Problemes avec sytemdoctor et win antispywar
laurence10
Messages postés
20
Statut
Membre
-
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
bonjour à tous, j'ai mon ordi nateur infecté par les virus systemdoctor et win antispyware.
je suis preneuse de toute solution pouvant éradiquer ce problème.
je reste à votre disposition pour effectuer les manip !! je suis novice en informatique.
merci d'avance
je suis preneuse de toute solution pouvant éradiquer ce problème.
je reste à votre disposition pour effectuer les manip !! je suis novice en informatique.
merci d'avance
A voir également:
- Problemes avec sytemdoctor et win antispywar
- Win rar - Télécharger - Compression & Décompression
- Win dir stat - Télécharger - Gestion de fichiers
- Win zip - Télécharger - Compression & Décompression
- Cle win 8.1 - Guide
- Win movie maker - Télécharger - Montage & Édition
42 réponses
Impossible de me débarasser de cette M.....
Avast le met en quarantaine mais ne le supprime pas.
Ewido, Ad Aware et Spybot ne le trouvent pas...
J'ai restauré le système pour rien, car le virus est sur Restore, comme tous ceux qui sont infestés par cette calamité..
Please, please, help me !!
Je vous poste le rapport Hijack, dites moi :
Logfile of HijackThis v1.99.1
Scan saved at 18:59:07, on 20/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\KiddyWeb\KiddyWeb.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\cidaemon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Documents and Settings\Jérôme\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=S...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KiddyWeb] C:\Program Files\KiddyWeb\KiddyWeb.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Avast le met en quarantaine mais ne le supprime pas.
Ewido, Ad Aware et Spybot ne le trouvent pas...
J'ai restauré le système pour rien, car le virus est sur Restore, comme tous ceux qui sont infestés par cette calamité..
Please, please, help me !!
Je vous poste le rapport Hijack, dites moi :
Logfile of HijackThis v1.99.1
Scan saved at 18:59:07, on 20/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\KiddyWeb\KiddyWeb.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\cidaemon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Documents and Settings\Jérôme\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=S...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KiddyWeb] C:\Program Files\KiddyWeb\KiddyWeb.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Salut
Télécharge Blacklight (de F-Secure) a l’une des 2 adresses :
https://www.f-secure.com/en
https://www.f-secure.com/en
et sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie et colle le contenu de ce rapport dans ta prochaine réponse
a+
Télécharge Blacklight (de F-Secure) a l’une des 2 adresses :
https://www.f-secure.com/en
https://www.f-secure.com/en
et sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie et colle le contenu de ce rapport dans ta prochaine réponse
a+
salut Régis et merci pour ton aide
je t'envoie le rapport que tu m'as demandé
08/21/06 19:19:03 [Info]: BlackLight Engine 1.0.46 initialized
08/21/06 19:19:03 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/21/06 19:19:03 [Note]: 7019 4
08/21/06 19:19:03 [Note]: 7005 0
08/21/06 19:19:04 [Note]: 7006 0
08/21/06 19:19:04 [Note]: 7011 1612
08/21/06 19:19:04 [Note]: 7026 0
08/21/06 19:19:04 [Note]: 7026 0
08/21/06 19:19:05 [Note]: 7024 3
08/21/06 19:19:05 [Info]: Hidden process: C:\windows\system32\sxkvqh.exe
08/21/06 19:19:05 [Note]: FSRAW library version 1.7.1019
08/21/06 19:20:05 [Note]: 4015 37502
08/21/06 19:20:05 [Note]: 4027 37502 131072
08/21/06 19:20:05 [Note]: 4020 12980 917504
08/21/06 19:20:05 [Note]: 4018 12980 917504
08/21/06 19:20:21 [Note]: 4020 30787 3735552
08/21/06 19:20:21 [Note]: 4018 30787 3735552
08/21/06 19:20:23 [Note]: 4020 30787 3735552
08/21/06 19:20:23 [Note]: 4018 30787 3735552
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:23:34 [Info]: Hidden file: c:\WINDOWS\Prefetch\SXKVQH.EXE-16EDE0EF.pf
08/21/06 19:23:34 [Note]: 10002 1
08/21/06 19:24:19 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh.dat
08/21/06 19:24:19 [Note]: 10002 1
08/21/06 19:24:20 [Info]: Hidden file: C:\windows\system32\sxkvqh.exe
08/21/06 19:24:20 [Note]: 10002 1
08/21/06 19:24:20 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_nav.dat
08/21/06 19:24:20 [Note]: 10002 1
08/21/06 19:24:20 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_navps.dat
08/21/06 19:24:21 [Note]: 10002 1
08/21/06 19:26:24 [Note]: 7007 0
merci a+
je t'envoie le rapport que tu m'as demandé
08/21/06 19:19:03 [Info]: BlackLight Engine 1.0.46 initialized
08/21/06 19:19:03 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/21/06 19:19:03 [Note]: 7019 4
08/21/06 19:19:03 [Note]: 7005 0
08/21/06 19:19:04 [Note]: 7006 0
08/21/06 19:19:04 [Note]: 7011 1612
08/21/06 19:19:04 [Note]: 7026 0
08/21/06 19:19:04 [Note]: 7026 0
08/21/06 19:19:05 [Note]: 7024 3
08/21/06 19:19:05 [Info]: Hidden process: C:\windows\system32\sxkvqh.exe
08/21/06 19:19:05 [Note]: FSRAW library version 1.7.1019
08/21/06 19:20:05 [Note]: 4015 37502
08/21/06 19:20:05 [Note]: 4027 37502 131072
08/21/06 19:20:05 [Note]: 4020 12980 917504
08/21/06 19:20:05 [Note]: 4018 12980 917504
08/21/06 19:20:21 [Note]: 4020 30787 3735552
08/21/06 19:20:21 [Note]: 4018 30787 3735552
08/21/06 19:20:23 [Note]: 4020 30787 3735552
08/21/06 19:20:23 [Note]: 4018 30787 3735552
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:20:45 [Error]: 4028 31069
08/21/06 19:23:34 [Info]: Hidden file: c:\WINDOWS\Prefetch\SXKVQH.EXE-16EDE0EF.pf
08/21/06 19:23:34 [Note]: 10002 1
08/21/06 19:24:19 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh.dat
08/21/06 19:24:19 [Note]: 10002 1
08/21/06 19:24:20 [Info]: Hidden file: C:\windows\system32\sxkvqh.exe
08/21/06 19:24:20 [Note]: 10002 1
08/21/06 19:24:20 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_nav.dat
08/21/06 19:24:20 [Note]: 10002 1
08/21/06 19:24:20 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_navps.dat
08/21/06 19:24:21 [Note]: 10002 1
08/21/06 19:26:24 [Note]: 7007 0
merci a+
voilà Régis j'ai recommancé la manip et je t'envoie un nouveau rapport
Logfile of HijackThis v1.99.1
Scan saved at 21:55:17, on 21/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 21:55:17, on 21/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Salut Laurence;
Voila le boulot a faire lol
Télécharge Brute Force Uninstaller (de Merijn) ici:
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU.
Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)
Ensuite, télécharge EGDACCESS.bfu (de Metallica) :
Fais un clik droit ici : http://metallica.geekstogo.com/EGDACCESS.bfu et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Si tu utilises Internet Explorer, assure-toi lors de la sauvegarde que le champs "Type :" affiche "Tous les fichiers".
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : EGDACCESS.bfu
- Coches la case Show log after script ends
- Clique sur Execute pour que le fix fasse son boulot :-)
Attends que le message Complete script execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Ensuite, lance Blacklight en double cliquant sur blbeta.exe et accepte la licence.
Clique sur Scan pour lancer l'analyse.
Une fois fait, selectionnes chaques fichiers trouvés et clic sur "RENAME"
Puis valide.
Réponds oui aux messages d'avertissements et te demandant si tu autorises le reboot du pc.
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Après le reboot du pc, les fichiers :
c:\WINDOWS\system32\sxkvqh.dat
C:\windows\system32\sxkvqh.exe
c:\WINDOWS\system32\sxkvqh_nav.dat
c:\WINDOWS\system32\sxkvqh_navps.dat
devraient être visible et pouvoir être supprimés sans aucuns soucis.
