Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Vendredi 5 décembre 2008 - 03:26:37
- inscrits : 1094412
- connectés : 14111
- questions/jour : 4675
- Taux de réponse : 76.81%
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Bonjour,
J'ai un souci de fenêtres intempestives et de nouveaux favoris non désirés et non supprimables dans IE.
Ce problème est survenu lorsque ma nièce a installé msn + sur mon pc.
J'ai supprimé msn +, fais fonctionner adware, spybot et antivir, mais le problème est toujours là.
Voici le rapport de hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 23:42:42, on 30/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\DkLog.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dkcktkn.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Digital Line Detect\DLG.exe
c:\progra~1\intern~1\iexplore.exe
C:\Palm\HOTSYNC.EXE
C:\Palm\palm.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Isabelle Bétend\Mes documents\Internet\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 82.195.155.5 c3310.z1301.winmx.com c3311.z1301.winmx.com
O1 - Hosts: c3312.z1301.winmx.com c3313.z1301.winmx.com c3314.z1301.winmx.com
O1 - Hosts: c3315.z1301.winmx.com c3316.z1301.winmx.com c3317.z1301.winmx.com
O1 - Hosts: c3318.z1301.winmx.com c3319.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1302.winmx.com c3311.z1302.winmx.com
O1 - Hosts: c3312.z1302.winmx.com c3313.z1302.winmx.com c3314.z1302.winmx.com
O1 - Hosts: c3315.z1302.winmx.com c3316.z1302.winmx.com c3317.z1302.winmx.com
O1 - Hosts: c3318.z1302.winmx.com c3319.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1303.winmx.com c3311.z1303.winmx.com
O1 - Hosts: c3312.z1303.winmx.com c3313.z1303.winmx.com c3314.z1303.winmx.com
O1 - Hosts: c3315.z1303.winmx.com c3316.z1303.winmx.com c3317.z1303.winmx.com
O1 - Hosts: c3318.z1303.winmx.com c3319.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1304.winmx.com c3311.z1304.winmx.com
O1 - Hosts: c3312.z1304.winmx.com c3313.z1304.winmx.com c3314.z1304.winmx.com
O1 - Hosts: c3315.z1304.winmx.com c3316.z1304.winmx.com
O1 - Hosts: c3317.z1304.winmx.comc3318.z1304.winmx.com c3319.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3311.z1305.winmx.com
O1 - Hosts: c3312.z1305.winmx.com c3313.z1305.winmx.com c3314.z1305.winmx.com
O1 - Hosts: c3315.z1305.winmx.com c3316.z1305.winmx.com c3317.z1305.winmx.com
O1 - Hosts: c3318.z1305.winmx.com c3319.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1306.winmx.com c3311.z1306.winmx.com
O1 - Hosts: c3312.z1306.winmx.com c3313.z1306.winmx.com c3314.z1306.winmx.com
O1 - Hosts: c3315.z1306.winmx.com c3316.z1306.winmx.com
O1 - Hosts: c3317.z1306.winmx.comc3318.z1306.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1301.winmx.com c3521.z1301.winmx.com
O1 - Hosts: c3522.z1301.winmx.com c3523.z1301.winmx.com c3524.z1301.winmx.com
O1 - Hosts: c3525.z1301.winmx.com c3526.z1301.winmx.com c3527.z1301.winmx.com
O1 - Hosts: c3528.z1301.winmx.com c3529.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1302.winmx.com c3521.z1302.winmx.com
O1 - Hosts: c3522.z1302.winmx.com c3523.z1302.winmx.com c3524.z1302.winmx.com
O1 - Hosts: c3525.z1302.winmx.com c3526.z1302.winmx.com c3527.z1302.winmx.com
O1 - Hosts: 3528.z1302.winmx.com c3529.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1303.winmx.com c3521.z1303.winmx.com
O1 - Hosts: c3522.z1303.winmx.com c3523.z1303.winmx.com c3524.z1303.winmx.com
O1 - Hosts: c3525.z1303.winmx.com c3526.z1303.winmx.com c3527.z1303.winmx.com
O1 - Hosts: c3528.z1303.winmx.com c3529.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1304.winmx.com c3521.z1304.winmx.com
O1 - Hosts: c3522.z1304.winmx.com c3523.z1304.winmx.com c3524.z1304.winmx.com
O1 - Hosts: c3525.z1304.winmx.com c3526.z1304.winmx.com c3527.z1304.winmx.com
O1 - Hosts: c3528.z1304.winmx.com c3529.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3521.z1305.winmx.com
O1 - Hosts: c3522.z1305.winmx.com c3523.z1305.winmx.com c3524.z1305.winmx.com
O1 - Hosts: c3525.z1305.winmx.com c3526.z1305.winmx.com c3527.z1305.winmx.com
O1 - Hosts: c3528.z1305.winmx.com c3529.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1306.winmx.com c3521.z1306.winmx.com
O1 - Hosts: c3522.z1306.winmx.com c3523.z1306.winmx.comc3524.z1306.winmx.com
O1 - Hosts: c3525.z1306.winmx.com c3526.z1306.winmx.com c3527.z1306.winmx.com
O1 - Hosts: c3528.z1306.winmx.comc3529.z1306.winmx.com
O2 - BHO: (no name) - {3D806643-C091-27FD-15B0-D3CA97B83F8F} - C:\DOCUME~1\ISABEL~1\APPLIC~1\ARMYCH~1\pile body.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DkStartup] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkStartup.exe
O4 - HKLM\..\Run: [DkAutoReg.exe] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [sizewaybookdog] C:\Documents and Settings\All Users\Application Data\exitchinsizeway\Sixth Draw.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [debug lite] C:\DOCUME~1\ISABEL~1\APPLIC~1\ANTISE~1\Tray Two.exe
O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Startup: Palm Desktop.lnk = C:\Palm\palm.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt4_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potd_x.cab
O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://querle.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3fr.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) - https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/net/Import/ImageUploader3.cab
O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2703359A-E827-4E29-A40F-EDDA20732BE8}: NameServer = 192.168.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Datakey's Log Service (DkLogger) - Datakey, Inc. - C:\WINDOWS\System32\DkLog.exe
O23 - Service: Datakey's Token Service (DkTknSrv) - Datakey, Inc. - C:\WINDOWS\System32\dkcktkn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Merci beaucoup d'avance.
