page de demarrage changé et impossible de lenlever
Dernière réponse : dans Sécurité
salut tout le monde ma page d'accueil d'internet explorer a changer et il est impossible de la changer c'est
http://www.rover-host.com/infected.html
sur cette page on me demande d'acheter eTrust Spyware Remover
Sinon au demarage de windows j'ai une fenetre ou il est ecrit STRh team path
http://www.rover-host.com/infected.html
sur cette page on me demande d'acheter eTrust Spyware Remover
Sinon au demarage de windows j'ai une fenetre ou il est ecrit STRh team path
Autres pages sur : page demarrage change impossible lenlever
Lassé par la pub ? Créez un compte
Salut,
Pour ton fond d'ecran fait ca :
1/ Télécharge SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'option 1 (Recherche)
Poste le rapport ici
2/ Redémarre en mode sans échec
Redémarre l'ordinateur. Après les écritures du BIOS, appuies sur F8 (ou F5 si F8 marche pas) pour arriver à un menu avec des écritures blanches sur un fond noir.
Dans ce menu, tu dois pouvoir choisir le mode sans échec (celà se passe avec les flèches et Entrée pour valider).
Le démarrage en mode sans échec est souvent relativement long. Si tu as des écritures blanches bizarres, ne t'inquiètes pas.
Prend juste ton mal en patience.
Relance SmitfraudFix et choisis cette fois l’option 2 et réponds oui à chaque question
Sauvegarde le rapport.
3/ Redémarre normalement et poste le 2ème rapport de SmitfraudFix
4/ Poste un log HijackThis.
Télécharge le, puis met le dans un dossier dédié.
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
Pour ton fond d'ecran fait ca :
1/ Télécharge SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'option 1 (Recherche)
Poste le rapport ici
2/ Redémarre en mode sans échec
Redémarre l'ordinateur. Après les écritures du BIOS, appuies sur F8 (ou F5 si F8 marche pas) pour arriver à un menu avec des écritures blanches sur un fond noir.
Dans ce menu, tu dois pouvoir choisir le mode sans échec (celà se passe avec les flèches et Entrée pour valider).
Le démarrage en mode sans échec est souvent relativement long. Si tu as des écritures blanches bizarres, ne t'inquiètes pas.
Prend juste ton mal en patience.
Relance SmitfraudFix et choisis cette fois l’option 2 et réponds oui à chaque question
Sauvegarde le rapport.
3/ Redémarre normalement et poste le 2ème rapport de SmitfraudFix
4/ Poste un log HijackThis.
Télécharge le, puis met le dans un dossier dédié.
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
Logfile of HijackThis v1.99.1
Scan saved at 12:35:57, on 07/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dvd Famille\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.rover-host.com/infected.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.rover-host.com/infected.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\system32\pavdr.exe,C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.ini"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\RunServices: [Windows cfg] ascv.exe
O4 - HKLM\..\RunServices: [Media Player Update] xpsp1mfh.exe
O4 - HKLM\..\RunServices: [Video Multimedia Driver] ndrives32.exe
O4 - HKLM\..\RunServices: [printer auto startup] printsrv.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [update service] winu32.exe
O4 - HKLM\..\RunServices: [Microsoft Protection Subsystems] msm32.exe
O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
O4 - HKLM\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - HKLM\..\RunServices: [Microsoft-Update] wngard.exe
O4 - HKLM\..\RunServices: [Microsoft NotePad] notepad.exe
O4 - HKLM\..\RunServices: [urx2] dnsSys.exe
O4 - HKLM\..\RunServices: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s
O4 - HKCU\..\Run: [Bun] c:\windows\system32\crack.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [Media Player Update] xpsp1mfh.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKCU\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TrayMin.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winfixer.com
O15 - Trusted Zone: http://*.winnanny.com
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {082D9DCB-8E89-4586-8BB9-97EC244920CB} (D11014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {0EF130F0-4E08-11D6-8A0A-004033D24DB9} (D31025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {1298DB22-B5C5-11D6-8A0B-004033D24DB9} (D21012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DB52-B5C5-11D6-8A0B-004033D24DB9} (D21011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DB7E-B5C5-11D6-8A0B-004033D24DB9} (D21013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DBAE-B5C5-11D6-8A0B-004033D24DB9} (D21014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DBDB-B5C5-11D6-8A0B-004033D24DB9} (D21015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DC05-B5C5-11D6-8A0B-004033D24DB9} (D21016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DC1A-B5C5-11D6-8A0B-004033D24DB9} (D210.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {16AA190C-D399-11D5-8A01-004033D24DB9} (D31012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O16 - DPF: {1EF39D74-1AF5-11D6-8A08-004033D24DB9} (D31015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {248AB1C0-50DB-4D82-A15D-2E694F30B4E4} (Inet4.CInet4) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O16 - DPF: {272BF969-14B0-11D6-8A05-004033D24DB9} (D31017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security1.norton.com/SSC/SharedContent/vc/bin/Av...