Blacklight ne les supprimes pas, il les renommes simplement et il va falloir que tu les vires toi même:
Va dans C:\windows\system32\ et recherches et effaces:
sxkvqh.dat.ren
sxkvqh.exe.ren
sxkvqh_nav.dat.ren
sxkvqh_navps.dat.ren
Une fois fait, reposte un rapport hijackthis + le rapport de BFU que tu auras sauvegardé et un nouveau rapport de blacklight.
Juste pour info, tu as eu installé le logiciel mailskinner ? (emoticone pour la messagerie)
Tu peux verifier s il est dans ajout/suppression de programme?
bon nettoyage et bon courage ;-)
Voila le boulot a faire lol
Télécharge Brute Force Uninstaller (de Merijn) ici:
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU.
Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)
Ensuite, télécharge EGDACCESS.bfu (de Metallica) :
Fais un clik droit ici : http://metallica.geekstogo.com/EGDACCESS.bfu et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Si tu utilises Internet Explorer, assure-toi lors de la sauvegarde que le champs "Type :" affiche "Tous les fichiers".
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : EGDACCESS.bfu
- Coches la case Show log after script ends
- Clique sur Execute pour que le fix fasse son boulot :-)
Attends que le message Complete script execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Ensuite, lance Blacklight en double cliquant sur blbeta.exe et accepte la licence.
Clique sur Scan pour lancer l'analyse.
Une fois fait, selectionnes chaques fichiers trouvés et clic sur "RENAME"
Puis valide.
Réponds oui aux messages d'avertissements et te demandant si tu autorises le reboot du pc.
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Après le reboot du pc, les fichiers :
c:\WINDOWS\system32\sxkvqh.dat
C:\windows\system32\sxkvqh.exe
c:\WINDOWS\system32\sxkvqh_nav.dat
c:\WINDOWS\system32\sxkvqh_navps.dat
devraient être visible et pouvoir être supprimés sans aucuns soucis.
Blacklight ne les supprimes pas, il les renommes simplement et il va falloir que tu les vires toi même:
Va dans C:\windows\system32\ et recherches et effaces:
sxkvqh.dat.ren
sxkvqh.exe.ren
sxkvqh_nav.dat.ren
sxkvqh_navps.dat.ren
Une fois fait, reposte un rapport hijackthis + le rapport de BFU que tu auras sauvegardé et un nouveau rapport de blacklight.
Juste pour info, tu as eu installé le logiciel mailskinner ? (emoticone pour la messagerie)
Tu peux verifier s il est dans ajout/suppression de programme?
bon nettoyage et bon courage ;-)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut Régis,
je t'envoie le rapport sur EGDACCESS.bfu
par contre je suis bloquée après le scan sur blbea.exe à aucun moment je ne peux cliquer sur "rename" quand j'ai sélectionné les fichiers ; même avec un clic droit
coment faire?
merci
et pour ton info je n'ai pas installé le logiciel mailskinner
BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 11:10:10, on 23/08/2006
Option Delete files to Recycle Bin: Yes
Failed: DllUnregister C:\WINDOWS\system32\MSWBM32.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MailSkinner\OESkinner.dll|1 (file not found)
Failed: FolderDelete C:\Program Files\dialpass (folder not found)
Failed: FolderDelete C:\Program Files\eghtmldialer (folder not found)
Failed: FolderDelete C:\Program Files\egroup (folder not found)
Failed: FolderDelete C:\Program Files\Instant Access (folder not found)
Failed: FolderDelete C:\Program Files\MailSkinner (folder not found)
Failed: DllUnregister C:\WINDOWS\mslagent\2_mslagent.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\navmpc\2_navmpc.dll|1 (file not found)
Failed: FolderDelete C:\WINDOWS\mslagent (folder not found)
Failed: FolderDelete C:\WINDOWS\navmpc (folder not found)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_b90.dat (operation failed)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF530.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFFE2C.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFFE52.tmp (operation failed)
Failed: FileDelete C:\WINDOWS\Temp\CustomB (operation failed)
Script completed.
je t'envoie le rapport sur EGDACCESS.bfu
par contre je suis bloquée après le scan sur blbea.exe à aucun moment je ne peux cliquer sur "rename" quand j'ai sélectionné les fichiers ; même avec un clic droit
coment faire?
merci
et pour ton info je n'ai pas installé le logiciel mailskinner
BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 11:10:10, on 23/08/2006
Option Delete files to Recycle Bin: Yes
Failed: DllUnregister C:\WINDOWS\system32\MSWBM32.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MailSkinner\OESkinner.dll|1 (file not found)
Failed: FolderDelete C:\Program Files\dialpass (folder not found)
Failed: FolderDelete C:\Program Files\eghtmldialer (folder not found)
Failed: FolderDelete C:\Program Files\egroup (folder not found)
Failed: FolderDelete C:\Program Files\Instant Access (folder not found)
Failed: FolderDelete C:\Program Files\MailSkinner (folder not found)
Failed: DllUnregister C:\WINDOWS\mslagent\2_mslagent.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\navmpc\2_navmpc.dll|1 (file not found)
Failed: FolderDelete C:\WINDOWS\mslagent (folder not found)
Failed: FolderDelete C:\WINDOWS\navmpc (folder not found)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_b90.dat (operation failed)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF530.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFFE2C.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFFE52.tmp (operation failed)
Failed: FileDelete C:\WINDOWS\Temp\CustomB (operation failed)
Script completed.
Salut
Fais comme ceci alors:
Télécharge: Pocket Killbox ici
http://www.downloads.subratam.org/KillBox.exe
:: Démo d utilisation (merci a Balltrap34 pour cette réalisation) ::
http://pageperso.aol.fr/balltrap34/killbox.htm
Regarde la methode du bloc note sur la vidéo et fais pareil avec cette liste:
c:\WINDOWS\system32\sxkvqh.dat
C:\windows\system32\sxkvqh.exe
c:\WINDOWS\system32\sxkvqh_nav.dat
c:\WINDOWS\system32\sxkvqh_navps.dat
Si tu as un message laisse tombé, et redemarre ton pc et remet un hijack this
a+
Fais comme ceci alors:
Télécharge: Pocket Killbox ici
http://www.downloads.subratam.org/KillBox.exe
:: Démo d utilisation (merci a Balltrap34 pour cette réalisation) ::
http://pageperso.aol.fr/balltrap34/killbox.htm
Regarde la methode du bloc note sur la vidéo et fais pareil avec cette liste:
c:\WINDOWS\system32\sxkvqh.dat
C:\windows\system32\sxkvqh.exe
c:\WINDOWS\system32\sxkvqh_nav.dat
c:\WINDOWS\system32\sxkvqh_navps.dat
Si tu as un message laisse tombé, et redemarre ton pc et remet un hijack this
a+
Voilà Régis je t'envoie les rapports
6:38:35 [Info]: BlackLight Engine 1.0.46 initialized