Bonne soirée, Isabelle.
J'ai un souci de fenêtres intempestives et de nouveaux favoris non désirés et non supprimables dans IE.
Ce problème est survenu lorsque ma nièce a installé msn + sur mon pc.
J'ai supprimé msn +, fais fonctionner adware, spybot et antivir, mais le problème est toujours là.
Voici le rapport de hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 23:42:42, on 30/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\DkLog.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dkcktkn.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Digital Line Detect\DLG.exe
c:\progra~1\intern~1\iexplore.exe
C:\Palm\HOTSYNC.EXE
C:\Palm\palm.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Isabelle Bétend\Mes documents\Internet\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 82.195.155.5 c3310.z1301.winmx.com c3311.z1301.winmx.com
O1 - Hosts: c3312.z1301.winmx.com c3313.z1301.winmx.com c3314.z1301.winmx.com
O1 - Hosts: c3315.z1301.winmx.com c3316.z1301.winmx.com c3317.z1301.winmx.com
O1 - Hosts: c3318.z1301.winmx.com c3319.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1302.winmx.com c3311.z1302.winmx.com
O1 - Hosts: c3312.z1302.winmx.com c3313.z1302.winmx.com c3314.z1302.winmx.com
O1 - Hosts: c3315.z1302.winmx.com c3316.z1302.winmx.com c3317.z1302.winmx.com
O1 - Hosts: c3318.z1302.winmx.com c3319.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1303.winmx.com c3311.z1303.winmx.com
O1 - Hosts: c3312.z1303.winmx.com c3313.z1303.winmx.com c3314.z1303.winmx.com
O1 - Hosts: c3315.z1303.winmx.com c3316.z1303.winmx.com c3317.z1303.winmx.com
O1 - Hosts: c3318.z1303.winmx.com c3319.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1304.winmx.com c3311.z1304.winmx.com
O1 - Hosts: c3312.z1304.winmx.com c3313.z1304.winmx.com c3314.z1304.winmx.com
O1 - Hosts: c3315.z1304.winmx.com c3316.z1304.winmx.com
O1 - Hosts: c3317.z1304.winmx.comc3318.z1304.winmx.com c3319.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3311.z1305.winmx.com
O1 - Hosts: c3312.z1305.winmx.com c3313.z1305.winmx.com c3314.z1305.winmx.com
O1 - Hosts: c3315.z1305.winmx.com c3316.z1305.winmx.com c3317.z1305.winmx.com
O1 - Hosts: c3318.z1305.winmx.com c3319.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1306.winmx.com c3311.z1306.winmx.com
O1 - Hosts: c3312.z1306.winmx.com c3313.z1306.winmx.com c3314.z1306.winmx.com
O1 - Hosts: c3315.z1306.winmx.com c3316.z1306.winmx.com
O1 - Hosts: c3317.z1306.winmx.comc3318.z1306.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1301.winmx.com c3521.z1301.winmx.com
O1 - Hosts: c3522.z1301.winmx.com c3523.z1301.winmx.com c3524.z1301.winmx.com
O1 - Hosts: c3525.z1301.winmx.com c3526.z1301.winmx.com c3527.z1301.winmx.com
O1 - Hosts: c3528.z1301.winmx.com c3529.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1302.winmx.com c3521.z1302.winmx.com
O1 - Hosts: c3522.z1302.winmx.com c3523.z1302.winmx.com c3524.z1302.winmx.com
O1 - Hosts: c3525.z1302.winmx.com c3526.z1302.winmx.com c3527.z1302.winmx.com
O1 - Hosts: 3528.z1302.winmx.com c3529.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1303.winmx.com c3521.z1303.winmx.com
O1 - Hosts: c3522.z1303.winmx.com c3523.z1303.winmx.com c3524.z1303.winmx.com
O1 - Hosts: c3525.z1303.winmx.com c3526.z1303.winmx.com c3527.z1303.winmx.com
O1 - Hosts: c3528.z1303.winmx.com c3529.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1304.winmx.com c3521.z1304.winmx.com
O1 - Hosts: c3522.z1304.winmx.com c3523.z1304.winmx.com c3524.z1304.winmx.com
O1 - Hosts: c3525.z1304.winmx.com c3526.z1304.winmx.com c3527.z1304.winmx.com
O1 - Hosts: c3528.z1304.winmx.com c3529.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3521.z1305.winmx.com
O1 - Hosts: c3522.z1305.winmx.com c3523.z1305.winmx.com c3524.z1305.winmx.com
O1 - Hosts: c3525.z1305.winmx.com c3526.z1305.winmx.com c3527.z1305.winmx.com
O1 - Hosts: c3528.z1305.winmx.com c3529.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1306.winmx.com c3521.z1306.winmx.com
O1 - Hosts: c3522.z1306.winmx.com c3523.z1306.winmx.comc3524.z1306.winmx.com
O1 - Hosts: c3525.z1306.winmx.com c3526.z1306.winmx.com c3527.z1306.winmx.com
O1 - Hosts: c3528.z1306.winmx.comc3529.z1306.winmx.com
