Jump to content

Archived

This topic is now archived and is closed to further replies.

snooky

[LOGICIEL] [Centralisation] .:::: Hijackthis ::::.

Recommended Posts

@bibendum :

Passe Ccleaner.

Fixe ces lignes :

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe

O4 - HKLM\..\Run: [apppy32.exe] C:\WINDOWS\system32\apppy32.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [msn messenger 7.0 install] C:\WINDOWS\msn messenger 7.0 install.exe /nomsg

O4 - HKLM\..\Run: [service] C:\WINDOWS\system32\service.exe

O4 - HKLM\..\Run: [Patch] C:\WINDOWS\Patch.exe /nomsg

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\RunServices: [NvCplScan] nvsc32.exe

4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: DSLMON.lnk = ?

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O10 - Broken Internet access because of LSP provider 'c:\windows\system32\lsp.dll' missing

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...etup1.0.0.8.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/129bff8d5a5d35...RdxIE601_fr.cab

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

O20 - AppInit_DLLs: mad.dll

Désactive la restauration system.

Reboot en mode sans échec et scan avec Kaspersky 5 ( bases étendues sélectionnées )

Passe Spysweeper.

Poste un nouveau rapport.

Share this post


Link to post
Share on other sites

voila c'est fait j'ai supprimé le new net domain et je voudrai savoir si mon ordi est en bonne santé et je voudrai savoir aussi pourquoi le windows liveupdate ne fonctionne plus. voila !!!!

Logfile of HijackThis v1.99.1

Scan saved at 18:06:47, on 11/04/2005

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\System32\Ati2evxx.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\System32\svchost.exe

H:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

H:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

H:\WINDOWS\system32\spoolsv.exe

H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

H:\WINDOWS\runservice.exe

H:\WINDOWS\System32\svchost.exe

H:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

H:\WINDOWS\system32\ZoneLabs\vsmon.exe

H:\WINDOWS\system32\Ati2evxx.exe

H:\Program Files\iPod\bin\iPodService.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\Ati2evxx.exe

H:\WINDOWS\Explorer.EXE

H:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

H:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

H:\WINDOWS\ALCXMNTR.EXE

H:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

H:\Program Files\QuickTime\qttask.exe

H:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

H:\Program Files\MSN Messenger\msnmsgr.exe

H:\Program Files\CursorXP\CursorXP.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

H:\Program Files\iTunes\iTunes.exe

H:\Program Files\iMesh\iMesh5\iMesh.exe

H:\Program Files\Mozilla Firefox\firefox.exe

H:\Documents and Settings\hgvhv nb\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - H:\Program Files\iMesh\iMesh5\iMeshBHO.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - H:\Program Files\Xi\NetTransport 2\NTIEHelper.dll

O2 - BHO: H:\WINDOWS\lbbho.dll - {C6DE9A4C-F0AA-45F8-A788-B0E7D62A939B} - H:\WINDOWS\lbbho.dll

O2 - BHO: H:\WINDOWS\lbbho.dll - {F4165526-94CB-4FC0-96C4-38D8ABEBF008} - H:\WINDOWS\lbbho.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "H:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [ccApp] "H:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ATIPTA] H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [Zone Labs Client] "H:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] H:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [CursorXP] H:\Program Files\CursorXP\CursorXP.exe

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: &Télécharger avec NetTransport - H:\Program Files\Xi\NetTransport 2\NTAddLink.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Tout t&élécharger avec NetTransport - H:\Program Files\Xi\NetTransport 2\NTAddList.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{89697977-F014-44EF-B8E6-95B9BDBED63E}: NameServer = 212.217.0.3 212.217.1.12

O23 - Service: Ati HotKey Poller - Unknown owner - H:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - H:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - H:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - H:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - H:\WINDOWS\runservice.exe

O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\System32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - H:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - H:\WINDOWS\system32\ZoneLabs\vsmon.exe

:incline::ouioui:

Share this post


Link to post
Share on other sites

Tu ouvres Hijackthis :

Scan , coches les lignes indiquées et Fixer ( ou Fixchecked ).

Puis post un nouveau rapport.