08/23/06 16:38:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/23/06 16:38:35 [Note]: 7019 4
08/23/06 16:38:35 [Note]: 7005 0
08/23/06 16:38:38 [Note]: 7006 0
08/23/06 16:38:38 [Note]: 7011 2000
08/23/06 16:38:38 [Note]: 7026 0
08/23/06 16:38:38 [Note]: 7026 0
08/23/06 16:38:39 [Note]: 7024 3
08/23/06 16:38:39 [Info]: Hidden process: C:\windows\system32\sxkvqh.exe
08/23/06 16:38:39 [Note]: FSRAW library version 1.7.1019
08/23/06 16:42:17 [Note]: 4013 69201
08/23/06 16:42:17 [Note]: 4020 68357 983040
08/23/06 16:42:17 [Note]: 4018 68357 983040
08/23/06 16:42:17 [Note]: 4013 69201
08/23/06 16:42:17 [Note]: 4020 68357 983040
08/23/06 16:42:17 [Note]: 4018 68357 983040
08/23/06 16:43:43 [Info]: Hidden file: c:\!KillBox\sxkvqh.dat
08/23/06 16:43:43 [Note]: 10002 1
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:46:43 [Info]: Hidden file: c:\WINDOWS\Prefetch\SXKVQH.EXE-16EDE0EF.pf
08/23/06 16:46:43 [Note]: 10002 1
08/23/06 16:47:26 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh.dat
08/23/06 16:47:26 [Note]: 10002 1
08/23/06 16:47:26 [Info]: Hidden file: C:\windows\system32\sxkvqh.exe
08/23/06 16:47:26 [Note]: 10002 1
08/23/06 16:47:26 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_nav.dat
08/23/06 16:47:26 [Note]: 10002 1
08/23/06 16:47:27 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_navps.dat
08/23/06 16:47:27 [Note]: 10002 1
08/23/06 16:49:21 [Note]: 7007 0
Logfile of HijackThis v1.99.1
Scan saved at 16:29:46, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
6:38:35 [Info]: BlackLight Engine 1.0.46 initialized
08/23/06 16:38:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/23/06 16:38:35 [Note]: 7019 4
08/23/06 16:38:35 [Note]: 7005 0
08/23/06 16:38:38 [Note]: 7006 0
08/23/06 16:38:38 [Note]: 7011 2000
08/23/06 16:38:38 [Note]: 7026 0
08/23/06 16:38:38 [Note]: 7026 0
08/23/06 16:38:39 [Note]: 7024 3
08/23/06 16:38:39 [Info]: Hidden process: C:\windows\system32\sxkvqh.exe
08/23/06 16:38:39 [Note]: FSRAW library version 1.7.1019
08/23/06 16:42:17 [Note]: 4013 69201
08/23/06 16:42:17 [Note]: 4020 68357 983040
08/23/06 16:42:17 [Note]: 4018 68357 983040
08/23/06 16:42:17 [Note]: 4013 69201
08/23/06 16:42:17 [Note]: 4020 68357 983040
08/23/06 16:42:17 [Note]: 4018 68357 983040
08/23/06 16:43:43 [Info]: Hidden file: c:\!KillBox\sxkvqh.dat
08/23/06 16:43:43 [Note]: 10002 1
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:43:51 [Error]: 4028 31069
08/23/06 16:46:43 [Info]: Hidden file: c:\WINDOWS\Prefetch\SXKVQH.EXE-16EDE0EF.pf
08/23/06 16:46:43 [Note]: 10002 1
08/23/06 16:47:26 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh.dat
08/23/06 16:47:26 [Note]: 10002 1
08/23/06 16:47:26 [Info]: Hidden file: C:\windows\system32\sxkvqh.exe
08/23/06 16:47:26 [Note]: 10002 1
08/23/06 16:47:26 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_nav.dat
08/23/06 16:47:26 [Note]: 10002 1
08/23/06 16:47:27 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_navps.dat
08/23/06 16:47:27 [Note]: 10002 1
08/23/06 16:49:21 [Note]: 7007 0
Logfile of HijackThis v1.99.1
Scan saved at 16:29:46, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
j'ai recommancé avec kill box et je te renvoie les nouveaux rapports
06 20:06:55 [Info]: BlackLight Engine 1.0.46 initialized
08/23/06 20:06:55 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/23/06 20:06:56 [Note]: 7019 4
08/23/06 20:06:56 [Note]: 7005 0
08/23/06 20:06:57 [Note]: 7006 0
08/23/06 20:06:57 [Note]: 7011 2016
08/23/06 20:06:57 [Note]: 7026 0
08/23/06 20:06:57 [Note]: 7026 0
08/23/06 20:06:58 [Note]: 7024 3
08/23/06 20:06:58 [Info]: Hidden process: C:\windows\system32\sxkvqh.exe
08/23/06 20:06:58 [Note]: FSRAW library version 1.7.1019
08/23/06 20:12:06 [Info]: Hidden file: c:\!KillBox\sxkvqh.dat
08/23/06 20:12:06 [Note]: 10002 1
08/23/06 20:12:06 [Info]: Hidden file: c:\!KillBox\sxkvqh.exe
08/23/06 20:12:07 [Note]: 10002 1
08/23/06 20:12:07 [Info]: Hidden file: c:\!KillBox\sxkvqh_nav.dat
08/23/06 20:12:07 [Note]: 10002 1
08/23/06 20:12:07 [Info]: Hidden file: c:\!KillBox\sxkvqh_navps.dat
08/23/06 20:12:07 [Note]: 10002 1
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:15:26 [Info]: Hidden file: c:\WINDOWS\Prefetch\SXKVQH.EXE-16EDE0EF.pf
08/23/06 20:15:26 [Note]: 10002 1
08/23/06 20:16:08 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh.dat
08/23/06 20:16:08 [Note]: 10002 1
08/23/06 20:16:09 [Info]: Hidden file: C:\windows\system32\sxkvqh.exe
08/23/06 20:16:09 [Note]: 10002 1
08/23/06 20:16:09 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_nav.dat
08/23/06 20:16:09 [Note]: 10002 1
08/23/06 20:16:09 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_navps.dat
08/23/06 20:16:09 [Note]: 10002 1
08/23/06 20:18:06 [Note]: 7007 0
Logfile of HijackThis v1.99.1
Scan saved at 20:20:41, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
06 20:06:55 [Info]: BlackLight Engine 1.0.46 initialized
08/23/06 20:06:55 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/23/06 20:06:56 [Note]: 7019 4
08/23/06 20:06:56 [Note]: 7005 0
08/23/06 20:06:57 [Note]: 7006 0
08/23/06 20:06:57 [Note]: 7011 2016
08/23/06 20:06:57 [Note]: 7026 0
08/23/06 20:06:57 [Note]: 7026 0
08/23/06 20:06:58 [Note]: 7024 3
08/23/06 20:06:58 [Info]: Hidden process: C:\windows\system32\sxkvqh.exe
08/23/06 20:06:58 [Note]: FSRAW library version 1.7.1019
08/23/06 20:12:06 [Info]: Hidden file: c:\!KillBox\sxkvqh.dat
08/23/06 20:12:06 [Note]: 10002 1
08/23/06 20:12:06 [Info]: Hidden file: c:\!KillBox\sxkvqh.exe
08/23/06 20:12:07 [Note]: 10002 1
08/23/06 20:12:07 [Info]: Hidden file: c:\!KillBox\sxkvqh_nav.dat
08/23/06 20:12:07 [Note]: 10002 1
08/23/06 20:12:07 [Info]: Hidden file: c:\!KillBox\sxkvqh_navps.dat
08/23/06 20:12:07 [Note]: 10002 1
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:12:15 [Error]: 4028 31069
08/23/06 20:15:26 [Info]: Hidden file: c:\WINDOWS\Prefetch\SXKVQH.EXE-16EDE0EF.pf
08/23/06 20:15:26 [Note]: 10002 1
08/23/06 20:16:08 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh.dat
08/23/06 20:16:08 [Note]: 10002 1
08/23/06 20:16:09 [Info]: Hidden file: C:\windows\system32\sxkvqh.exe
08/23/06 20:16:09 [Note]: 10002 1
08/23/06 20:16:09 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_nav.dat
08/23/06 20:16:09 [Note]: 10002 1
08/23/06 20:16:09 [Info]: Hidden file: c:\WINDOWS\system32\sxkvqh_navps.dat
08/23/06 20:16:09 [Note]: 10002 1
08/23/06 20:18:06 [Note]: 7007 0
Logfile of HijackThis v1.99.1
Scan saved at 20:20:41, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
salut Régis
voilà je t'envoie les 2 rapports
je vois qu'il y a des messages d'erreurs est-ce vraiement normal ?