O2 - BHO: (no name) - {3D806643-C091-27FD-15B0-D3CA97B83F8F} - C:\DOCUME~1\ISABEL~1\APPLIC~1\ARMYCH~1\pile body.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DkStartup] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkStartup.exe
O4 - HKLM\..\Run: [DkAutoReg.exe] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [sizewaybookdog] C:\Documents and Settings\All Users\Application Data\exitchinsizeway\Sixth Draw.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [debug lite] C:\DOCUME~1\ISABEL~1\APPLIC~1\ANTISE~1\Tray Two.exe
O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Startup: Palm Desktop.lnk = C:\Palm\palm.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt4_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potd_x.cab
O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://querle.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3fr.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) - https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/net/Import/ImageUploader3.cab
O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2703359A-E827-4E29-A40F-EDDA20732BE8}: NameServer = 192.168.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Datakey's Log Service (DkLogger) - Datakey, Inc. - C:\WINDOWS\System32\DkLog.exe
O23 - Service: Datakey's Token Service (DkTknSrv) - Datakey, Inc. - C:\WINDOWS\System32\dkcktkn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Merci beaucoup d'avance.
Bonne soirée, Isabelle.
slt,
Tu es infecté par lop ! Fais les manip indiqué dans ce lien. perso.orange.fr/entraide-hijackthis/MessengerPlus3/index.html ensuite remet un log Hijack . A+ ***** Have a good day ***** |
Bonjour,
J'ai fait la manip et ensuite mis spybot en route mais le problème persiste. Voici le nouveau rapport hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 09:20:37, on 01/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Dell\AccessDirect\dadapp.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\carpserv.exe C:\Program Files\Dell\AccessDirect\DadTray.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\ImageStudio\LowLight.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\WINDOWS\System32\dkcktkn.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\interMute\SpySubtract\SpySub.exe C:\Palm\HOTSYNC.EXE C:\Palm\palm.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Isabelle Bétend\Mes documents\Internet\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 82.195.155.5 c3310.z1301.winmx.com c3311.z1301.winmx.com O1 - Hosts: c3312.z1301.winmx.com c3313.z1301.winmx.com c3314.z1301.winmx.com O1 - Hosts: c3315.z1301.winmx.com c3316.z1301.winmx.com c3317.z1301.winmx.com O1 - Hosts: c3318.z1301.winmx.com c3319.z1301.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1302.winmx.com c3311.z1302.winmx.com O1 - Hosts: c3312.z1302.winmx.com c3313.z1302.winmx.com c3314.z1302.winmx.com O1 - Hosts: c3315.z1302.winmx.com c3316.z1302.winmx.com c3317.z1302.winmx.com O1 - Hosts: c3318.z1302.winmx.com c3319.z1302.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1303.winmx.com c3311.z1303.winmx.com O1 - Hosts: c3312.z1303.winmx.com c3313.z1303.winmx.com c3314.z1303.winmx.com O1 - Hosts: c3315.z1303.winmx.com c3316.z1303.winmx.com c3317.z1303.winmx.com O1 - Hosts: c3318.z1303.winmx.com c3319.z1303.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1304.winmx.com c3311.z1304.winmx.com O1 - Hosts: c3312.z1304.winmx.com c3313.z1304.winmx.com c3314.z1304.winmx.com O1 - Hosts: c3315.z1304.winmx.com c3316.z1304.winmx.com O1 - Hosts: c3317.z1304.winmx.comc3318.z1304.winmx.com c3319.z1304.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3311.z1305.winmx.com O1 - Hosts: c3312.z1305.winmx.com c3313.z1305.winmx.com c3314.z1305.winmx.com O1 - Hosts: c3315.z1305.winmx.com c3316.z1305.winmx.com c3317.z1305.winmx.com O1 - Hosts: c3318.z1305.winmx.com c3319.z1305.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1306.winmx.com c3311.z1306.winmx.com O1 - Hosts: c3312.z1306.winmx.com c3313.z1306.winmx.com c3314.z1306.winmx.com O1 - Hosts: c3315.z1306.winmx.com c3316.z1306.winmx.com O1 - Hosts: c3317.z1306.winmx.comc3318.z1306.winmx.com c3319.z1306.