Fond d'écran bloqué

redbull0071 Messages postés 6 Statut Membre -  
 Utilisateur anonyme -
Ecran de fond bloqué...y'a t il un gentil samaritain dans ce forum qui pourra decrypter mon log hijakthis???

Logfile of HijackThis v1.99.1
Scan saved at 13:22:45, on 07/02/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\apvxdwin.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\WebRebates4\webrebates.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\WebRebates4\w11150.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\cmd.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AvltMain.exe
C:\Documents and Settings\Red\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400055&utm_content=leftnav&utm_source=wdz3&utm_medium=bund&utm_campaign=wdz0805
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400055&utm_content=leftnav&utm_source=wdz3&utm_medium=bund&utm_campaign=wdz0805
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\System32\pavdr.exe,C:\WINDOWS\System32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - C:\PROGRA~1\YETISP~1\IEBUTT~1.DLL
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - C:\Program Files\Accoona\atoolbar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Usb Autorun.exe] C:\Documents and Settings\Red\Bureau\Usb_Autorun\Usb Autorun.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [Startup Manager Scanner] C:\Program Files\Startup Mechanic\StartupScanner.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [webrebates] "C:\Program Files\WebRebates4\webrebates.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater\AdobeUpdater.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19EB9280-1D78-4394-8D4F-D05A5C86DB03}: NameServer = 192.168.1.1,213.177.64.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{5059390F-C4D0-4289-A5F8-A11EE3176DD9}: NameServer = 192.168.1.1,213.177.64.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{19EB9280-1D78-4394-8D4F-D05A5C86DB03}: NameServer = 192.168.1.1,213.177.64.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{19EB9280-1D78-4394-8D4F-D05A5C86DB03}: NameServer = 192.168.1.1,213.177.64.2
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Configuration: Athlon xp 3200+
512 Mo DDR
Win xp

10 réponses

  1. Kristopher Messages postés 3752 Statut Contributeur 106
     
    D.O.U.B.L.O.N
    0
  2. redbull0071 Messages postés 6 Statut Membre
     
    Excusez moi bien fort les gars pour ce manque de politesse pour mon premier poste sur le forum...mais je comptais profiter des 10minutes d'edition après postage pour mieux finir mon message mais des problèmes de connexion on fait que....

    pour ce qui est du doublon je suis au courant mais etant donné que chacun a surement un log different ben je dois bien faire un post.

    j'ai deja essaye des trucs vu dans des autres post mais ca n'a pas marche donc je repost le miens.

    merci d'avance a tt ceux qui y participeront.
    0
  3. redbull0071 Messages postés 6 Statut Membre
     
    maitre aranjuez

    voici comme demande le rapport de ewido. il a trouve 21 infections...
    mais le probleme a toujours l'air d'etre present...

    merci à vous
    ---------------------------------------------------------
    ewido anti-malware - Rapport de scan
    ---------------------------------------------------------

    + Créé le: 17:15:23, 07/02/2006
    + Somme de contrôle: 35E37E13

    + Résultats du scan:

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Nettoyer et sauvegarder
    :mozilla.11:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder
    :mozilla.12:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder
    :mozilla.13:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder
    :mozilla.14:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder
    :mozilla.16:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder
    :mozilla.17:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder
    :mozilla.50:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Googleadservices : Nettoyer et sauvegarder
    :mozilla.52:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Hypertracker : Nettoyer et sauvegarder
    :mozilla.99:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Sitestat : Nettoyer et sauvegarder
    :mozilla.113:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
    :mozilla.130:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Esomniture : Nettoyer et sauvegarder
    :mozilla.139:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Esomniture : Nettoyer et sauvegarder
    :mozilla.140:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Esomniture : Nettoyer et sauvegarder
    :mozilla.144:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Esomniture : Nettoyer et sauvegarder
    :mozilla.149:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
    :mozilla.150:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
    :mozilla.151:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
    :mozilla.152:C:\Documents and Settings\Red\Application Data\Mozilla\Firefox\Profiles\stw8a9ct.default\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
    C:\Documents and Settings\Red\Cookies\red@e-2dj6wjlyglajocq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Nettoyer et sauvegarder
    C:\Documents and Settings\Red\Cookies\red@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder

    ::Fin du rapport
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    re
    qui va piano va sano, red
    pas la peine de remettre ewido= des broutilles bloquées
    ~~~~~~~
    frappe chirurgicale
    fixe
    R3 - Default URLSearchHook is missing
    +
    O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll
    +
    O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - C:\Program Files\Accoona\atoolbar.dll
    +
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    +
    O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
    ~~~~~~~~~~~~~
    ensuite
    comme tu télécharges n importe quoi
    va dans
    C:\Program Files\Accoona\ASearchAssist.dll
    et supprime
    Accoona (egalement dans Ajout/Suppr de programmes)

    fais "rechercher" et upprime
    ASearchAssist.dll
    atoolbar.dll
    ~~~~~~~~
    remettre hijack aprés
    0
    1. redbull0071 Messages postés 6 Statut Membre
       
      salut aran...

      pourrais tu simplement m'expliquer brievement comment fixer ce que tu me dis....?

      merci d'avance car je n'ai jamais joue ds les registres...
      0
  6. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    qui va piano va sano,ééééééééééééééééé lontano !!!!
    0
  7. Utilisateur anonyme
     
    salut

    peux tu faire ceci stp

    HijackThis -> Open the misc tools sections -> open Uninstall manager -> clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.