j'ai fais la manip plusieurs fois
je voulais aussi te signaler que dès que j'ouvre mon ordi une fenêtre de véritas update manager s'ouvre me demandant une configuration avec windows installer et une autre fenêtre apdproxy.exe
je n'arrive pas à fermer ces fenêtres et pour fermer mon ordi ça me pose problème
dis moi à quoi cela correspond
merci à +
08/24/06 20:50:50 [Info]: BlackLight Engine 1.0.46 initialized
08/24/06 20:50:50 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/24/06 20:50:50 [Note]: 7019 4
08/24/06 20:50:50 [Note]: 7005 0
08/24/06 20:50:51 [Note]: 7006 0
08/24/06 20:50:51 [Note]: 7011 164
08/24/06 20:50:51 [Note]: 7026 0
08/24/06 20:50:51 [Note]: 7026 0
08/24/06 20:51:00 [Note]: FSRAW library version 1.7.1019
08/24/06 20:51:00 [Error]: 4028 31069
08/24/06 20:51:00 [Error]: 4028 31069
08/24/06 20:51:06 [Error]: 4028 31069
08/24/06 20:51:06 [Error]: 4028 31069
08/24/06 20:51:07 [Error]: 4028 31069
08/24/06 20:51:07 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:10 [Error]: 4028 31069
08/24/06 20:51:10 [Error]: 4028 31069
08/24/06 20:51:11 [Error]: 4028 31069
08/24/06 20:51:11 [Error]: 4028 31069
08/24/06 20:51:12 [Error]: 4028 31069
08/24/06 20:51:12 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:15 [Error]: 4028 31069
08/24/06 20:51:15 [Error]: 4028 31069
08/24/06 20:51:16 [Error]: 4028 31069
08/24/06 20:51:16 [Error]: 4028 31069
08/24/06 20:51:18 [Error]: 4028 31069
08/24/06 20:51:18 [Error]: 4028 31069
08/24/06 20:51:19 [Error]: 4028 31069
08/24/06 20:51:19 [Error]: 4028 31069
08/24/06 20:51:20 [Error]: 4028 31069
08/24/06 20:51:20 [Error]: 4028 31069
08/24/06 20:51:21 [Error]: 4028 31069
08/24/06 20:51:21 [Error]: 4028 31069
08/24/06 20:51:22 [Error]: 4028 31069
08/24/06 20:51:22 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:25 [Error]: 4028 31069
08/24/06 20:51:25 [Error]: 4028 31069
08/24/06 20:51:26 [Error]: 4028 31069
08/24/06 20:51:26 [Error]: 4028 31069
08/24/06 20:51:27 [Error]: 4028 31069
08/24/06 20:51:27 [Error]: 4028 31069
08/24/06 20:51:29 [Error]: 4028 31069
08/24/06 20:51:29 [Error]: 4028 31069
08/24/06 20:51:30 [Error]: 4028 31069
08/24/06 20:51:30 [Error]: 4028 31069
08/24/06 20:51:31 [Error]: 4028 31069
08/24/06 20:51:31 [Error]: 4028 31069
08/24/06 20:51:32 [Error]: 4028 31069
08/24/06 20:51:32 [Error]: 4028 31069
08/24/06 20:51:33 [Error]: 4028 31069
08/24/06 20:51:33 [Error]: 4028 31069
08/24/06 20:51:35 [Error]: 4028 31069
08/24/06 20:51:35 [Error]: 4028 31069
08/24/06 20:51:36 [Error]: 4028 31069
08/24/06 20:51:36 [Error]: 4028 31069
08/24/06 20:51:37 [Error]: 4028 31069
08/24/06 20:51:37 [Error]: 4028 31069
08/24/06 20:51:38 [Error]: 4028 31069
08/24/06 20:51:38 [Error]: 4028 31069
08/24/06 20:51:39 [Error]: 4028 31069
08/24/06 20:51:39 [Error]: 4028 31069
08/24/06 20:51:40 [Error]: 4028 31069
08/24/06 20:51:40 [Error]: 4028 31069
08/24/06 20:51:42 [Error]: 4028 31069
08/24/06 20:51:42 [Error]: 4028 31069
08/24/06 20:51:43 [Error]: 4028 31069
08/24/06 20:51:43 [Error]: 4028 31069
08/24/06 20:51:44 [Error]: 4028 31069
08/24/06 20:51:44 [Error]: 4028 31069
08/24/06 20:51:45 [Error]: 4028 31069
08/24/06 20:51:45 [Error]: 4028 31069
08/24/06 20:51:46 [Error]: 4028 31069
08/24/06 20:51:46 [Error]: 4028 31069
08/24/06 20:51:47 [Error]: 4028 31069
08/24/06 20:51:47 [Error]: 4028 31069
08/24/06 20:51:49 [Error]: 4028 31069
08/24/06 20:51:49 [Error]: 4028 31069
08/24/06 20:51:50 [Error]: 4028 31069
08/24/06 20:51:50 [Error]: 4028 31069
08/24/06 20:51:51 [Error]: 4028 31069
08/24/06 20:51:51 [Error]: 4028 31069
08/24/06 20:51:52 [Error]: 4028 31069
08/24/06 20:51:52 [Error]: 4028 31069
08/24/06 20:51:53 [Error]: 4028 31069
08/24/06 20:51:53 [Error]: 4028 31069
08/24/06 20:51:55 [Error]: 4028 31069
08/24/06 20:51:55 [Error]: 4028 31069
08/24/06 20:51:56 [Error]: 4028 31069
08/24/06 20:51:56 [Error]: 4028 31069
08/24/06 20:51:57 [Error]: 4028 31069
08/24/06 20:51:57 [Error]: 4028 31069
08/24/06 20:51:58 [Error]: 4028 31069
08/24/06 20:51:58 [Error]: 4028 31069
08/24/06 20:51:59 [Error]: 4028 31069
08/24/06 20:51:59 [Error]: 4028 31069
08/24/06 20:52:01 [Error]: 4028 31069
08/24/06 20:52:01 [Error]: 4028 31069
08/24/06 20:52:02 [Error]: 4028 31069
08/24/06 20:52:02 [Error]: 4028 31069
08/24/06 20:52:03 [Error]: 4028 31069
08/24/06 20:52:03 [Error]: 4028 31069
08/24/06 20:52:04 [Error]: 4028 31069
08/24/06 20:52:04 [Error]: 4028 31069
08/24/06 20:52:05 [Error]: 4028 31069
08/24/06 20:52:05 [Error]: 4028 31069
08/24/06 20:52:07 [Error]: 4028 31069
08/24/06 20:52:07 [Error]: 4028 31069
08/24/06 20:52:08 [Error]: 4028 31069
08/24/06 20:52:08 [Error]: 4028 31069
08/24/06 20:52:09 [Error]: 4028 31069
08/24/06 20:52:09 [Error]: 4028 31069
08/24/06 20:52:11 [Error]: 4028 31069
08/24/06 20:52:11 [Error]: 4028 31069
08/24/06 20:52:12 [Error]: 4028 31069
08/24/06 20:52:12 [Error]: 4028 31069
08/24/06 20:52:14 [Error]: 4028 31069
08/24/06 20:52:14 [Error]: 4028 31069
08/24/06 20:52:15 [Error]: 4028 31069
08/24/06 20:52:15 [Error]: 4028 31069
08/24/06 20:52:16 [Error]: 4028 31069
08/24/06 20:52:16 [Error]: 4028 31069
08/24/06 20:52:17 [Error]: 4028 31069
08/24/06 20:52:17 [Error]: 4028 31069
08/24/06 20:52:18 [Error]: 4028 31069
08/24/06 20:52:18 [Error]: 4028 31069
08/24/06 20:52:20 [Error]: 4028 31069