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1301.winmx.com c3521.z1301.winmx.com O1 - Hosts: c3522.z1301.winmx.com c3523.z1301.winmx.com c3524.z1301.winmx.com O1 - Hosts: c3525.z1301.winmx.com c3526.z1301.winmx.com c3527.z1301.winmx.com O1 - Hosts: c3528.z1301.winmx.com c3529.z1301.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1302.winmx.com c3521.z1302.winmx.com O1 - Hosts: c3522.z1302.winmx.com c3523.z1302.winmx.com c3524.z1302.winmx.com O1 - Hosts: c3525.z1302.winmx.com c3526.z1302.winmx.com c3527.z1302.winmx.com O1 - Hosts: 3528.z1302.winmx.com c3529.z1302.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1303.winmx.com c3521.z1303.winmx.com O1 - Hosts: c3522.z1303.winmx.com c3523.z1303.winmx.com c3524.z1303.winmx.com O1 - Hosts: c3525.z1303.winmx.com c3526.z1303.winmx.com c3527.z1303.winmx.com O1 - Hosts: c3528.z1303.winmx.com c3529.z1303.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1304.winmx.com c3521.z1304.winmx.com O1 - Hosts: c3522.z1304.winmx.com c3523.z1304.winmx.com c3524.z1304.winmx.com O1 - Hosts: c3525.z1304.winmx.com c3526.z1304.winmx.com c3527.z1304.winmx.com O1 - Hosts: c3528.z1304.winmx.com c3529.z1304.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3521.z1305.winmx.com O1 - Hosts: c3522.z1305.winmx.com c3523.z1305.winmx.com c3524.z1305.winmx.com O1 - Hosts: c3525.z1305.winmx.com c3526.z1305.winmx.com c3527.z1305.winmx.com O1 - Hosts: c3528.z1305.winmx.com c3529.z1305.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1306.winmx.com c3521.z1306.winmx.com O1 - Hosts: c3522.z1306.winmx.com c3523.z1306.winmx.comc3524.z1306.winmx.com O1 - Hosts: c3525.z1306.winmx.com c3526.z1306.winmx.com c3527.z1306.winmx.com O1 - Hosts: c3528.z1306.winmx.comc3529.z1306.winmx.com O2 - BHO: (no name) - {3D806643-C091-27FD-15B0-D3CA97B83F8F} - C:\DOCUME~1\ISABEL~1\APPLIC~1\ARMYCH~1\pile body.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [DkStartup] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkStartup.exe O4 - HKLM\..\Run: [DkAutoReg.exe] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sizewaybookdog] C:\Documents and Settings\All Users\Application Data\exitchinsizeway\Sixth Draw.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [debug lite] C:\DOCUME~1\ISABEL~1\APPLIC~1\ANTISE~1\Tray Two.exe O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Startup: Palm Desktop.lnk = C:\Palm\palm.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt4_x.cab O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potd_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://querle.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3fr.cab O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) - https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/net/Import/ImageUploader3.cab O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2703359A-E827-4E29-A40F-EDDA20732BE8}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Datakey's Log Service (DkLogger) - Datakey, Inc. - C:\WINDOWS\System32\DkLog.exe O23 - Service: Datakey's Token Service (DkTknSrv) - Datakey, Inc. - C:\WINDOWS\System32\dkcktkn.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Encore merci pour votre aide. Isabelle |
Salut,
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked" O1 - Hosts: 82.195.155.5 c3310.z1301.winmx.com c3311.z1301.winmx.com O1 - Hosts: c3312.z1301.winmx.com c3313.z1301.winmx.com c3314.z1301.winmx.com O1 - Hosts: c3315.z1301.winmx.com c3316.z1301.winmx.com c3317.z1301.winmx.com O1 - Hosts: c3318.z1301.winmx.com c3319.z1301.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1302.winmx.com c3311.z1302.winmx.com O1 - Hosts: c3312.z1302.winmx.com c3313.z1302.winmx.com c3314.z1302.winmx.com O1 - Hosts: c3315.z1302.winmx.com c3316.z1302.winmx.com c3317.z1302.winmx.com O1 - Hosts: c3318.z1302.winmx.com c3319.z1302.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1303.winmx.com c3311.z1303.winmx.com O1 - Hosts: c3312.z1303.winmx.com c3313.z1303.winmx.com c3314.z1303.winmx.com O1 - Hosts: c3315.z1303.winmx.com c3316.z1303.winmx.com c3317.z1303.winmx.com O1 - Hosts: c3318.z1303.winmx.com c3319.z1303.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1304.winmx.com c3311.z1304.winmx.com O1 - Hosts: c3312.z1304.winmx.com c3313.z1304.winmx.com c3314.z1304.winmx.com O1 - Hosts: c3315.z1304.winmx.com c3316.z1304.winmx.com O1 - Hosts: c3317.z1304.winmx.comc3318.z1304.winmx.com c3319.z1304.