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [08-06-10 04:27 144784] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [05-11-21 23:26 180269] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [08-04-25 18:21 201992] "Synchronization Manager"="mobsync.exe" [03-06-19 12:05 111888 C:\WINNT\system32\mobsync.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "internat.exe"="internat.exe" [01-05-08 02:00 20752 C:\WINNT\system32\internat.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [03-06-19 12:05 189712] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"= mmdrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "antivirusdisablenotify"=dword:00000001 "firewalldisableoverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 *Newly Created Service* - IPNAT *Newly Created Service* - SHAREDACCESS . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' 2006-03-19 C:\WINNT\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1132827445.job - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [03-04-06 01:52 ] . - - - - ORPHANS REMOVED - - - - HKCU-Run-Updt Service - updt.pif HKCU-RunServices-Updt Service - updt.pif HKLM-Run-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe HKLM-Run-Updt Service - updt.pif HKLM-Run-SecuUFD - (no file) HKLM-RunServices-Updt Service - updt.pif HKU-Default-Run-Updt Service - updt.pif HKU-Default-RunServices-Updt Service - updt.pif ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\Qualcomm\Eudora\EuShlExt.dll . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://fr.yahoo.com/ O8 -: &Traduire à partir de l'anglais - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 -: Pages liées - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 -: Pages similaires - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 -: Recherche &Google - c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 -: Version de la page actuelle disponible dans le cache Google - c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 -: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm O16 -: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab C:\WINNT\Downloaded Program Files\AdSignerADP.inf C:\WINNT\system32\msvcp60.dll C:\WINNT\system32\atl.dll C:\WINNT\Downloaded Program Files\AdVerifierADP.dll C:\WINNT\Downloaded Program Files\AdSignerADP.dll O16 -: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} - hxxp://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab C:\WINNT\Downloaded Program Files\nsvplayx_vp6_aac.inf ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-29 22:11:06 Windows 5.0.2195 Service Pack 4 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . Temps d'accomplissement: 2008-07-29 22:23:45 - machine was rebooted ComboFix-quarantined-files.txt 2008-07-29 20:23:23 Pre-Run: 3,302,154,240 octets libres Post-Run: 3,240,062,976 octets libres 123 --- E O F --- 2008-07-09 22:27:06
  21. K38
    Bonsoir a tous ! J'ai eu un problème recent avec des virus que j'ai réussi à enlever suite au scan de Kaspersky et de spybot. Mais je suis régulièrement déconnecter d'Internet et la seule façon de la récupérer est de rebooter ma freebox !!! Merci pour votre aide. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:38:40, on 29/07/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINNT\system32\internat.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\FreePCvcR\FreePCvcR.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: {EA551C00-2AE5-11d3-8592-00A0C98E9EA4} - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [updt Service] updt.pif O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServices: [updt Service] updt.pif O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [updt Service] updt.pif O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\RunServices: [updt Service] updt.pif O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\Run: [updt Service] updt.pif (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - HKUS\.DEFAULT\..\RunServices: [updt Service] updt.pif (User 'Default user') O4 - Startup: FreePCvcR.lnk = C:\Program Files\FreePCvcR\FreePCvcR.exe O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm (file missing) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://intranet.upmf-grenoble.fr/qp2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1132315772357 O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe -- End of file - 7727 bytes
×
×
  • Créer...