08/24/06 20:52:20 [Error]: 4028 31069
08/24/06 20:52:21 [Error]: 4028 31069
08/24/06 20:52:21 [Error]: 4028 31069
08/24/06 20:52:22 [Error]: 4028 31069
08/24/06 20:52:22 [Error]: 4028 31069
08/24/06 20:52:24 [Error]: 4028 31069
08/24/06 20:52:24 [Error]: 4028 31069
08/24/06 20:52:25 [Error]: 4028 31069
08/24/06 20:52:25 [Error]: 4028 31069
08/24/06 20:52:26 [Error]: 4028 31069
08/24/06 20:52:26 [Error]: 4028 31069
08/24/06 20:52:27 [Error]: 4028 31069
08/24/06 20:52:27 [Error]: 4028 31069
08/24/06 20:52:29 [Error]: 4028 31069
08/24/06 20:52:29 [Error]: 4028 31069
08/24/06 20:52:30 [Error]: 4028 31069
08/24/06 20:52:30 [Error]: 4028 31069
08/24/06 20:52:32 [Error]: 4028 31069
08/24/06 20:52:32 [Error]: 4028 31069
08/24/06 20:52:33 [Error]: 4028 31069
08/24/06 20:52:33 [Error]: 4028 31069
08/24/06 20:52:34 [Error]: 4028 31069
08/24/06 20:52:34 [Error]: 4028 31069
08/24/06 20:52:36 [Error]: 4028 31069
08/24/06 20:52:36 [Error]: 4028 31069
08/24/06 20:52:37 [Error]: 4028 31069
08/24/06 20:52:37 [Error]: 4028 31069
08/24/06 20:52:38 [Error]: 4028 31069
08/24/06 20:52:38 [Error]: 4028 31069
08/24/06 20:52:39 [Error]: 4028 31069
08/24/06 20:52:39 [Error]: 4028 31069
08/24/06 20:52:41 [Error]: 4028 31069
08/24/06 20:52:41 [Error]: 4028 31069
08/24/06 20:52:43 [Error]: 4028 31069
08/24/06 20:52:43 [Error]: 4028 31069
08/24/06 20:52:44 [Error]: 4028 31069
08/24/06 20:52:44 [Error]: 4028 31069
08/24/06 20:52:46 [Error]: 4028 31069
08/24/06 20:52:46 [Error]: 4028 31069
08/24/06 20:52:48 [Error]: 4028 31069
08/24/06 20:52:48 [Error]: 4028 31069
08/24/06 20:52:49 [Error]: 4028 31069
08/24/06 20:52:49 [Error]: 4028 31069
08/24/06 20:52:51 [Error]: 4028 31069
08/24/06 20:52:51 [Error]: 4028 31069
08/24/06 20:52:53 [Error]: 4028 31069
08/24/06 20:52:53 [Error]: 4028 31069
08/24/06 20:52:55 [Error]: 4028 31069
08/24/06 20:52:55 [Error]: 4028 31069
08/24/06 20:52:56 [Error]: 4028 31069
08/24/06 20:52:56 [Error]: 4028 31069
08/24/06 20:52:57 [Error]: 4028 31069
08/24/06 20:52:57 [Error]: 4028 31069
08/24/06 20:52:59 [Error]: 4028 31069
08/24/06 20:52:59 [Error]: 4028 31069
08/24/06 20:53:00 [Error]: 4028 31069
08/24/06 20:53:00 [Error]: 4028 31069
08/24/06 20:53:01 [Error]: 4028 31069
08/24/06 20:53:01 [Error]: 4028 31069
08/24/06 20:53:03 [Error]: 4028 31069
08/24/06 20:53:03 [Error]: 4028 31069
08/24/06 20:53:04 [Error]: 4028 31069
08/24/06 20:53:04 [Error]: 4028 31069
08/24/06 20:53:05 [Error]: 4028 31069
08/24/06 20:53:05 [Error]: 4028 31069
08/24/06 20:53:06 [Error]: 4028 31069
08/24/06 20:53:06 [Error]: 4028 31069
08/24/06 20:53:08 [Error]: 4028 31069
08/24/06 20:53:08 [Error]: 4028 31069
08/24/06 20:53:09 [Error]: 4028 31069
08/24/06 20:53:09 [Error]: 4028 31069
08/24/06 20:53:10 [Error]: 4028 31069
08/24/06 20:53:10 [Error]: 4028 31069
08/24/06 20:53:11 [Error]: 4028 31069
08/24/06 20:53:11 [Error]: 4028 31069
08/24/06 20:53:13 [Error]: 4028 31069
08/24/06 20:53:13 [Error]: 4028 31069
08/24/06 20:53:14 [Error]: 4028 31069
08/24/06 20:53:14 [Error]: 4028 31069
08/24/06 20:53:15 [Error]: 4028 31069
08/24/06 20:53:15 [Error]: 4028 31069
08/24/06 20:53:16 [Error]: 4028 31069
08/24/06 20:53:16 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:18 [Error]: 4028 31069
08/24/06 20:53:18 [Error]: 4028 31069
08/24/06 20:53:19 [Error]: 4028 31069
08/24/06 20:53:19 [Error]: 4028 31069
08/24/06 20:53:20 [Error]: 4028 31069
08/24/06 20:53:20 [Error]: 4028 31069
08/24/06 20:53:21 [Error]: 4028 31069
08/24/06 20:53:21 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:23 [Error]: 4028 31069
08/24/06 20:53:23 [Error]: 4028 31069
08/24/06 20:53:24 [Error]: 4028 31069
08/24/06 20:53:24 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:26 [Error]: 4028 31069
08/24/06 20:53:26 [Error]: 4028 31069
08/24/06 20:53:27 [Error]: 4028 31069
08/24/06 20:53:27 [Error]: 4028 31069
08/24/06 20:53:28 [Error]: 4028 31069
08/24/06 20:53:28 [Error]: 4028 31069
08/24/06 20:53:29 [Error]: 4028 31069
08/24/06 20:53:29 [Error]: 4028 31069
08/24/06 20:53:30 [Error]: 4028 31069
08/24/06 20:53:30 [Error]: 4028 31069
08/24/06 20:53:32 [Error]: 4028 31069
08/24/06 20:53:32 [Error]: 4028 31069
08/24/06 20:53:33 [Error]: 4028 31069
08/24/06 20:53:33 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:35 [Error]: 4028 31069
08/24/06 20:53:35 [Error]: 4028 31069
08/24/06 20:53:36 [Error]: 4028 31069
08/24/06 20:53:36 [Error]: 4028 31069
08/24/06 20:53:37 [Error]: 4028 31069
08/24/06 20:53:37 [Error]: 4028 31069
08/24/06 20:53:38 [Error]: 4028 31069
08/24/06 20:53:38 [Error]: 4028 31069
08/24/06 20:53:39 [Error]: 4028 31069
08/24/06 20:53:39 [Error]: 4028 31069
08/24/06 20:53:40 [Error]: 4028 31069
08/24/06 20:53:40 [Error]: 4028 31069
08/24/06 20:53:41 [Error]: 4028 31069
08/24/06 20:53:41 [Error]: 4028 31069
08/24/06 20:53:42 [Error]: 4028 31069
08/24/06 20:53:42 [Error]: 4028 31069
08/24/06 20:53:43 [Error]: 4028 31069
08/24/06 20:53:43 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:46 [Error]: 4028 31069
08/24/06 20:53:46 [Error]: 4028 31069
08/24/06 20:53:47 [Error]: 4028 31069
08/24/06 20:53:47 [Error]: 4028 31069
08/24/06 20:53:48 [Error]: 4028 31069
08/24/06 20:53:48 [Error]: 4028 31069
08/24/06 20:53:49 [Error]: 4028 31069
08/24/06 20:53:49 [Error]: 4028 31069
08/24/06 20:53:50 [Error]: 4028 31069