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3311.z1305.winmx.com O1 - Hosts: c3312.z1305.winmx.com c3313.z1305.winmx.com c3314.z1305.winmx.com O1 - Hosts: c3315.z1305.winmx.com c3316.z1305.winmx.com c3317.z1305.winmx.com O1 - Hosts: c3318.z1305.winmx.com c3319.z1305.winmx.com O1 - Hosts: 82.195.155.5 c3310.z1306.winmx.com c3311.z1306.winmx.com O1 - Hosts: c3312.z1306.winmx.com c3313.z1306.winmx.com c3314.z1306.winmx.com O1 - Hosts: c3315.z1306.winmx.com c3316.z1306.winmx.com O1 - Hosts: c3317.z1306.winmx.comc3318.z1306.winmx.com c3319.z1306.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1301.winmx.com c3521.z1301.winmx.com O1 - Hosts: c3522.z1301.winmx.com c3523.z1301.winmx.com c3524.z1301.winmx.com O1 - Hosts: c3525.z1301.winmx.com c3526.z1301.winmx.com c3527.z1301.winmx.com O1 - Hosts: c3528.z1301.winmx.com c3529.z1301.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1302.winmx.com c3521.z1302.winmx.com O1 - Hosts: c3522.z1302.winmx.com c3523.z1302.winmx.com c3524.z1302.winmx.com O1 - Hosts: c3525.z1302.winmx.com c3526.z1302.winmx.com c3527.z1302.winmx.com O1 - Hosts: 3528.z1302.winmx.com c3529.z1302.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1303.winmx.com c3521.z1303.winmx.com O1 - Hosts: c3522.z1303.winmx.com c3523.z1303.winmx.com c3524.z1303.winmx.com O1 - Hosts: c3525.z1303.winmx.com c3526.z1303.winmx.com c3527.z1303.winmx.com O1 - Hosts: c3528.z1303.winmx.com c3529.z1303.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1304.winmx.com c3521.z1304.winmx.com O1 - Hosts: c3522.z1304.winmx.com c3523.z1304.winmx.com c3524.z1304.winmx.com O1 - Hosts: c3525.z1304.winmx.com c3526.z1304.winmx.com c3527.z1304.winmx.com O1 - Hosts: c3528.z1304.winmx.com c3529.z1304.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3521.z1305.winmx.com O1 - Hosts: c3522.z1305.winmx.com c3523.z1305.winmx.com c3524.z1305.winmx.com O1 - Hosts: c3525.z1305.winmx.com c3526.z1305.winmx.com c3527.z1305.winmx.com O1 - Hosts: c3528.z1305.winmx.com c3529.z1305.winmx.com O1 - Hosts: 82.195.155.5 c3520.z1306.winmx.com c3521.z1306.winmx.com O1 - Hosts: c3522.z1306.winmx.com c3523.z1306.winmx.comc3524.z1306.winmx.com O1 - Hosts: c3525.z1306.winmx.com c3526.z1306.winmx.com c3527.z1306.winmx.com O1 - Hosts: c3528.z1306.winmx.comc3529.z1306.winmx.comO16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt4_x.cab O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potd_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://querle.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3fr.cab O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) - https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/net/Import/ImageUploader3.cab O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab Fait ce nettoyage: (à faire réguliérement) ¤Telecharges et installes ceci: CCleaner: Ccleaner dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs. Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage" Télécharge lopxp: http://pageperso.aol.fr/balltrap34/lopxp.zip dézippe-le sur ton bureau puis double-clic sur le fichier "lopxp.bat" quand il à terminé, un rapport s'ouvre : fais un copier-coller puis mets le ici Je te laisse dans les commandes de Séb ++ C'est en forgeant que l'on devient forgeron - kerio.probb.fr/index.htm |
Re,
Voilà j'ai fait la manip et voici le rapport : Rapport fait à 11:21:19,96 le 01/10/2006 Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\All Users\Application Data 30/09/2006 12:44 <REP> exitchinsizeway 06/07/2006 19:58 305 addr_file.html 06/07/2006 19:53 <REP> AntiVir PersonalEdition Classic 27/06/2006 19:30 <REP> Windows Genuine Advantage 08/06/2006 20:55 <REP> Global Software Publishing 12/05/2006 18:41 <REP> pdf995 27/01/2006 01:10 <REP> Apple Computer 02/11/2004 16:56 <REP> yahoo! 03/07/2004 23:48 <REP> Spybot - Search & Destroy 26/05/2004 16:17 <REP> Viewpoint 26/05/2004 16:14 <REP> AOL 19/11/2003 14:05 <REP> ACD Systems 07/05/2003 20:55 <REP> SBT 24/04/2003 04:17 <REP> Symantec 24/04/2003 04:12 <REP> SBSI 24/04/2003 03:43 <REP> Microsoft 24/04/2003 03:43 <REP> . 24/04/2003 03:43 <REP> .. 