O16 - DPF: {2CF24487-4BD5-11D6-8A0A-004033D24DB9} (D41024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {2E98B13E-E7CC-11D5-8A02-004033D24DB9} (D31013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {2FC95AD7-ED62-11D5-8A02-004033D24DB9} (D31016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
O16 - DPF: {333DB5BC-21DC-4C64-AA72-5F8BCF5DBB1F} (D11012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {34AEE624-1BD1-11D6-8A09-004033D24DB9} (D31018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {43BCCB96-BCA1-11D5-89FE-004033D24DB9} (D41011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {43BCCBFB-BCA1-11D5-89FE-004033D24DB9} (D41013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {43BCCC20-BCA1-11D5-89FE-004033D24DB9} (D41014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {43BCCC4C-BCA1-11D5-89FE-004033D24DB9} (D41015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {444EB378-D5D5-4C3F-912C-7D41D9DF497C} (D11015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {44F37B4F-6AF0-4BEA-8270-10B97C86B0B1} (D710.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {46C3202D-BB41-4583-999A-60778A16B251} (D11013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {4C55578E-0FEB-11D6-8A03-004033D24DB9} (D31014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://mediaplus.grenoble-em.com/Download/HtmlHelpViewe...
O16 - DPF: {513B7094-3CE3-11D6-8A0A-004033D24DB9} (D41022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1677e6e1e14e2d927420/netzip...
O16 - DPF: {56703AD6-E4E0-11D5-8A02-004033D24DB9} (D410.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://mediaplus.grenoble-em.com/Download/Inet1.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://elearning.grenoble-em.com/mediaplus/Download/tsc...
O16 - DPF: {7ADEE82D-FC70-40E0-8169-8A0942A08A28} (D71013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {7B37B72E-4562-408F-B937-49AABACCEF5B} (D110.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {7B7CCAA1-1183-4A5C-82C5-F19DA96AB775} (D11016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {86D39A6A-E180-4FC4-970A-F54BCEC22E69} (Inflater Class) - http://bac.m6.fr/InstallDialer/RepUpdater/InstallDialer...
O16 - DPF: {8B1541C9-4E00-11D6-8A0A-004033D24DB9} (D41025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A88DAFC-4D2B-11D6-8A0A-004033D24DB9} (D31026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {9A88DB2A-4D2B-11D6-8A0A-004033D24DB9} (D31023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://mediaplus.grenoble-em.com/Download/ENIBP.CAB
O16 - DPF: {A046A0DA-B319-4C95-A57A-2E7D5306CFDE} (D71016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {A0A1AC62-35DA-11D6-8A0A-004033D24DB9} (D41023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BAA23425-3D74-11D6-8A0A-004033D24DB9} (D31027.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {BBD03DAC-0F59-11D6-8A03-004033D24DB9} (D31011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {BD417B41-24BF-478C-A4C1-5968B01C82CF} (Inet8.CInet8) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O16 - DPF: {C2441399-6C44-4FB3-A69D-4BA9BEA61EFF} (D71015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {C2DBF08D-A6EC-4C00-A242-0E9589CF3399} (D71012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {CAB400AF-4BB7-11D6-8A0A-004033D24DB9} (D41021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {CDCB9DBC-3728-11D6-8A0A-004033D24DB9} (D31021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {CDCB9E5A-3728-11D6-8A0A-004033D24DB9} (D31024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {CE120CF8-5E84-4245-A1A4-DD5FC86EDAE6} (D71011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://mediaplus.grenoble-em.com/Download/ENIInetTools....
O16 - DPF: {E4F5143B-E4D9-11D5-8A02-004033D24DB9} (D41016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E4F5145E-E4D9-11D5-8A02-004033D24DB9} (D41017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E4F51484-E4D9-11D5-8A02-004033D24DB9} (D41018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E54AB981-BCD6-11D5-8A00-004033D24DB9} (D41012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E728511D-40D8-11D6-8A0A-004033D24DB9} (D41026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {ED34B65B-2A98-4125-88E7-F142692E60E4} (D11011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {F24754AF-E3BF-414E-BF88-4612047F86FE} (D71014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {F3CF31B9-4C73-11D6-8A0A-004033D24DB9} (D31022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {F70E0C89-1B1A-11D6-8A08-004033D24DB9} (D310.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {FA0C386E-1A08-4629-A267-B40C1624E94A} (Inet6.CInet6) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Installer - C:\WINDOWS\
O20 - Winlogon Notify: winqpb32 - C:\WINDOWS\SYSTEM32\winqpb32.dll
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: flw084 SCSI Adapter (flw084) - Unknown owner - C:\WINDOWS\System32\flw.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Unknown owner - C:\Documents and Settings\Dvd Famille\Bureau\Norton AntiVirus 2004 Pro\ADVTOOLS\NPROTECT.EXE (file missing)
O23 - Service: Network Service (ntvid) - Unknown owner - C:\WINDOWS\System32\ntvda.exe" -service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Procedure Call (RPC) Manager (RpcMgr) - Unknown owner - C:\WINDOWS\System32\setver32.exe (file missing)