08/24/06 20:53:50 [Error]: 4028 31069
08/24/06 20:53:51 [Error]: 4028 31069
08/24/06 20:53:51 [Error]: 4028 31069
08/24/06 20:53:52 [Error]: 4028 31069
08/24/06 20:53:52 [Error]: 4028 31069
08/24/06 20:53:53 [Error]: 4028 31069
08/24/06 20:53:53 [Error]: 4028 31069
08/24/06 20:53:54 [Error]: 4028 31069
08/24/06 20:53:54 [Error]: 4028 31069
08/24/06 20:53:55 [Error]: 4028 31069
08/24/06 20:53:55 [Error]: 4028 31069
08/24/06 20:53:56 [Error]: 4028 31069
08/24/06 20:53:56 [Error]: 4028 31069
08/24/06 20:53:57 [Error]: 4028 31069
08/24/06 20:53:57 [Error]: 4028 31069
08/24/06 20:53:58 [Error]: 4028 31069
08/24/06 20:53:58 [Error]: 4028 31069
08/24/06 20:54:00 [Error]: 4028 31069
08/24/06 20:54:00 [Error]: 4028 31069
08/24/06 20:54:01 [Error]: 4028 31069
08/24/06 20:54:01 [Error]: 4028 31069
08/24/06 20:54:02 [Error]: 4028 31069
08/24/06 20:54:02 [Error]: 4028 31069
08/24/06 20:54:03 [Error]: 4028 31069
08/24/06 20:54:03 [Error]: 4028 31069
08/24/06 20:54:04 [Error]: 4028 31069
08/24/06 20:54:04 [Error]: 4028 31069
08/24/06 20:54:06 [Error]: 4028 31069
08/24/06 20:54:06 [Error]: 4028 31069
08/24/06 20:54:07 [Error]: 4028 31069
08/24/06 20:54:07 [Error]: 4028 31069
08/24/06 20:54:08 [Error]: 4028 31069
08/24/06 20:54:08 [Error]: 4028 31069
08/24/06 20:54:10 [Error]: 4028 31069
08/24/06 20:54:10 [Error]: 4028 31069
08/24/06 20:54:11 [Error]: 4028 31069
08/24/06 20:54:11 [Error]: 4028 31069
08/24/06 20:54:12 [Error]: 4028 31069
08/24/06 20:54:12 [Error]: 4028 31069
08/24/06 20:54:14 [Error]: 4028 31069
08/24/06 20:54:14 [Error]: 4028 31069
08/24/06 20:54:15 [Error]: 4028 31069
08/24/06 20:54:15 [Error]: 4028 31069
08/24/06 20:54:17 [Error]: 4028 31069
08/24/06 20:54:17 [Error]: 4028 31069
08/24/06 20:54:18 [Error]: 4028 31069
08/24/06 20:54:18 [Error]: 4028 31069
08/24/06 20:54:19 [Error]: 4028 31069
08/24/06 20:54:19 [Error]: 4028 31069
08/24/06 20:54:21 [Error]: 4028 31069
08/24/06 20:54:21 [Error]: 4028 31069
08/24/06 20:54:22 [Error]: 4028 31069
08/24/06 20:54:22 [Error]: 4028 31069
08/24/06 20:54:23 [Error]: 4028 31069
08/24/06 20:54:23 [Error]: 4028 31069
08/24/06 20:54:25 [Error]: 4028 31069
08/24/06 20:54:25 [Error]: 4028 31069
08/24/06 20:54:27 [Error]: 4028 31069
08/24/06 20:54:27 [Error]: 4028 31069
08/24/06 20:54:28 [Error]: 4028 31069
08/24/06 20:54:28 [Error]: 4028 31069
08/24/06 20:54:30 [Error]: 4028 31069
08/24/06 20:54:30 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:32 [Error]: 4028 31069
08/24/06 20:54:32 [Error]: 4028 31069
08/24/06 20:54:33 [Error]: 4028 31069
08/24/06 20:54:33 [Error]: 4028 31069
08/24/06 20:54:35 [Error]: 4028 31069
08/24/06 20:54:35 [Error]: 4028 31069
08/24/06 20:54:36 [Error]: 4028 31069
08/24/06 20:54:36 [Error]: 4028 31069
08/24/06 20:54:37 [Error]: 4028 31069
08/24/06 20:54:37 [Error]: 4028 31069
08/24/06 20:54:43 [Error]: 4028 31069
08/24/06 20:54:43 [Error]: 4028 31069
08/24/06 20:54:46 [Error]: 4028 31069
08/24/06 20:54:46 [Error]: 4028 31069
08/24/06 20:54:48 [Error]: 4028 31069
08/24/06 20:54:48 [Error]: 4028 31069
08/24/06 20:54:54 [Error]: 4028 31069
08/24/06 20:54:54 [Error]: 4028 31069
08/24/06 20:54:57 [Error]: 4028 31069
08/24/06 20:54:57 [Error]: 4028 31069
08/24/06 20:55:01 [Error]: 4028 31069
08/24/06 20:55:01 [Error]: 4028 31069
08/24/06 20:55:04 [Error]: 4028 31069
08/24/06 20:55:04 [Error]: 4028 31069
08/24/06 20:55:07 [Error]: 4028 31069
08/24/06 20:55:07 [Error]: 4028 31069
08/24/06 20:55:11 [Error]: 4028 31069
08/24/06 20:55:11 [Error]: 4028 31069
08/24/06 20:55:16 [Error]: 4028 31069
08/24/06 20:55:16 [Error]: 4028 31069
08/24/06 20:55:35 [Error]: 4028 31069
08/24/06 20:55:35 [Error]: 4028 31069
08/24/06 20:55:43 [Error]: 4028 31069
08/24/06 20:55:43 [Error]: 4028 31069
08/24/06 20:55:51 [Error]: 4028 31069
08/24/06 20:55:51 [Error]: 4028 31069
08/24/06 20:55:56 [Error]: 4028 31069
08/24/06 20:55:56 [Error]: 4028 31069
08/24/06 20:56:06 [Error]: 4028 31069
08/24/06 20:56:06 [Error]: 4028 31069
08/24/06 20:56:17 [Error]: 4028 31069
08/24/06 20:56:17 [Error]: 4028 31069
08/24/06 20:56:34 [Error]: 4028 31069
08/24/06 20:56:34 [Error]: 4028 31069
08/24/06 20:56:39 [Error]: 4028 31069
08/24/06 20:56:39 [Error]: 4028 31069
08/24/06 20:56:43 [Error]: 4028 31069
08/24/06 20:56:43 [Error]: 4028 31069
08/24/06 20:56:48 [Error]: 4028 31069
08/24/06 20:56:48 [Error]: 4028 31069
08/24/06 20:57:00 [Error]: 4028 31069
08/24/06 20:57:00 [Error]: 4028 31069
08/24/06 20:57:19 [Error]: 4028 31069
08/24/06 20:57:19 [Error]: 4028 31069
08/24/06 20:57:34 [Error]: 4028 31069
08/24/06 20:57:34 [Error]: 4028 31069
08/24/06 20:57:48 [Error]: 4028 31069
08/24/06 20:57:48 [Error]: 4028 31069
08/24/06 20:58:04 [Error]: 4028 31069
08/24/06 20:58:04 [Error]: 4028 31069
08/24/06 20:58:09 [Error]: 4028 31069
08/24/06 20:58:09 [Error]: 4028 31069
08/24/06 20:58:10 [Error]: 4028 31069
08/24/06 20:58:10 [Error]: 4028 31069
08/24/06 20:58:12 [Error]: 4028 31069
08/24/06 20:58:12 [Error]: 4028 31069
08/24/06 20:58:14 [Note]: 7007 0
gfile of HijackThis v1.99.1
Scan saved at 21:04:15, on 24/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [sxkvqh] c:\windows\system32\sxkvqh.exe sxkvqh
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
voilà je t'envoie les 2 rapports
je vois qu'il y a des messages d'erreurs est-ce vraiement normal ?