18/09/2002 12:27 62 DESKTOP.INI 2 fichier(s) 367 octets 17 R‚p(s) 4971319296 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Default User\Application Data 28/04/2003 11:44 <REP> Identities 28/04/2003 11:44 <REP> Symantec 24/04/2003 03:43 <REP> .. 24/04/2003 03:43 <REP> Microsoft 24/04/2003 03:43 <REP> . 18/09/2002 12:27 62 DESKTOP.INI 1 fichier(s) 62 octets 5 R‚p(s) 4971307008 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Isabelle BǸtend\Application Data 20/12/2005 17:59 <REP> .. 20/12/2005 17:59 <REP> Babylon 20/12/2005 17:59 <REP> . 0 fichier(s) 0 octets 3 R‚p(s) 4971307008 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Isabelle B‚tend\Application Data 01/10/2006 00:01 <REP> InterMute 30/09/2006 12:44 <REP> Army Chic 30/09/2006 12:44 <REP> anti second 16/05/2006 20:19 <REP> Mozilla 16/05/2006 20:19 <REP> Nvu 12/05/2006 18:44 <REP> pdf995 27/01/2006 01:15 <REP> Apple Computer 16/01/2006 21:22 <REP> EoRezo 05/12/2005 16:01 <REP> Google 28/06/2005 18:18 <REP> Real 22/06/2005 07:05 <REP> Arcsoft 19/06/2005 19:33 <REP> Leadertech 20/12/2004 20:13 <REP> SmartDraw 05/09/2004 22:17 <REP> Yahoo! 11/07/2004 21:32 <REP> Yahoo! Messenger 26/05/2004 16:19 <REP> AOL 26/05/2004 16:17 <REP> You've Got Pictures Screensaver 29/03/2004 19:39 <REP> Macromedia 02/02/2004 10:42 <REP> FotoWire 19/11/2003 14:11 <REP> ACD Systems 15/05/2003 18:12 <REP> Help 07/05/2003 20:54 <REP> Microsoft Web Folders 29/04/2003 17:07 <REP> Template 28/04/2003 11:52 <REP> InterVideo 28/04/2003 11:44 62 DESKTOP.INI 28/04/2003 11:44 <REP> Identities 28/04/2003 11:44 <REP> Symantec 28/04/2003 11:44 <REP> .. 28/04/2003 11:44 <REP> . 28/04/2003 11:44 <REP> Microsoft 1 fichier(s) 62 octets 29 R‚p(s) 4971307008 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Propri‚taire ****************************************** Recherche des taches planifiées dans C:\WINDOWS\tasks Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\WINDOWS\Tasks 30/09/2006 12:44 292 AAB0FC51935B6C8D.job 28/06/2006 07:05 366 Symantec NetDetect.job 05/07/2004 21:08 348 Spybot - Search & Destroy - Scheduled Task.job 28/04/2003 11:44 258 Rappel d'abonnement 1 auprŠs de l'ISP.job 24/04/2003 04:01 6 SA.DAT 24/04/2003 03:43 <REP> .. 24/04/2003 03:43 <REP> . 30/08/2002 08:00 65 DESKTOP.INI 6 fichier(s) 1ÿ335 octets 2 R‚p(s) 4ÿ971ÿ302ÿ912 octets libres ****************************************** Recherche dans Program files Le dossier C:\Program Files\C2Media n'existe pas *************** Fin du rapport **************** Rapport fait à 11:40:52,82 le 01/10/2006 Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\All Users\Application Data 30/09/2006 12:44 <REP> exitchinsizeway 06/07/2006 19:58 305 addr_file.html 06/07/2006 19:53 <REP> AntiVir PersonalEdition Classic 27/06/2006 19:30 <REP> Windows Genuine Advantage 08/06/2006 20:55 <REP> Global Software Publishing 12/05/2006 18:41 <REP> pdf995 27/01/2006 01:10 <REP> Apple Computer 02/11/2004 16:56 <REP> yahoo! 03/07/2004 23:48 <REP> Spybot - Search & Destroy 26/05/2004 16:17 <REP> Viewpoint 26/05/2004 16:14 <REP> AOL 19/11/2003 14:05 <REP> ACD Systems 07/05/2003 20:55 <REP> SBT 24/04/2003 04:17 <REP> Symantec 24/04/2003 04:12 <REP> SBSI 24/04/2003 03:43 <REP> Microsoft 24/04/2003 03:43 <REP> . 24/04/2003 03:43 <REP> .. 18/09/2002 12:27 62 DESKTOP.INI 2 fichier(s) 367 octets 17 R‚p(s) 4925669376 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Default User\Application Data 28/04/2003 11:44 <REP> Identities 28/04/2003 11:44 <REP> Symantec 24/04/2003 03:43 <REP> .. 24/04/2003 03:43 <REP> Microsoft 24/04/2003 03:43 <REP> . 18/09/2002 12:27 62 DESKTOP.INI 1 fichier(s) 62 octets 5 R‚p(s) 4925669376 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Isabelle BǸtend\Application Data 20/12/2005 17:59 <REP> .. 20/12/2005 17:59 <REP> Babylon 20/12/2005 17:59 <REP> . 0 fichier(s) 0 octets 3 R‚p(s) 4925669376 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Isabelle B‚tend\Application Data 01/10/2006 00:01 <REP> InterMute 30/09/2006 12:44 <REP> Army Chic 30/09/2006 12:44 <REP> anti second 16/05/2006 20:19 <REP> Mozilla 16/05/2006 20:19 <REP> Nvu 12/05/2006 18:44 <REP> pdf995 27/01/2006 01:15 <REP> Apple Computer 16/01/2006 21:22 <REP> EoRezo 05/12/2005 16:01 <REP> Google 28/06/2005 18:18 <REP> Real 22/06/2005 07:05 <REP> Arcsoft 19/06/2005 19:33 <REP> Leadertech 20/12/2004 20:13 <REP> SmartDraw 05/09/2004 22:17 <REP> Yahoo! 