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Web Security (websec) - Unknown owner - C:\WINDOWS\System32\setver32c2.exe (file missing)
O23 - Service: Win32 Configuration (Windows Manage) - Unknown owner - C:\WINDOWS\System32\videosd32.exe" -netsvcs (file missing)
O23 - Service: Windows Security Update - Unknown owner - C:\WINDOWS\System32\secupd.exe (file missing)
Scan saved at 12:35:57, on 07/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dvd Famille\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.rover-host.com/infected.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.rover-host.com/infected.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\system32\pavdr.exe,C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.ini"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\RunServices: [Windows cfg] ascv.exe
O4 - HKLM\..\RunServices: [Media Player Update] xpsp1mfh.exe
O4 - HKLM\..\RunServices: [Video Multimedia Driver] ndrives32.exe
O4 - HKLM\..\RunServices: [printer auto startup] printsrv.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [update service] winu32.exe
O4 - HKLM\..\RunServices: [Microsoft Protection Subsystems] msm32.exe
O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
O4 - HKLM\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - HKLM\..\RunServices: [Microsoft-Update] wngard.exe
O4 - HKLM\..\RunServices: [Microsoft NotePad] notepad.exe
O4 - HKLM\..\RunServices: [urx2] dnsSys.exe
O4 - HKLM\..\RunServices: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s
O4 - HKCU\..\Run: [Bun] c:\windows\system32\crack.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [Media Player Update] xpsp1mfh.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKCU\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TrayMin.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winfixer.com
O15 - Trusted Zone: http://*.winnanny.com
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {082D9DCB-8E89-4586-8BB9-97EC244920CB} (D11014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {0EF130F0-4E08-11D6-8A0A-004033D24DB9} (D31025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {1298DB22-B5C5-11D6-8A0B-004033D24DB9} (D21012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DB52-B5C5-11D6-8A0B-004033D24DB9} (D21011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DB7E-B5C5-11D6-8A0B-004033D24DB9} (D21013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DBAE-B5C5-11D6-8A0B-004033D24DB9} (D21014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DBDB-B5C5-11D6-8A0B-004033D24DB9} (D21015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DC05-B5C5-11D6-8A0B-004033D24DB9} (D21016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DC1A-B5C5-11D6-8A0B-004033D24DB9} (D210.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {16AA190C-D399-11D5-8A01-004033D24DB9} (D31012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O16 - DPF: {1EF39D74-1AF5-11D6-8A08-004033D24DB9} (D31015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {248AB1C0-50DB-4D82-A15D-2E694F30B4E4} (Inet4.CInet4) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O16 - DPF: {272BF969-14B0-11D6-8A05-004033D24DB9} (D31017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security1.norton.com/SSC/SharedContent/vc/bin/Av...
O16 - DPF: {2CF24487-4BD5-11D6-8A0A-004033D24DB9} (D41024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {2E98B13E-E7CC-11D5-8A02-004033D24DB9} (D31013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {2FC95AD7-ED62-11D5-8A02-004033D24DB9} (D31016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
O16 - DPF: {333DB5BC-21DC-4C64-AA72-5F8BCF5DBB1F} (D11012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {34AEE624-1BD1-11D6-8A09-004033D24DB9} (D31018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {43BCCB96-BCA1-11D5-89FE-004033D24DB9} (D41011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {43BCCBFB-BCA1-11D5-89FE-004033D24DB9} (D41013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {43BCCC20-BCA1-11D5-89FE-004033D24DB9} (D41014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {43BCCC4C-BCA1-11D5-89FE-004033D24DB9} (D41015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {444EB378-D5D5-4C3F-912C-7D41D9DF497C} (D11015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {44F37B4F-6AF0-4BEA-8270-10B97C86B0B1} (D710.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {46C3202D-BB41-4583-999A-60778A16B251} (D11013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {4C55578E-0FEB-11D6-8A03-004033D24DB9} (D31014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://mediaplus.grenoble-em.com/Download/HtmlHelpViewe...
O16 - DPF: {513B7094-3CE3-11D6-8A0A-004033D24DB9} (D41022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1677e6e1e14e2d927420/netzip...
O16 - DPF: {56703AD6-E4E0-11D5-8A02-004033D24DB9} (D410.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://mediaplus.grenoble-em.com/Download/Inet1.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://elearning.grenoble-em.com/mediaplus/Download/tsc...
O16 - DPF: {7ADEE82D-FC70-40E0-8169-8A0942A08A28} (D71013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {7B37B72E-4562-408F-B937-49AABACCEF5B} (D110.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {7B7CCAA1-1183-4A5C-82C5-F19DA96AB775} (D11016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {86D39A6A-E180-4FC4-970A-F54BCEC22E69} (Inflater Class) - http://bac.m6.fr/InstallDialer/RepUpdater/InstallDialer...