j'ai fais la manip plusieurs fois
je voulais aussi te signaler que dès que j'ouvre mon ordi une fenêtre de véritas update manager s'ouvre me demandant une configuration avec windows installer et une autre fenêtre apdproxy.exe
je n'arrive pas à fermer ces fenêtres et pour fermer mon ordi ça me pose problème
dis moi à quoi cela correspond
merci à +
08/24/06 20:50:50 [Info]: BlackLight Engine 1.0.46 initialized
08/24/06 20:50:50 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/24/06 20:50:50 [Note]: 7019 4
08/24/06 20:50:50 [Note]: 7005 0
08/24/06 20:50:51 [Note]: 7006 0
08/24/06 20:50:51 [Note]: 7011 164
08/24/06 20:50:51 [Note]: 7026 0
08/24/06 20:50:51 [Note]: 7026 0
08/24/06 20:51:00 [Note]: FSRAW library version 1.7.1019
08/24/06 20:51:00 [Error]: 4028 31069
08/24/06 20:51:00 [Error]: 4028 31069
08/24/06 20:51:06 [Error]: 4028 31069
08/24/06 20:51:06 [Error]: 4028 31069
08/24/06 20:51:07 [Error]: 4028 31069
08/24/06 20:51:07 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:08 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:09 [Error]: 4028 31069
08/24/06 20:51:10 [Error]: 4028 31069
08/24/06 20:51:10 [Error]: 4028 31069
08/24/06 20:51:11 [Error]: 4028 31069
08/24/06 20:51:11 [Error]: 4028 31069
08/24/06 20:51:12 [Error]: 4028 31069
08/24/06 20:51:12 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:13 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:14 [Error]: 4028 31069
08/24/06 20:51:15 [Error]: 4028 31069
08/24/06 20:51:15 [Error]: 4028 31069
08/24/06 20:51:16 [Error]: 4028 31069
08/24/06 20:51:16 [Error]: 4028 31069
08/24/06 20:51:18 [Error]: 4028 31069
08/24/06 20:51:18 [Error]: 4028 31069
08/24/06 20:51:19 [Error]: 4028 31069
08/24/06 20:51:19 [Error]: 4028 31069
08/24/06 20:51:20 [Error]: 4028 31069
08/24/06 20:51:20 [Error]: 4028 31069
08/24/06 20:51:21 [Error]: 4028 31069
08/24/06 20:51:21 [Error]: 4028 31069
08/24/06 20:51:22 [Error]: 4028 31069
08/24/06 20:51:22 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:23 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:24 [Error]: 4028 31069
08/24/06 20:51:25 [Error]: 4028 31069
08/24/06 20:51:25 [Error]: 4028 31069
08/24/06 20:51:26 [Error]: 4028 31069
08/24/06 20:51:26 [Error]: 4028 31069
08/24/06 20:51:27 [Error]: 4028 31069
08/24/06 20:51:27 [Error]: 4028 31069
08/24/06 20:51:29 [Error]: 4028 31069
08/24/06 20:51:29 [Error]: 4028 31069
08/24/06 20:51:30 [Error]: 4028 31069
08/24/06 20:51:30 [Error]: 4028 31069
08/24/06 20:51:31 [Error]: 4028 31069
08/24/06 20:51:31 [Error]: 4028 31069
08/24/06 20:51:32 [Error]: 4028 31069
08/24/06 20:51:32 [Error]: 4028 31069
08/24/06 20:51:33 [Error]: 4028 31069
08/24/06 20:51:33 [Error]: 4028 31069
08/24/06 20:51:35 [Error]: 4028 31069
08/24/06 20:51:35 [Error]: 4028 31069
08/24/06 20:51:36 [Error]: 4028 31069
08/24/06 20:51:36 [Error]: 4028 31069
08/24/06 20:51:37 [Error]: 4028 31069
08/24/06 20:51:37 [Error]: 4028 31069
08/24/06 20:51:38 [Error]: 4028 31069
08/24/06 20:51:38 [Error]: 4028 31069
08/24/06 20:51:39 [Error]: 4028 31069
08/24/06 20:51:39 [Error]: 4028 31069
08/24/06 20:51:40 [Error]: 4028 31069
08/24/06 20:51:40 [Error]: 4028 31069
08/24/06 20:51:42 [Error]: 4028 31069
08/24/06 20:51:42 [Error]: 4028 31069
08/24/06 20:51:43 [Error]: 4028 31069
08/24/06 20:51:43 [Error]: 4028 31069
08/24/06 20:51:44 [Error]: 4028 31069
08/24/06 20:51:44 [Error]: 4028 31069
08/24/06 20:51:45 [Error]: 4028 31069
08/24/06 20:51:45 [Error]: 4028 31069
08/24/06 20:51:46 [Error]: 4028 31069
08/24/06 20:51:46 [Error]: 4028 31069
08/24/06 20:51:47 [Error]: 4028 31069
08/24/06 20:51:47 [Error]: 4028 31069
08/24/06 20:51:49 [Error]: 4028 31069
08/24/06 20:51:49 [Error]: 4028 31069
08/24/06 20:51:50 [Error]: 4028 31069
08/24/06 20:51:50 [Error]: 4028 31069
08/24/06 20:51:51 [Error]: 4028 31069
08/24/06 20:51:51 [Error]: 4028 31069
08/24/06 20:51:52 [Error]: 4028 31069
08/24/06 20:51:52 [Error]: 4028 31069
08/24/06 20:51:53 [Error]: 4028 31069
08/24/06 20:51:53 [Error]: 4028 31069
08/24/06 20:51:55 [Error]: 4028 31069
08/24/06 20:51:55 [Error]: 4028 31069
08/24/06 20:51:56 [Error]: 4028 31069
08/24/06 20:51:56 [Error]: 4028 31069
08/24/06 20:51:57 [Error]: 4028 31069
08/24/06 20:51:57 [Error]: 4028 31069
08/24/06 20:51:58 [Error]: 4028 31069
08/24/06 20:51:58 [Error]: 4028 31069
08/24/06 20:51:59 [Error]: 4028 31069
08/24/06 20:51:59 [Error]: 4028 31069
08/24/06 20:52:01 [Error]: 4028 31069
08/24/06 20:52:01 [Error]: 4028 31069
08/24/06 20:52:02 [Error]: 4028 31069
08/24/06 20:52:02 [Error]: 4028 31069
08/24/06 20:52:03 [Error]: 4028 31069
08/24/06 20:52:03 [Error]: 4028 31069
08/24/06 20:52:04 [Error]: 4028 31069
08/24/06 20:52:04 [Error]: 4028 31069
08/24/06 20:52:05 [Error]: 4028 31069
08/24/06 20:52:05 [Error]: 4028 31069
08/24/06 20:52:07 [Error]: 4028 31069
08/24/06 20:52:07 [Error]: 4028 31069
08/24/06 20:52:08 [Error]: 4028 31069
08/24/06 20:52:08 [Error]: 4028 31069
08/24/06 20:52:09 [Error]: 4028 31069
08/24/06 20:52:09 [Error]: 4028 31069
08/24/06 20:52:11 [Error]: 4028 31069
08/24/06 20:52:11 [Error]: 4028 31069
08/24/06 20:52:12 [Error]: 4028 31069
08/24/06 20:52:12 [Error]: 4028 31069
08/24/06 20:52:14 [Error]: 4028 31069
08/24/06 20:52:14 [Error]: 4028 31069
08/24/06 20:52:15 [Error]: 4028 31069
08/24/06 20:52:15 [Error]: 4028 31069
08/24/06 20:52:16 [Error]: 4028 31069
08/24/06 20:52:16 [Error]: 4028 31069
08/24/06 20:52:17 [Error]: 4028 31069
08/24/06 20:52:17 [Error]: 4028 31069
08/24/06 20:52:18 [Error]: 4028 31069
08/24/06 20:52:18 [Error]: 4028 31069
08/24/06 20:52:20 [Error]: 4028 31069
08/24/06 20:52:20 [Error]: 4028 31069
08/24/06 20:52:21 [Error]: 4028 31069
08/24/06 20:52:21 [Error]: 4028 31069
08/24/06 20:52:22 [Error]: 4028 31069
08/24/06 20:52:22 [Error]: 4028 31069
08/24/06 20:52:24 [Error]: 4028 31069
08/24/06 20:52:24 [Error]: 4028 31069
08/24/06 20:52:25 [Error]: 4028 31069
08/24/06 20:52:25 [Error]: 4028 31069
08/24/06 20:52:26 [Error]: 4028 31069
08/24/06 20:52:26 [Error]: 4028 31069
08/24/06 20:52:27 [Error]: 4028 31069
08/24/06 20:52:27 [Error]: 4028 31069
08/24/06 20:52:29 [Error]: 4028 31069
08/24/06 20:52:29 [Error]: 4028 31069
08/24/06 20:52:30 [Error]: 4028 31069
08/24/06 20:52:30 [Error]: 4028 31069
08/24/06 20:52:32 [Error]: 4028 31069
08/24/06 20:52:32 [Error]: 4028 31069
08/24/06 20:52:33 [Error]: 4028 31069