Share this post


Link to post
Share on other sites

@ Ritus :

Scan , coches ces lignes et Fixe :

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O2 - BHO: H:\WINDOWS\lbbho.dll - {C6DE9A4C-F0AA-45F8-A788-B0E7D62A939B} - H:\WINDOWS\lbbho.dll

O2 - BHO: H:\WINDOWS\lbbho.dll - {F4165526-94CB-4FC0-96C4-38D8ABEBF008} - H:\WINDOWS\lbbho.dll

O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] H:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

Passe Spysweeper.

Il est plus que déconseillé d'avoir 2 antivirus installé sur un pc.

Désinstaller proprement Norton

Passe ensuite Ccleaner et Regseeker.

Share this post


Link to post
Share on other sites

@ azer2005 :

Passe Ccleaner.

Scan , coche ces lignes et Fixe :

O2 - BHO: sPeerObj Class - {00000097-7C67-4BA6-8B42-05128941688A} - D:\WINDOWS\speeryox.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [storageGuard] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Exif Launcher.lnk = D:\Program Files\FinePixViewer\QuickDCF.exe

O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE

+ toutes les lignes 016

Passe Spysweeperet CWHsredder.

Share this post


Link to post
Share on other sites

salut c moi voila j'ai fait ce qu'on m'a demandé mais la desinstallation de norton na pas bien été faite j'ai tout fait tout ce qu'on m'a indiqué voila c'est tout ce que je peux faire j'aimerai savoir pourquoi le windows update ne fonctionne pas voila

Logfile of HijackThis v1.99.1

Scan saved at 21:47:55, on 12/04/2005

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\System32\Ati2evxx.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\System32\svchost.exe

H:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

H:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

H:\WINDOWS\system32\spoolsv.exe

H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

H:\WINDOWS\runservice.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\system32\ZoneLabs\vsmon.exe

H:\WINDOWS\system32\Ati2evxx.exe

H:\WINDOWS\Explorer.EXE

H:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

H:\WINDOWS\ALCXMNTR.EXE

H:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

H:\Program Files\iTunes\iTunesHelper.exe

H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

H:\Program Files\MSN Messenger\msnmsgr.exe

H:\Program Files\CursorXP\CursorXP.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

H:\Program Files\iPod\bin\iPodService.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

H:\WINDOWS\System32\wuauclt.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

H:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

H:\WINDOWS\System32\wuauclt.exe

H:\Program Files\Mozilla Firefox\firefox.exe

H:\Documents and Settings\hgvhv nb\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - H:\Program Files\iMesh\iMesh5\iMeshBHO.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - H:\Program Files\Xi\NetTransport 2\NTIEHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "H:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [ATIPTA] H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [Zone Labs Client] "H:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [CursorXP] H:\Program Files\CursorXP\CursorXP.exe

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: &Télécharger avec NetTransport - H:\Program Files\Xi\NetTransport 2\NTAddLink.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Tout t&élécharger avec NetTransport - H:\Program Files\Xi\NetTransport 2\NTAddList.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{89697977-F014-44EF-B8E6-95B9BDBED63E}: NameServer = 212.217.0.3 212.217.1.12

O23 - Service: Ati HotKey Poller - Unknown owner - H:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - H:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - H:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - H:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - H:\WINDOWS\runservice.exe

O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\System32\HPZipm12.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - H:\WINDOWS\system32\ZoneLabs\vsmon.exe

;)

Share this post


Link to post
Share on other sites

Installe le sp2 , mais avant , désinstalle norton suivant la procédure indiquée dans le lien cité plus haut.

Share this post


Link to post
Share on other sites

Salut snooky,

Est-ce que je peux aussi abuser et te demander ce que tu penses de ça :

Logfile of HijackThis v1.99.1

Scan saved at 17:00:24, on 13.04.2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

F:\Program Files\Alwil Software\Avast4\ashServ.exe

F:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

F:\Program Files\Executive Software\Diskeeper\DkService.exe

C:\WINDOWS\System32\GEARSec.exe

F:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

F:\Program Files\Lexmark X5100 Series\lxbabmgr.exe

F:\Program Files\Lexmark X5100 Series\lxbabmon.exe

F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

F:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

C:\WINDOWS\SOUNDMAN.EXE

F:\Program Files\WinTV\Ir.exe

F:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

F:\Program Files\Logitech\SetPoint\SetPoint.exe

F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

F:\Program Files\PopTray\PopTray.exe

F:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

F:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe

C:\Program Files\Fichiers communs\pestpatrol\ppRemoteService.exe

C:\WINDOWS\System32\svchost.exe

F:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe

F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

F:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

H:\emule\emule.exe

F:\Program Files\Windows Media Connect\mswmcls.exe

F:\Program Files\Mozilla Firefox\firefox.exe

E:\Documents and Settings\Mathieu\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - F:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Lexmark X5100 Series] "F:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"