O16 - DPF: {8B1541C9-4E00-11D6-8A0A-004033D24DB9} (D41025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A88DAFC-4D2B-11D6-8A0A-004033D24DB9} (D31026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {9A88DB2A-4D2B-11D6-8A0A-004033D24DB9} (D31023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://mediaplus.grenoble-em.com/Download/ENIBP.CAB
O16 - DPF: {A046A0DA-B319-4C95-A57A-2E7D5306CFDE} (D71016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {A0A1AC62-35DA-11D6-8A0A-004033D24DB9} (D41023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BAA23425-3D74-11D6-8A0A-004033D24DB9} (D31027.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {BBD03DAC-0F59-11D6-8A03-004033D24DB9} (D31011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {BD417B41-24BF-478C-A4C1-5968B01C82CF} (Inet8.CInet8) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O16 - DPF: {C2441399-6C44-4FB3-A69D-4BA9BEA61EFF} (D71015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {C2DBF08D-A6EC-4C00-A242-0E9589CF3399} (D71012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {CAB400AF-4BB7-11D6-8A0A-004033D24DB9} (D41021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {CDCB9DBC-3728-11D6-8A0A-004033D24DB9} (D31021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {CDCB9E5A-3728-11D6-8A0A-004033D24DB9} (D31024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {CE120CF8-5E84-4245-A1A4-DD5FC86EDAE6} (D71011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://mediaplus.grenoble-em.com/Download/ENIInetTools....
O16 - DPF: {E4F5143B-E4D9-11D5-8A02-004033D24DB9} (D41016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E4F5145E-E4D9-11D5-8A02-004033D24DB9} (D41017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E4F51484-E4D9-11D5-8A02-004033D24DB9} (D41018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E54AB981-BCD6-11D5-8A00-004033D24DB9} (D41012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {E728511D-40D8-11D6-8A0A-004033D24DB9} (D41026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410...
O16 - DPF: {ED34B65B-2A98-4125-88E7-F142692E60E4} (D11011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {F24754AF-E3BF-414E-BF88-4612047F86FE} (D71014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710...
O16 - DPF: {F3CF31B9-4C73-11D6-8A0A-004033D24DB9} (D31022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {F70E0C89-1B1A-11D6-8A08-004033D24DB9} (D310.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {FA0C386E-1A08-4629-A267-B40C1624E94A} (Inet6.CInet6) - http://elearning.grenoble-em.com/mediaplus/Download/ine...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Installer - C:\WINDOWS\
O20 - Winlogon Notify: winqpb32 - C:\WINDOWS\SYSTEM32\winqpb32.dll
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: flw084 SCSI Adapter (flw084) - Unknown owner - C:\WINDOWS\System32\flw.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Unknown owner - C:\Documents and Settings\Dvd Famille\Bureau\Norton AntiVirus 2004 Pro\ADVTOOLS\NPROTECT.EXE (file missing)
O23 - Service: Network Service (ntvid) - Unknown owner - C:\WINDOWS\System32\ntvda.exe" -service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Procedure Call (RPC) Manager (RpcMgr) - Unknown owner - C:\WINDOWS\System32\setver32.exe (file missing)
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Web Security (websec) - Unknown owner - C:\WINDOWS\System32\setver32c2.exe (file missing)
O23 - Service: Win32 Configuration (Windows Manage) - Unknown owner - C:\WINDOWS\System32\videosd32.exe" -netsvcs (file missing)
O23 - Service: Windows Security Update - Unknown owner - C:\WINDOWS\System32\secupd.exe (file missing)
Bonjour suppprime ca
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.rover-host.com/infected.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.rover-host.com/infected.html
R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKLM\..\RunServices: [Video Multimedia Driver] ndrives32.exe O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
O4 - HKLM\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - HKLM\..\RunServices: [Microsoft-Update] wngard.exe
O4 - HKLM\..\RunServices: [Microsoft NotePad] notepad.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKCU\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winfixer.com
O15 - Trusted Zone: http://*.winnanny.com
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {082D9DCB-8E89-4586-8BB9-97EC244920CB} (D11014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {0EF130F0-4E08-11D6-8A0A-004033D24DB9} (D31025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {1298DB22-B5C5-11D6-8A0B-004033D24DB9} (D21012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DB52-B5C5-11D6-8A0B-004033D24DB9} (D21011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DB7E-B5C5-11D6-8A0B-004033D24DB9} (D21013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DBAE-B5C5-11D6-8A0B-004033D24DB9} (D21014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DBDB-B5C5-11D6-8A0B-004033D24DB9} (D21015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DC05-B5C5-11D6-8A0B-004033D24DB9} (D21016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DC1A-B5C5-11D6-8A0B-004033D24DB9} (D210.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {16AA190C-D399-11D5-8A01-004033D24DB9} (D31012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O16 - DPF: {1EF39D74-1AF5-11D6-8A08-004033D24DB9} (D31015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {248AB1C0-50DB-4D82-A15D-2E694F30B4E4} (Inet4.CInet4) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O16 - DPF: {272BF969-14B0-11D6-8A05-004033D24DB9} (D31017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {2CF24487-4BD5-11D6-8A0A-004033D24DB9} (D41024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {2E98B13E-E7CC-11D5-8A02-004033D24DB9} (D31013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {2FC95AD7-ED62-11D5-8A02-004033D24DB9} (D31016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {333DB5BC-21DC-4C64-AA72-5F8BCF5DBB1F} (D11012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {34AEE624-1BD1-11D6-8A09-004033D24DB9} (D31018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {43BCCB96-BCA1-11D5-89FE-004033D24DB9} (D41011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {43BCCBFB-BCA1-11D5-89FE-004033D24DB9} (D41013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {43BCCC20-BCA1-11D5-89FE-004033D24DB9} (D41014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {43BCCC4C-BCA1-11D5-89FE-004033D24DB9} (D41015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {444EB378-D5D5-4C3F-912C-7D41D9DF497C} (D11015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {44F37B4F-6AF0-4BEA-8270-10B97C86B0B1} (D710.