11/07/2004 21:32 <REP> Yahoo! Messenger 26/05/2004 16:19 <REP> AOL 26/05/2004 16:17 <REP> You've Got Pictures Screensaver 29/03/2004 19:39 <REP> Macromedia 02/02/2004 10:42 <REP> FotoWire 19/11/2003 14:11 <REP> ACD Systems 15/05/2003 18:12 <REP> Help 07/05/2003 20:54 <REP> Microsoft Web Folders 29/04/2003 17:07 <REP> Template 28/04/2003 11:52 <REP> InterVideo 28/04/2003 11:44 62 DESKTOP.INI 28/04/2003 11:44 <REP> Identities 28/04/2003 11:44 <REP> Symantec 28/04/2003 11:44 <REP> .. 28/04/2003 11:44 <REP> . 28/04/2003 11:44 <REP> Microsoft 1 fichier(s) 62 octets 29 R‚p(s) 4925665280 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\Documents and Settings\Propri‚taire ****************************************** Recherche des taches planifiées dans C:\WINDOWS\tasks Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est ECA4-B08D R‚pertoire de C:\WINDOWS\Tasks 30/09/2006 12:44 292 AAB0FC51935B6C8D.job 28/06/2006 07:05 366 Symantec NetDetect.job 05/07/2004 21:08 348 Spybot - Search & Destroy - Scheduled Task.job 28/04/2003 11:44 258 Rappel d'abonnement 1 auprŠs de l'ISP.job 24/04/2003 04:01 6 SA.DAT 24/04/2003 03:43 <REP> .. 24/04/2003 03:43 <REP> . 30/08/2002 08:00 65 DESKTOP.INI 6 fichier(s) 1ÿ335 octets 2 R‚p(s) 4ÿ925ÿ661ÿ184 octets libres ****************************************** Recherche dans Program files Le dossier C:\Program Files\C2Media n'existe pas *************** Fin du rapport **************** Suite à ça, j'ai toujours les favoris indésirables sur IE et en plus quand je clique sur favoris, au bout de la 3ème fois, ça ferme IE. Encore merci. Isabelle |
Remet un log Hijack STP
***** Have a good day ***** |
Voici le rapport d'hijackthis :
Logfile of HijackThis v1.99.1 Scan saved at 12:58:04, on 01/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Dell\AccessDirect\dadapp.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\carpserv.exe C:\Program Files\Dell\AccessDirect\DadTray.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\ImageStudio\LowLight.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\WINDOWS\System32\dkcktkn.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\interMute\SpySubtract\SpySub.exe C:\Palm\HOTSYNC.EXE C:\Palm\palm.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE C:\Documents and Settings\Isabelle Bétend\Mes documents\Internet\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {3D806643-C091-27FD-15B0-D3CA97B83F8F} - C:\DOCUME~1\ISABEL~1\APPLIC~1\ARMYCH~1\pile body.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [DkStartup] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkStartup.exe O4 - HKLM\..\Run: [DkAutoReg.exe] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sizewaybookdog] C:\Documents and Settings\All Users\Application Data\exitchinsizeway\Sixth Draw.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [debug lite] C:\DOCUME~1\ISABEL~1\APPLIC~1\ANTISE~1\Tray Two.exe O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Startup: Palm Desktop.lnk = C:\Palm\palm.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{2703359A-E827-4E29-A40F-EDDA20732BE8}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Datakey's Log Service (DkLogger) - Datakey, Inc. - C:\WINDOWS\System32\DkLog.exe O23 - Service: Datakey's Token Service (DkTknSrv) - Datakey, Inc. - C:\WINDOWS\System32\dkcktkn.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Merci Isabelle |
avant toutes manips désactive le tea timer de Spybot :
Ouvre Spybot en mode avancé ->outil -> resident -> decoche "résident tea timer" Ensuite: Imprime, ou enregistre la manip dans un fichier dans le bloc notes pour être sur ne rien oublier et de tout faire dans l'ordre. 