O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "F:\Program Files\Executive Software\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [AnyDVD] F:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

O4 - HKLM\..\Run: [Norton Ghost 9.0] F:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

O4 - HKLM\..\Run: [Outpost Firewall] F:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [sTYLEXP] F:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

O4 - Startup: Konfabulator.lnk = F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: PopTray.lnk = F:\Program Files\PopTray\PopTray.exe

O4 - User Startup: Konfabulator.lnk = F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - User Startup: PopTray.lnk = F:\Program Files\PopTray\PopTray.exe

O4 - Global Startup: AutoStart IR.lnk = F:\Program Files\WinTV\Ir.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global User Startup: AutoStart IR.lnk = F:\Program Files\WinTV\Ir.exe

O4 - Global User Startup: BTTray.lnk = ?

O4 - Global User Startup: Lancement rapide d'Adobe Reader.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global User Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Download All by FlashGet - F:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - F:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer à &Bluetooth - F:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - F:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)

O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - F:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106054375640

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{29002749-B8FB-4C22-9CC0-AE6EADDCEAD2}: NameServer = 195.186.1.108 195.186.4.109

O17 - HKLM\System\CS1\Services\Tcpip\..\{29002749-B8FB-4C22-9CC0-AE6EADDCEAD2}: NameServer = 195.186.1.108 195.186.4.109

O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll

O20 - Winlogon Notify: LBTServ - C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: ADSLAutoconnect - Unknown owner - F:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - F:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: Diskeeper - Executive Software International, Inc. - F:\Program Files\Executive Software\Diskeeper\DkService.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Norton Ghost - Symantec Corporation - F:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - F:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe

O23 - Service: Par3550e.ah - Agnitum - (no file)

O23 - Service: PestPatrol Remote - Computer Associates International, Inc. - C:\Program Files\Fichiers communs\pestpatrol\ppRemoteService.exe

O23 - Service: StyleXPService - Unknown owner - F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Un grand merci d'avance !

Bosco

Share this post


Link to post
Share on other sites

Logfile of HijackThis v1.99.1

Scan saved at 17:00:24, on 13.04.2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

F:\Program Files\Alwil Software\Avast4\ashServ.exe

F:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

F:\Program Files\Executive Software\Diskeeper\DkService.exe

C:\WINDOWS\System32\GEARSec.exe

F:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

F:\Program Files\Lexmark X5100 Series\lxbabmgr.exe

F:\Program Files\Lexmark X5100 Series\lxbabmon.exe

F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

F:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

C:\WINDOWS\SOUNDMAN.EXE

F:\Program Files\WinTV\Ir.exe

F:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

F:\Program Files\Logitech\SetPoint\SetPoint.exe

F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

F:\Program Files\PopTray\PopTray.exe

F:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

F:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe

C:\Program Files\Fichiers communs\pestpatrol\ppRemoteService.exe

C:\WINDOWS\System32\svchost.exe

F:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe

F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

F:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

H:\emule\emule.exe

F:\Program Files\Windows Media Connect\mswmcls.exe

F:\Program Files\Mozilla Firefox\firefox.exe

E:\Documents and Settings\Mathieu\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - F:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Lexmark X5100 Series] "F:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"

O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "F:\Program Files\Executive Software\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [AnyDVD] F:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

O4 - HKLM\..\Run: [Norton Ghost 9.0] F:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

O4 - HKLM\..\Run: [Outpost Firewall] F:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [sTYLEXP] F:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

O4 - Startup: Konfabulator.lnk = F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: PopTray.lnk = F:\Program Files\PopTray\PopTray.exe

O4 - User Startup: Konfabulator.lnk = F:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - User Startup: PopTray.lnk = F:\Program Files\PopTray\PopTray.exe

O4 - Global Startup: AutoStart IR.lnk = F:\Program Files\WinTV\Ir.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global User Startup: AutoStart IR.lnk = F:\Program Files\WinTV\Ir.exe

O4 - Global User Startup: BTTray.lnk = ?