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {46C3202D-BB41-4583-999A-60778A16B251} (D11013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {4C55578E-0FEB-11D6-8A03-004033D24DB9} (D31014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://mediaplus.grenoble-em.com/Download/HtmlHelpViewe... O16 - DPF: {513B7094-3CE3-11D6-8A0A-004033D24DB9} (D41022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {56703AD6-E4E0-11D5-8A02-004033D24DB9} (D410.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://mediaplus.grenoble-em.com/Download/Inet1.CAB O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://elearning.grenoble-em.com/mediaplus/Download/tsc... O16 - DPF: {7ADEE82D-FC70-40E0-8169-8A0942A08A28} (D71013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {7B37B72E-4562-408F-B937-49AABACCEF5B} (D110.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {7B7CCAA1-1183-4A5C-82C5-F19DA96AB775} (D11016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {86D39A6A-E180-4FC4-970A-F54BCEC22E69} (Inflater Class) - http://bac.m6.fr/InstallDialer/RepUpdater/InstallDialer... O16 - DPF: {8B1541C9-4E00-11D6-8A0A-004033D24DB9} (D41025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {9A88DAFC-4D2B-11D6-8A0A-004033D24DB9} (D31026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {9A88DB2A-4D2B-11D6-8A0A-004033D24DB9} (D31023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://mediaplus.grenoble-em.com/Download/ENIBP.CAB O16 - DPF: {A046A0DA-B319-4C95-A57A-2E7D5306CFDE} (D71016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {A0A1AC62-35DA-11D6-8A0A-004033D24DB9} (D41023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {BAA23425-3D74-11D6-8A0A-004033D24DB9} (D31027.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {BBD03DAC-0F59-11D6-8A03-004033D24DB9} (D31011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {BD417B41-24BF-478C-A4C1-5968B01C82CF} (Inet8.CInet8) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O16 - DPF: {C2441399-6C44-4FB3-A69D-4BA9BEA61EFF} (D71015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {C2DBF08D-A6EC-4C00-A242-0E9589CF3399} (D71012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {CAB400AF-4BB7-11D6-8A0A-004033D24DB9} (D41021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {CDCB9DBC-3728-11D6-8A0A-004033D24DB9} (D31021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {CDCB9E5A-3728-11D6-8A0A-004033D24DB9} (D31024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {CE120CF8-5E84-4245-A1A4-DD5FC86EDAE6} (D71011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://mediaplus.grenoble-em.com/Download/ENIInetTools.... O16 - DPF: {E4F5143B-E4D9-11D5-8A02-004033D24DB9} (D41016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E4F5145E-E4D9-11D5-8A02-004033D24DB9} (D41017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E4F51484-E4D9-11D5-8A02-004033D24DB9} (D41018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E54AB981-BCD6-11D5-8A00-004033D24DB9} (D41012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E728511D-40D8-11D6-8A0A-004033D24DB9} (D41026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {ED34B65B-2A98-4125-88E7-F142692E60E4} (D11011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {F24754AF-E3BF-414E-BF88-4612047F86FE} (D71014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {F3CF31B9-4C73-11D6-8A0A-004033D24DB9} (D31022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {F70E0C89-1B1A-11D6-8A08-004033D24DB9} (D310.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {FA0C386E-1A08-4629-A267-B40C1624E94A} (Inet6.CInet6) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O23 - Service: flw084 SCSI Adapter (flw084) - Unknown owner - C:\WINDOWS\System32\flw.exe (file missing)
O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Unknown owner - C:\Documents and Settings\Dvd Famille\Bureau\Norton AntiVirus 2004 Pro\ADVTOOLS\NPROTECT.EXE (file missing)
O23 - Service: Remote Procedure Call (RPC) Manager (RpcMgr) - Unknown owner - C:\WINDOWS\System32\setver32.exe (file missing)
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: Web Security (websec) - Unknown owner - C:\WINDOWS\System32\setver32c2.exe (file missing)
O23 - Service: Win32 Configuration (Windows Manage) - Unknown owner - C:\WINDOWS\System32\videosd32.exe" -netsvcs (file missing)
O23 - Service: Windows Security Update - Unknown owner - C:\WINDOWS\System32\secupd.exe (file missing)
Voila tout
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.rover-host.com/infected.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.rover-host.com/infected.html
R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [Microsoft Wininit (System33r)] system33r.exe
O4 - HKLM\..\RunServices: [Video Multimedia Driver] ndrives32.exe O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [msupdates] msupdt.exe
O4 - HKLM\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O4 - HKLM\..\RunServices: [Microsoft-Update] wngard.exe
O4 - HKLM\..\RunServices: [Microsoft NotePad] notepad.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKCU\..\RunServices: [MSN UPDATERS] virtualmemory.exe
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winfixer.com
O15 - Trusted Zone: http://*.winnanny.com
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {082D9DCB-8E89-4586-8BB9-97EC244920CB} (D11014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110...