1/Telecharge ceci: Clean Up 40: pageperso.aol.fr/balltrap34/CleanUp40.exe -aide en image:(merci à Balltrap34). pageperso.aol.fr/balltrap34/democleanup.htm Déconnecte toi d'Internet et ferme tout les programmes en cours. Redémarre en mode sans échec Redémarre le pc, laisse passer l'écran du bios, puis tapote sur la touche F8 avant qu'apparaisse l'écran de chargement de windows. Choisis le mode sans échec dans les options et valide avec entrée. (Si F8 ne marche pas, essai F5) Rend visible les fichiers cachés et système panneau de configuration > options des dossiers > onglet affichage Cocher la case devant " afficher les fichiers et dossiers cachés " Décocher la case devant " masquer les extensions des fichiers dont le type est connu" Décocher la case devant " masquer les fichiers protégés du système" clic sur [Appliquer] puis sur [ok] pour valider -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ Lance hijackthis et clic sur [do a system scan only] cocher la case au début des lignes suivantes: O2 - BHO: (no name) - {3D806643-C091-27FD-15B0-D3CA97B83F8F} - C:\DOCUME~1\ISABEL~1\APPLIC~1\ARMYCH~1\pile body.exe O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O4 - HKLM\..\Run: [sizewaybookdog] C:\Documents and Settings\All Users\Application Data\exitchinsizeway\Sixth Draw.exe O4 - HKCU\..\Run: [debug lite] C:\DOCUME~1\ISABEL~1\APPLIC~1\ANTISE~1\Tray Two.exe valider en cliquant sur le bouton [fix checked] -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ Recherche et supprime ces dossiers: Supprimer les fichiers en suivant le chemin des fichiers infectés si possible, plutot que d'utiliser la fonction "Rechercher" S'ils sont présents, supprime les fichiers en gras: C:\Documentsettings\Isabelle\ApplicationData\Army Chic C:\Documents and Settings\All Users\Application Data\exitchinsizeway C:\Documentsettings\Isabelle\ApplicationData\anti second -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ Ensuite fais Démarrer > exécuter et tape cmd puis valide avec ok dans la fenêtre qui va s'ouvrir, copie et colle ceci: del /a C:\WINDOWS\tasks\AAB0FC51935B6C8D.job et valide en appuyant sur entrée -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ Ensuite, très important: :: Supprimer les fichiers temporaires :: Exécute cleanup40. -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ Redémarre normalement et reposte un Hijackthis sur le poste… Précises moi ou en sont tes soucis… A+ ***** Have a good day ***** |
C'est super contente que je réponds à ce message !!!
Déjà, je poste quand même le rapport de hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 18:04:50, on 01/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\System32\DkLog.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\dkcktkn.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Logitech\ImageStudio\LowLight.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe C:\Program Files\Dell\AccessDirect\dadapp.exe C:\WINDOWS\system32\carpserv.exe C:\Program Files\Dell\AccessDirect\DadTray.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\interMute\SpySubtract\SpySub.exe C:\Palm\HOTSYNC.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Isabelle Bétend\Mes documents\Internet\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [DkStartup] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkStartup.exe O4 - HKLM\..\Run: [DkAutoReg.exe] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Startup: Palm Desktop.lnk = C:\Palm\palm.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{2703359A-E827-4E29-A40F-EDDA20732BE8}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Datakey's Log Service (DkLogger) - Datakey, Inc. - C:\WINDOWS\System32\DkLog.exe O23 - Service: Datakey's Token Service (DkTknSrv) - Datakey, Inc. - C:\WINDOWS\System32\dkcktkn.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Les favoris indésirables ont disparu et IE fonctionne très bien à présent et sans ouverture de fenêtres intempestives ! Alors, je te remercie énormément pour ton aide et ta disponibilité. Je voulais savoir une dernière chose : faut-il que je recoche la case "masquer les fichiers protégés du système" ? Encore merci. Isabelle |
De rien .. :-)
ton Antivirus est bien antivir ? pourquoi je vois des trace de Norton ? Je voulais savoir une dernière chose : faut-il que je recoche la case "masquer les fichiers protégés du système" ? Oui tu peux les recacher pour eviter de faire des C***** ! lol A+ ***** Have a good day ***** |
Re,
Oui, mon antivirus c'est bien Antivir. Avant j'avais Norton mais je n'ai pas renouvelé l'abonnement car j'ai choisi ensuite Antivir. Voilà. Faut-il que j'ôte les traces de Norton ? Et si oui, comment ? ... :-) Encore merci. Isabelle |
11</ |