O4 - Global User Startup: Lancement rapide d'Adobe Reader.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global User Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Download All by FlashGet - F:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - F:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer à &Bluetooth - F:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - F:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)

O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - F:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106054375640

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{29002749-B8FB-4C22-9CC0-AE6EADDCEAD2}: NameServer = 195.186.1.108 195.186.4.109

O17 - HKLM\System\CS1\Services\Tcpip\..\{29002749-B8FB-4C22-9CC0-AE6EADDCEAD2}: NameServer = 195.186.1.108 195.186.4.109

O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll

O20 - Winlogon Notify: LBTServ - C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: ADSLAutoconnect - Unknown owner - F:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - F:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: Diskeeper - Executive Software International, Inc. - F:\Program Files\Executive Software\Diskeeper\DkService.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Norton Ghost - Symantec Corporation - F:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - F:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe

O23 - Service: Par3550e.ah - Agnitum - (no file)

O23 - Service: PestPatrol Remote - Computer Associates International, Inc. - C:\Program Files\Fichiers communs\pestpatrol\ppRemoteService.exe

O23 - Service: StyleXPService - Unknown owner - F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Share this post


Link to post
Share on other sites

Bonjour, voilà j'ai posté un mésage et on ma dit de venir ici et de faire un hijackthis, bon je vous résume le mésage:

j'ai un problème quand je lance ma tv (pinnacle PCTV) ou certaine install de jeux voir certain jeux j'ai un raport d'erreur qui survient le voici:

C:\DOCUME~1\freeman\LOCALS~1\Temp\WER16.tmp.dir00\appcompat.txt

Le problème que j'ai aussi c'est que au dépar je n'avais pas celà quand je lancais la TV mais maintenan sa vient tout le temps, et j'arrive plus a regarder la tv ou jouer a certain jeux, j'ai tout les pilotes à jour, voilà si quelqu'un pourai m'aider, j'ai déjà regarder sur le net mais pas personne à la réponse au problème. Existe t'il peut-etre un patch windows?

J'ai fait un hijackithis donc voilà, (je suis désolé mais je ne comprend pas grand chose pouvez-vous m'aider merci):

Logfile of HijackThis v1.99.1

Scan saved at 13:14:04, on 15/04/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

D:\système\KAV\kavmm.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\WINDOWS\System32\RUNDLL32.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\Program Files\QuickTime\qttask.exe

E:\Programmes\utilitaires\Eye On Network\Eye On Network.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

D:\système\powerdvd\PDVDServ.exe

D:\PCTV5.50\Remote\Remoterm.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\WINDOWS\System32\rundll32.exe

D:\système\KAV\kav.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\StofWare\NoSpam\NoSpam.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

C:\Program Files\Logitech\SetPoint\KEM.exe

C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE

D:\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe

D:\eMule+\eMule.exe

E:\Programmes\utilitaires\openOffice\program\soffice.exe

D:\Pinnacle\SHARED~1\Filter\server.exe

C:\WINDOWS\system32\notepad.exe

E:\Programmes\utilitaires\firefox\firefox.exe

D:\système\anti-vir\AVWUPSRV.EXE

D:\système\anti-vir\AVWIN.EXE

C:\Program Files\Winamp\winamp.exe

C:\DOCUME~1\freeman\LOCALS~1\Temp\Rar$EX00.437\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmes\utilitaires\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing)

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Eye On Network] E:\Programmes\utilitaires\Eye On Network\Eye On Network.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [RemoteControl] D:\système\powerdvd\PDVDServ.exe

O4 - HKLM\..\Run: [PCTVRemote] D:\PCTV5.50\Remote\Remoterm.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s

O4 - HKLM\..\Run: [KAV50] "D:\système\KAV\kav.exe" -run -n PersonalPro -v 5.0.0.0 -chkss

O4 - HKLM\..\Run: [AVGCtrl] "D:\système\anti-vir\AVGNT.EXE" /min

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [NoSpam] C:\Program Files\StofWare\NoSpam\NoSpam.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - Startup: eMule Plus.lnk = D:\eMule+\eMule.exe

O4 - Startup: OpenOffice.org 1.1.3.lnk = E:\Programmes\utilitaires\openOffice\program\quickstart.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Pinnacle Scheduler.lnk = D:\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\UTILIT~1\OFFICE~1\Office10\EXCEL.EXE/3000