O16 - DPF: {0EF130F0-4E08-11D6-8A0A-004033D24DB9} (D31025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310...
O16 - DPF: {1298DB22-B5C5-11D6-8A0B-004033D24DB9} (D21012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210...
O16 - DPF: {1298DB52-B5C5-11D6-8A0B-004033D24DB9} (D21011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DB7E-B5C5-11D6-8A0B-004033D24DB9} (D21013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DBAE-B5C5-11D6-8A0B-004033D24DB9} (D21014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DBDB-B5C5-11D6-8A0B-004033D24DB9} (D21015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DC05-B5C5-11D6-8A0B-004033D24DB9} (D21016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {1298DC1A-B5C5-11D6-8A0B-004033D24DB9} (D210.Module) - http://elearning.grenoble-em.com/mediaplus/Download/210... O16 - DPF: {16AA190C-D399-11D5-8A01-004033D24DB9} (D31012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {16F3737C-E323-46C0-8441-70D3D88AE930} (Inet3.CInet3) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O16 - DPF: {1EF39D74-1AF5-11D6-8A08-004033D24DB9} (D31015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {248AB1C0-50DB-4D82-A15D-2E694F30B4E4} (Inet4.CInet4) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O16 - DPF: {272BF969-14B0-11D6-8A05-004033D24DB9} (D31017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {2CF24487-4BD5-11D6-8A0A-004033D24DB9} (D41024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {2E98B13E-E7CC-11D5-8A02-004033D24DB9} (D31013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {2FC95AD7-ED62-11D5-8A02-004033D24DB9} (D31016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {333DB5BC-21DC-4C64-AA72-5F8BCF5DBB1F} (D11012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {34AEE624-1BD1-11D6-8A09-004033D24DB9} (D31018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {43BCCB96-BCA1-11D5-89FE-004033D24DB9} (D41011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {43BCCBFB-BCA1-11D5-89FE-004033D24DB9} (D41013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {43BCCC20-BCA1-11D5-89FE-004033D24DB9} (D41014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {43BCCC4C-BCA1-11D5-89FE-004033D24DB9} (D41015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {444EB378-D5D5-4C3F-912C-7D41D9DF497C} (D11015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {44F37B4F-6AF0-4BEA-8270-10B97C86B0B1} (D710.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {46C3202D-BB41-4583-999A-60778A16B251} (D11013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {4C55578E-0FEB-11D6-8A03-004033D24DB9} (D31014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://mediaplus.grenoble-em.com/Download/HtmlHelpViewe... O16 - DPF: {513B7094-3CE3-11D6-8A0A-004033D24DB9} (D41022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {56703AD6-E4E0-11D5-8A02-004033D24DB9} (D410.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://mediaplus.grenoble-em.com/Download/Inet1.CAB O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://elearning.grenoble-em.com/mediaplus/Download/tsc... O16 - DPF: {7ADEE82D-FC70-40E0-8169-8A0942A08A28} (D71013.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {7B37B72E-4562-408F-B937-49AABACCEF5B} (D110.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {7B7CCAA1-1183-4A5C-82C5-F19DA96AB775} (D11016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {86D39A6A-E180-4FC4-970A-F54BCEC22E69} (Inflater Class) - http://bac.m6.fr/InstallDialer/RepUpdater/InstallDialer... O16 - DPF: {8B1541C9-4E00-11D6-8A0A-004033D24DB9} (D41025.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {9A88DAFC-4D2B-11D6-8A0A-004033D24DB9} (D31026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {9A88DB2A-4D2B-11D6-8A0A-004033D24DB9} (D31023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://mediaplus.grenoble-em.com/Download/ENIBP.CAB O16 - DPF: {A046A0DA-B319-4C95-A57A-2E7D5306CFDE} (D71016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {A0A1AC62-35DA-11D6-8A0A-004033D24DB9} (D41023.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {BAA23425-3D74-11D6-8A0A-004033D24DB9} (D31027.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {BBD03DAC-0F59-11D6-8A03-004033D24DB9} (D31011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {BD417B41-24BF-478C-A4C1-5968B01C82CF} (Inet8.CInet8) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O16 - DPF: {C2441399-6C44-4FB3-A69D-4BA9BEA61EFF} (D71015.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {C2DBF08D-A6EC-4C00-A242-0E9589CF3399} (D71012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {CAB400AF-4BB7-11D6-8A0A-004033D24DB9} (D41021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {CDCB9DBC-3728-11D6-8A0A-004033D24DB9} (D31021.