    a+

    0
    1. redbull0071 Messages postés 6 Statut Membre
       
      ABBYY FineReader 5.0 Sprint Plus
      Ad-Aware SE Personal
      Adobe Bridge 1.0
      Adobe Common File Installer
      Adobe Help Center 1.0
      Adobe Photoshop CS2
      Adobe Reader 7.0.5 - Français
      Adobe Stock Photos 1.0
      Age of Dinosaurs 3D 7.9
      Alien Plasma tunnels 3D ScreenSaver © 2005 by 7art-screensavers
      Archiveur WinRAR
      ATI - Utilitaire de désinstallation du logiciel
      ATI Catalyst Control Center
      ATI Display Driver
      ATI HYDRAVISION
      AutoCAD 2005 - English
      Autodesk DWF Viewer
      Autorun MAX! 1.0 [Business Edition]
      AutorunMagick Studio 2.2.1
      Beez SS
      bzzss.exe
      CD Autorun Creator
      Change Extension
      CleanUp!
      Deluxe Menu
      DYMO Label Software
      EPSON Copy Utility 3
      EPSON Scan
      EPSON Smart Panel
      ewido anti-malware
      FlexiSIGN-PRO 7.0v2
      Forest Life 3D Screensaver 1.2
      FreeUndelete
      Green Valley 3D Screensaver 1.0
      HijackThis 1.99.1
      hotchix2006.zip
      iTunes
      La Bataille pour la Terre du Milieu(tm)
      Macromedia Dreamweaver MX 2004
      Macromedia Extension Manager
      Macromedia Flash MX 2004
      Macromedia Flash Player 8
      Macromedia Shockwave Player
      Mail For You Professional
      MailList Express
      Marvell Miniport Driver
      Microsoft .NET Framework 1.1
      Microsoft Internet Explorer 6 SP1
      Microsoft Office XP Professional avec FrontPage
      Morpheus 5.1 (remove only)
      Mozilla Firefox (1.5)
      MSN Messenger 7.5
      Need for Speed™ Most Wanted
      Nero Suite
      OpenOffice.org 2.0
      Oxilog e-mailing
      Panda Titanium Antivirus 2005
      Panneau de contrôle ATI
      PERF4180P Guide de référence
      Presto! BizCard 4.1 Fre
      Quick Menu Builder 1.2
      QuickTime
      SafeCast Shared Components
      Skype 1.4
      StyleXP (remove only)
      TrackMania Nations ESWC 0.1.7.5
      Ulead Burn.Now 1.5
      WebRebates (by TopRebates.com)
      WinAce Archiver
      YETISPORTS Pingu Throw D.C.
      0
  8. Utilisateur anonyme
     
    salut

    demarer < rechercher < tape bzzss.exe

    donne moi le resultat

    **
    desinstalle ceci:
    WebRebates (by TopRebates.com)

    puis remet un hijack this.
    a+
    0
    1. redbull0071 Messages postés 6 Statut Membre
       
      le bzzss faut pas y faire gaff c un ecran de veille. le prob de l'ecran de fond date de bien avant ca...
      voici le new rapport de hijackthis....
      concluant ou pas?
      probleme toujours la
      merci d'avance

      Logfile of HijackThis v1.99.1
      Scan saved at 09:12:18, on 08/02/2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\SYSTEM32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\ewido anti-malware\ewidoctrl.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
      C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      C:\WINDOWS\SYSTEM32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\DAEMON Tools\daemon.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
      C:\WINDOWS\System32\wbem\wmiapsrv.exe
      C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
      C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
      C:\WINDOWS\System32\wuauclt.exe
      C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
      C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\WINDOWS\System32\cmd.exe
      C:\WINDOWS\system32\ntvdm.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\WINDOWS\System32\msiexec.exe
      C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
      C:\Documents and Settings\Red\Local Settings\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: (no name) - <default> - (no file)
      F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\System32\pavdr.exe,C:\WINDOWS\System32\userinit.exe,
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - C:\PROGRA~1\YETISP~1\IEBUTT~1.DLL
      O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
      O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
      O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
      O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [Usb Autorun.exe] C:\Documents and Settings\Red\Bureau\Usb_Autorun\Usb Autorun.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
      O4 - HKLM\..\Run: [Startup Manager Scanner] C:\Program Files\Startup Mechanic\StartupScanner.exe
      O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater\AdobeUpdater.exe
      O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
      O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
      O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
      O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
      O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{19EB9280-1D78-4394-8D4F-D05A5C86DB03}: NameServer = 192.168.1.1,213.177.64.2
      O17 - HKLM\System\CCS\Services\Tcpip\..\{5059390F-C4D0-4289-A5F8-A11EE3176DD9}: NameServer = 192.168.1.1,213.177.64.2
      O17 - HKLM\System\CS1\Services\Tcpip\..\{19EB9280-1D78-4394-8D4F-D05A5C86DB03}: NameServer = 192.168.1.1,213.177.64.2
      O17 - HKLM\System\CS2\Services\Tcpip\..\{19EB9280-1D78-4394-8D4F-D05A5C86DB03}: NameServer = 192.168.1.1,213.177.64.2
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
      O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
      O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
      O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
      O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
      O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
      O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
      O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
      O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
      O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
      O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
      O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      0