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O15 - Trusted Zone: *.musicmatch.com

O15 - Trusted Zone: *.musicmatch.com (HKLM)

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - D:\système\anti-vir\AVWUPSRV.EXE

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Kaspersky Lab - D:\système\KAV\kavmm.exe

O23 - Service: Netiris Agent (Netiris) - Unknown owner - E:\Caméscope\netiris\agent.exe (file missing)

O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe

O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)

O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Programmes\système\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe

O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Programmes\système\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe

Share this post


Link to post
Share on other sites

@bosco911 :

Passe Ccleaner.

Ton rapport est clean ;)

Quelques inutiles à fixer :

O4 - HKLM\..\Run: [Lexmark X5100 Series] "F:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"

O4 - HKLM\..\Run: [DiskeeperSystray] "F:\Program Files\Executive Software\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

...Ainsi que Style XP , que tu peux avantageusement remplacer par un Bricopack de CtrystalXP

Share this post


Link to post
Share on other sites

@freeman27 :

Passe Ccleaner.

Désinstalle Antivir.

Via Ajout / supp des programmes , désinstalle :( si présents )

New.Net

New.Do.Net

180solutions

BullsEye Network

DeskAd Service

Web_Rebates

Windows ServeAd

Windows AdService

ISTsvc ou IST Service

EliteToolBar

MyWebSearch

QuickSearchBar

Scan , coches ces lignes et fixer ( fix checked ) avec Hijackthis :( Place Hijackthis à la racine de C: ...à coté des dossiers Windows , Program files , etc ...)

O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll

O2 - BHO: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing)

O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing)

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKLM\..\Run: [AVGCtrl] "D:\système\anti-vir\AVGNT.EXE" /min

O4 - Startup: OpenOffice.org 1.1.3.lnk = E:\Programmes\utilitaires\openOffice\program\quickstart.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O15 - Trusted Zone: *.musicmatch.com

O15 - Trusted Zone: *.musicmatch.com (HKLM)

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - D:\système\anti-vir\AVWUPSRV.EXE

Passe NewDoNet Uninstaller ( au bas de cette page

Reboot.

Désinstalle Kaspersky 5 et réinstalle - le sur ta partition C: ( partition system )

Voir ma signature pour télécharger Kaspersky 5 personnal.

Reboot.

Séléctionne les bases étendues , mise à jour des définitions à faire , puis scan avec la restauration system désactivée .

Poste un nouveau rapport Hijackthis après tout ça? :francais:

Share this post


Link to post
Share on other sites

J'ai une question puis-je suprimer sans risque tout les "fichier" que ccleaner me donne ou dois-je sélectionné les fichier?

Merci

Share this post


Link to post
Share on other sites

J'ai un enorme probleme, c"'est que j'ai fais ccleaner, j'ai scanné mes lignes, et je les ai fixé avec Hijackthis, ensuite j'ai Passé NewDoNet Uninstaller puis j'ai redémarer et la J'AI PLUS LE NET !!!!!

J'arrive a pingé un site mais pas a me connecté sur le net via msn, firefor IE, plus rien ne fonctionne. La je suis sur un autre pc.

Ou est le probleme ?????????

Share this post


Link to post
Share on other sites

voici le nouveau j'ai pas encor désinstallé kav:

Logfile of HijackThis v1.99.1

Scan saved at 20:32:39, on 15/04/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

D:\système\anti-vir\AVWUPSRV.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

C:\WINDOWS\Explorer.EXE

D:\système\KAV\kavmm.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

E:\Programmes\utilitaires\Eye On Network\Eye On Network.exe

D:\système\powerdvd\PDVDServ.exe

D:\PCTV5.50\Remote\Remoterm.exe

D:\système\KAV\kav.exe

C:\WINDOWS\System32\RUNDLL32.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\StofWare\NoSpam\NoSpam.exe

C:\Program Files\Logitech\SetPoint\KEM.exe

C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE

D:\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe

C:\Program Files\Winamp\Winamp.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmes\utilitaires\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Eye On Network] E:\Programmes\utilitaires\Eye On Network\Eye On Network.exe