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {CDCB9E5A-3728-11D6-8A0A-004033D24DB9} (D31024.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {CE120CF8-5E84-4245-A1A4-DD5FC86EDAE6} (D71011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://mediaplus.grenoble-em.com/Download/ENIInetTools.... O16 - DPF: {E4F5143B-E4D9-11D5-8A02-004033D24DB9} (D41016.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E4F5145E-E4D9-11D5-8A02-004033D24DB9} (D41017.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E4F51484-E4D9-11D5-8A02-004033D24DB9} (D41018.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E54AB981-BCD6-11D5-8A00-004033D24DB9} (D41012.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {E728511D-40D8-11D6-8A0A-004033D24DB9} (D41026.Module) - http://elearning.grenoble-em.com/mediaplus/Download/410... O16 - DPF: {ED34B65B-2A98-4125-88E7-F142692E60E4} (D11011.Module) - http://elearning.grenoble-em.com/mediaplus/Download/110... O16 - DPF: {F24754AF-E3BF-414E-BF88-4612047F86FE} (D71014.Module) - http://elearning.grenoble-em.com/mediaplus/Download/710... O16 - DPF: {F3CF31B9-4C73-11D6-8A0A-004033D24DB9} (D31022.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {F70E0C89-1B1A-11D6-8A08-004033D24DB9} (D310.Module) - http://elearning.grenoble-em.com/mediaplus/Download/310... O16 - DPF: {FA0C386E-1A08-4629-A267-B40C1624E94A} (Inet6.CInet6) - http://elearning.grenoble-em.com/mediaplus/Download/ine... O23 - Service: flw084 SCSI Adapter (flw084) - Unknown owner - C:\WINDOWS\System32\flw.exe (file missing)
O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Unknown owner - C:\Documents and Settings\Dvd Famille\Bureau\Norton AntiVirus 2004 Pro\ADVTOOLS\NPROTECT.EXE (file missing)
O23 - Service: Remote Procedure Call (RPC) Manager (RpcMgr) - Unknown owner - C:\WINDOWS\System32\setver32.exe (file missing)
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: Web Security (websec) - Unknown owner - C:\WINDOWS\System32\setver32c2.exe (file missing)
O23 - Service: Win32 Configuration (Windows Manage) - Unknown owner - C:\WINDOWS\System32\videosd32.exe" -netsvcs (file missing)
O23 - Service: Windows Security Update - Unknown owner - C:\WINDOWS\System32\secupd.exe (file missing)
Voila tout
bonjour,j ai le meme soucis que notre ami ,spyquake ché pas quoi,j ai reussi a l'ejecter..
mais j ai toujours la page de demarrage d un anti virus (avec une fenetre grise dessus) + une alerte bidon dans la barre de tache.. spybot n a rien trouver (3 scans) antivir non plus (3 scan complet egalement)
je vous soumet le scan de hijackthis ,si vous pouvez me dire quoi enlever,je vous serais tres reconaissant![:)]( ":)")
merci d avance !
Logfile of HijackThis v1.99.1
Scan saved at 18:19:55, on 19/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\dcomcfg.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AliceParam] C:\Program Files\Alice\Dialer\bootparam.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c356.ca...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
mais j ai toujours la page de demarrage d un anti virus (avec une fenetre grise dessus) + une alerte bidon dans la barre de tache.. spybot n a rien trouver (3 scans) antivir non plus (3 scan complet egalement)
je vous soumet le scan de hijackthis ,si vous pouvez me dire quoi enlever,je vous serais tres reconaissant
merci d avance !
Logfile of HijackThis v1.99.1
Scan saved at 18:19:55, on 19/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\dcomcfg.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AliceParam] C:\Program Files\Alice\Dialer\bootparam.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c356.ca...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
bonjour
tout n'est pas nettoyé
telecharge
SmitfraudFix : :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
Ou
http://siri.geekstogo.com/SmitfraudFix.zip
ouvrir SmitfraudFix, en dézippant toute l’archive sur le bureau
Puis double clic sur SmitfraudFix.cmd puis choisir l’option 1
Sauver le rapport.
Redémarrer en mode sans échec. Attention, pas accès à internet dans ce mode
Pour demarrage sans échec : à la mise en route de l’ordi :Tapoter sur la touche F8 ou F5. Puis
En utilisant les touches du curseur, sélectionner le mode sans échec et Entrée.
Relancer SmitfraudFix
choisir cette fois l’option 2 et oui à tout.
copie le rapport
poste les rapport+ un nouveau hijack
tout n'est pas nettoyé
telecharge
SmitfraudFix : :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
Ou
http://siri.geekstogo.com/SmitfraudFix.zip
ouvrir SmitfraudFix, en dézippant toute l’archive sur le bureau
Puis double clic sur SmitfraudFix.cmd puis choisir l’option 1
Sauver le rapport.