O4 - HKLM\..\Run: [RemoteControl] D:\système\powerdvd\PDVDServ.exe

O4 - HKLM\..\Run: [PCTVRemote] D:\PCTV5.50\Remote\Remoterm.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [KAV50] "D:\système\KAV\kav.exe" -run -n PersonalPro -v 5.0.0.0 -chkss

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [NoSpam] C:\Program Files\StofWare\NoSpam\NoSpam.exe

O4 - Startup: eMule Plus.lnk = D:\eMule+\eMule.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Pinnacle Scheduler.lnk = D:\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\UTILIT~1\OFFICE~1\Office10\EXCEL.EXE/3000

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - D:\système\anti-vir\AVWUPSRV.EXE

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Kaspersky Lab - D:\système\KAV\kavmm.exe

O23 - Service: Netiris Agent (Netiris) - Unknown owner - E:\Caméscope\netiris\agent.exe (file missing)

O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe

O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)

O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Programmes\système\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe

O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Programmes\système\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe

Share this post


Link to post
Share on other sites

Coche et fixe ces lignes avec Hijackthis :

O2 - BHO: (no name) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - (no file)

O2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)

O3 - Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)

O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing

Passe LSP Fix.exe

( Une fois le programme ouvert , passe dans la fenêtre de droite , la dll qui concerne NewDoNet puis valide )

Passe CWShredder et Spysweeper.

Désinstalle et réinstalle Kaspersky 5 sur la partition C:

Poste un nouveau rapport.

Share this post


Link to post
Share on other sites
snooky  Ecrit le : 15-04-2005 15:11:29

@bosco911 :

Passe Ccleaner.

Ton rapport est clean yaisse.gif

Quelques inutiles à fixer :

O4 - HKLM\..\Run: [Lexmark X5100 Series] "F:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"

O4 - HKLM\..\Run: [DiskeeperSystray] "F:\Program Files\Executive Software\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

...Ainsi que Style XP , que tu peux avantageusement remplacer par un Bricopack de CtrystalXP

Voilà, c'est fait... un grand merci à toi Snooky !!! :eeek2:

Share this post


Link to post
Share on other sites

salut encore

je n'arrive pas à supprimer carrément le norton même avec les instructions cité sur le lien donné pour le supprimer que faire svp et m^me les mises à jour de windows update ne s'installe pas que faire svp?

Share this post


Link to post
Share on other sites

Bon sa fonctionne comme tu ma dit, mais d'ou venais le problème, j'ai vu que ma carte réseau n'avai pas une ip donné par le routeur 192..... mais une ip 168.. qui n'est pas de mon réseau et elle ne voulais rien savoir. Bon maintenan je réinstall KAV sur le c:

Logfile of HijackThis v1.99.1

Scan saved at 19:19:02, on 16/04/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

D:\système\anti-vir\AVWUPSRV.EXE

D:\système\KAV\kavmm.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

E:\Programmes\utilitaires\Eye On Network\Eye On Network.exe

D:\système\powerdvd\PDVDServ.exe

D:\PCTV5.50\Remote\Remoterm.exe

C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe

D:\système\KAV\kav.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\StofWare\NoSpam\NoSpam.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Logitech\SetPoint\KEM.exe

C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE

D:\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe

E:\Programmes\utilitaires\firefox\firefox.exe

C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmes\utilitaires\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Eye On Network] E:\Programmes\utilitaires\Eye On Network\Eye On Network.exe

O4 - HKLM\..\Run: [RemoteControl] D:\système\powerdvd\PDVDServ.exe

O4 - HKLM\..\Run: [PCTVRemote] D:\PCTV5.50\Remote\Remoterm.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [KAV50] "D:\système\KAV\kav.exe" -run -n PersonalPro -v 5.0.0.0 -chkss

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [NoSpam] C:\Program Files\StofWare\NoSpam\NoSpam.exe

O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

O4 - Startup: eMule Plus.lnk = D:\eMule+\eMule.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Pinnacle Scheduler.lnk = D:\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\UTILIT~1\OFFICE~1\Office10\EXCEL.EXE/3000

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - D:\système\anti-vir\AVWUPSRV.EXE

O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Kaspersky Lab - D:\système\KAV\kavmm.exe

O23 - Service: Netiris Agent (Netiris) - Unknown owner - E:\Caméscope\netiris\agent.exe (file missing)

O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe

O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)

O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Programmes\système\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe

O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Programmes\système\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...