Redémarrer en mode sans échec. Attention, pas accès à internet dans ce mode
Pour demarrage sans échec : à la mise en route de l’ordi :Tapoter sur la touche F8 ou F5. Puis
En utilisant les touches du curseur, sélectionner le mode sans échec et Entrée.
Relancer SmitfraudFix
choisir cette fois l’option 2 et oui à tout.
copie le rapport
poste les rapport+ un nouveau hijack
voila,j ai fait ce que vous m avez indiqué,et ,aparrement,je n ai plus de soucis ,je vous poste quand meme les 2 rapport de SmitfraudFix + un nouveau rapport de hijackthis :
rapport 1 :SmitFraudFix v2.62
Rapport fait à 18:43:16,28, 19/06/2006
Executé à partir de C:\Documents and Settings\steeve\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\atmclk.exe PRESENT !
C:\WINDOWS\system32\dcomcfg.exe PRESENT !
C:\WINDOWS\system32\hp???.tmp PRESENT !
C:\WINDOWS\system32\hp????.tmp PRESENT !
C:\WINDOWS\system32\ld????.tmp PRESENT !
C:\WINDOWS\system32\ot.ico PRESENT !
C:\WINDOWS\system32\simpole.tlb PRESENT !
C:\WINDOWS\system32\stdole3.tlb PRESENT !
C:\WINDOWS\system32\xuefh.dll PRESENT !
C:\WINDOWS\system32\1024\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\steeve\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\steeve\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
RAPPORT 2:SmitFraudFix v2.62
Rapport fait à 18:46:27,35, 19/06/2006
Executé à partir de C:\Documents and Settings\steeve\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\atmclk.exe supprimé
C:\WINDOWS\system32\dcomcfg.exe supprimé
C:\WINDOWS\system32\hp???.tmp supprimé
C:\WINDOWS\system32\ld????.tmp supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\simpole.tlb supprimé
C:\WINDOWS\system32\stdole3.tlb supprimé
C:\WINDOWS\system32\xuefh.dll supprimé
C:\WINDOWS\system32\1024\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
et le nouveau rapport de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 18:53:04, on 19/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AliceParam] C:\Program Files\Alice\Dialer\bootparam.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c356.ca...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
et merci encore de votre rapidité et votre efficacité!!
rapport 1 :SmitFraudFix v2.62
Rapport fait à 18:43:16,28, 19/06/2006
Executé à partir de C:\Documents and Settings\steeve\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\atmclk.exe PRESENT !
C:\WINDOWS\system32\dcomcfg.exe PRESENT !
C:\WINDOWS\system32\hp???.tmp PRESENT !
C:\WINDOWS\system32\hp????.tmp PRESENT !
C:\WINDOWS\system32\ld????.tmp PRESENT !
C:\WINDOWS\system32\ot.ico PRESENT !
C:\WINDOWS\system32\simpole.tlb PRESENT !
C:\WINDOWS\system32\stdole3.tlb PRESENT !
C:\WINDOWS\system32\xuefh.dll PRESENT !
C:\WINDOWS\system32\1024\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\steeve\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\steeve\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
RAPPORT 2:SmitFraudFix v2.62
Rapport fait à 18:46:27,35, 19/06/2006
Executé à partir de C:\Documents and Settings\steeve\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\atmclk.exe supprimé
C:\WINDOWS\system32\dcomcfg.exe supprimé
C:\WINDOWS\system32\hp???.tmp supprimé
C:\WINDOWS\system32\ld????.tmp supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\simpole.tlb supprimé
C:\WINDOWS\system32\stdole3.tlb supprimé
C:\WINDOWS\system32\xuefh.dll supprimé
C:\WINDOWS\system32\1024\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
et le nouveau rapport de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 18:53:04, on 19/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AliceParam] C:\Program Files\Alice\Dialer\bootparam.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c356.ca...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
et merci encore de votre rapidité et votre efficacité!!
Lassé par la pub ? Créez un compte
- Contenus similaires :
- solutionsImpossible d'afficher mon bureau : un damier est apparu sur mon écran. Comment l'enlever ?
- solutionsImpossible de changer ma page d'accueil sur Firefox. Comment faire ?
- ForumDepuis le changement de la page d\'accueil, impossible de retrouver mon répertoi
- solutionsRésoluPourquoi ma page d'accueil a changé et mes gadgets ne s'affichent plus correctement avec Firefox 4 ?
- solutionsRésoluLa page de ma messagerie Windows a changé. Comment la rétablir ?
- ForumJai une page du bios qui se met a l'allumage comment l'enlever
- Forumprobleme de fenetre intempestives et de changement de page de demarrage,
- Forumprobleme de fenetre intempestives et de changement de page de demarrage,
- Forum probleme de fenetre intempestives et de changement de page de demarrage,
- ForumChangement de page de démarrage avec firefox
- Voir plus