08/24/06 20:52:33 [Error]: 4028 31069
08/24/06 20:52:34 [Error]: 4028 31069
08/24/06 20:52:34 [Error]: 4028 31069
08/24/06 20:52:36 [Error]: 4028 31069
08/24/06 20:52:36 [Error]: 4028 31069
08/24/06 20:52:37 [Error]: 4028 31069
08/24/06 20:52:37 [Error]: 4028 31069
08/24/06 20:52:38 [Error]: 4028 31069
08/24/06 20:52:38 [Error]: 4028 31069
08/24/06 20:52:39 [Error]: 4028 31069
08/24/06 20:52:39 [Error]: 4028 31069
08/24/06 20:52:41 [Error]: 4028 31069
08/24/06 20:52:41 [Error]: 4028 31069
08/24/06 20:52:43 [Error]: 4028 31069
08/24/06 20:52:43 [Error]: 4028 31069
08/24/06 20:52:44 [Error]: 4028 31069
08/24/06 20:52:44 [Error]: 4028 31069
08/24/06 20:52:46 [Error]: 4028 31069
08/24/06 20:52:46 [Error]: 4028 31069
08/24/06 20:52:48 [Error]: 4028 31069
08/24/06 20:52:48 [Error]: 4028 31069
08/24/06 20:52:49 [Error]: 4028 31069
08/24/06 20:52:49 [Error]: 4028 31069
08/24/06 20:52:51 [Error]: 4028 31069
08/24/06 20:52:51 [Error]: 4028 31069
08/24/06 20:52:53 [Error]: 4028 31069
08/24/06 20:52:53 [Error]: 4028 31069
08/24/06 20:52:55 [Error]: 4028 31069
08/24/06 20:52:55 [Error]: 4028 31069
08/24/06 20:52:56 [Error]: 4028 31069
08/24/06 20:52:56 [Error]: 4028 31069
08/24/06 20:52:57 [Error]: 4028 31069
08/24/06 20:52:57 [Error]: 4028 31069
08/24/06 20:52:59 [Error]: 4028 31069
08/24/06 20:52:59 [Error]: 4028 31069
08/24/06 20:53:00 [Error]: 4028 31069
08/24/06 20:53:00 [Error]: 4028 31069
08/24/06 20:53:01 [Error]: 4028 31069
08/24/06 20:53:01 [Error]: 4028 31069
08/24/06 20:53:03 [Error]: 4028 31069
08/24/06 20:53:03 [Error]: 4028 31069
08/24/06 20:53:04 [Error]: 4028 31069
08/24/06 20:53:04 [Error]: 4028 31069
08/24/06 20:53:05 [Error]: 4028 31069
08/24/06 20:53:05 [Error]: 4028 31069
08/24/06 20:53:06 [Error]: 4028 31069
08/24/06 20:53:06 [Error]: 4028 31069
08/24/06 20:53:08 [Error]: 4028 31069
08/24/06 20:53:08 [Error]: 4028 31069
08/24/06 20:53:09 [Error]: 4028 31069
08/24/06 20:53:09 [Error]: 4028 31069
08/24/06 20:53:10 [Error]: 4028 31069
08/24/06 20:53:10 [Error]: 4028 31069
08/24/06 20:53:11 [Error]: 4028 31069
08/24/06 20:53:11 [Error]: 4028 31069
08/24/06 20:53:13 [Error]: 4028 31069
08/24/06 20:53:13 [Error]: 4028 31069
08/24/06 20:53:14 [Error]: 4028 31069
08/24/06 20:53:14 [Error]: 4028 31069
08/24/06 20:53:15 [Error]: 4028 31069
08/24/06 20:53:15 [Error]: 4028 31069
08/24/06 20:53:16 [Error]: 4028 31069
08/24/06 20:53:16 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:17 [Error]: 4028 31069
08/24/06 20:53:18 [Error]: 4028 31069
08/24/06 20:53:18 [Error]: 4028 31069
08/24/06 20:53:19 [Error]: 4028 31069
08/24/06 20:53:19 [Error]: 4028 31069
08/24/06 20:53:20 [Error]: 4028 31069
08/24/06 20:53:20 [Error]: 4028 31069
08/24/06 20:53:21 [Error]: 4028 31069
08/24/06 20:53:21 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:22 [Error]: 4028 31069
08/24/06 20:53:23 [Error]: 4028 31069
08/24/06 20:53:23 [Error]: 4028 31069
08/24/06 20:53:24 [Error]: 4028 31069
08/24/06 20:53:24 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:25 [Error]: 4028 31069
08/24/06 20:53:26 [Error]: 4028 31069
08/24/06 20:53:26 [Error]: 4028 31069
08/24/06 20:53:27 [Error]: 4028 31069
08/24/06 20:53:27 [Error]: 4028 31069
08/24/06 20:53:28 [Error]: 4028 31069
08/24/06 20:53:28 [Error]: 4028 31069
08/24/06 20:53:29 [Error]: 4028 31069
08/24/06 20:53:29 [Error]: 4028 31069
08/24/06 20:53:30 [Error]: 4028 31069
08/24/06 20:53:30 [Error]: 4028 31069
08/24/06 20:53:32 [Error]: 4028 31069
08/24/06 20:53:32 [Error]: 4028 31069
08/24/06 20:53:33 [Error]: 4028 31069
08/24/06 20:53:33 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:34 [Error]: 4028 31069
08/24/06 20:53:35 [Error]: 4028 31069
08/24/06 20:53:35 [Error]: 4028 31069
08/24/06 20:53:36 [Error]: 4028 31069
08/24/06 20:53:36 [Error]: 4028 31069
08/24/06 20:53:37 [Error]: 4028 31069
08/24/06 20:53:37 [Error]: 4028 31069
08/24/06 20:53:38 [Error]: 4028 31069
08/24/06 20:53:38 [Error]: 4028 31069
08/24/06 20:53:39 [Error]: 4028 31069
08/24/06 20:53:39 [Error]: 4028 31069
08/24/06 20:53:40 [Error]: 4028 31069
08/24/06 20:53:40 [Error]: 4028 31069
08/24/06 20:53:41 [Error]: 4028 31069
08/24/06 20:53:41 [Error]: 4028 31069
08/24/06 20:53:42 [Error]: 4028 31069
08/24/06 20:53:42 [Error]: 4028 31069
08/24/06 20:53:43 [Error]: 4028 31069
08/24/06 20:53:43 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:45 [Error]: 4028 31069
08/24/06 20:53:46 [Error]: 4028 31069
08/24/06 20:53:46 [Error]: 4028 31069
08/24/06 20:53:47 [Error]: 4028 31069
08/24/06 20:53:47 [Error]: 4028 31069
08/24/06 20:53:48 [Error]: 4028 31069
08/24/06 20:53:48 [Error]: 4028 31069
08/24/06 20:53:49 [Error]: 4028 31069
08/24/06 20:53:49 [Error]: 4028 31069
08/24/06 20:53:50 [Error]: 4028 31069
08/24/06 20:53:50 [Error]: 4028 31069
08/24/06 20:53:51 [Error]: 4028 31069
08/24/06 20:53:51 [Error]: 4028 31069
08/24/06 20:53:52 [Error]: 4028 31069
08/24/06 20:53:52 [Error]: 4028 31069
08/24/06 20:53:53 [Error]: 4028 31069
08/24/06 20:53:53 [Error]: 4028 31069
08/24/06 20:53:54 [Error]: 4028 31069
08/24/06 20:53:54 [Error]: 4028 31069
08/24/06 20:53:55 [Error]: 4028 31069
08/24/06 20:53:55 [Error]: 4028 31069
08/24/06 20:53:56 [Error]: 4028 31069
08/24/06 20:53:56 [Error]: 4028 31069
08/24/06 20:53:57 [Error]: 4028 31069
08/24/06 20:53:57 [Error]: 4028 31069
08/24/06 20:53:58 [Error]: 4028 31069
08/24/06 20:53:58 [Error]: 4028 31069
08/24/06 20:54:00 [Error]: 4028 31069
08/24/06 20:54:00 [Error]: 4028 31069
08/24/06 20:54:01 [Error]: 4028 31069
08/24/06 20:54:01 [Error]: 4028 31069
08/24/06 20:54:02 [Error]: 4028 31069
08/24/06 20:54:02 [Error]: 4028 31069
08/24/06 20:54:03 [Error]: 4028 31069
08/24/06 20:54:03 [Error]: 4028 31069
08/24/06 20:54:04 [Error]: 4028 31069
08/24/06 20:54:04 [Error]: 4028 31069
08/24/06 20:54:06 [Error]: 4028 31069
08/24/06 20:54:06 [Error]: 4028 31069
08/24/06 20:54:07 [Error]: 4028 31069
08/24/06 20:54:07 [Error]: 4028 31069
08/24/06 20:54:08 [Error]: 4028 31069
08/24/06 20:54:08 [Error]: 4028 31069
08/24/06 20:54:10 [Error]: 4028 31069
08/24/06 20:54:10 [Error]: 4028 31069
08/24/06 20:54:11 [Error]: 4028 31069
08/24/06 20:54:11 [Error]: 4028 31069
08/24/06 20:54:12 [Error]: 4028 31069
08/24/06 20:54:12 [Error]: 4028 31069
08/24/06 20:54:14 [Error]: 4028 31069
08/24/06 20:54:14 [Error]: 4028 31069
08/24/06 20:54:15 [Error]: 4028 31069
08/24/06 20:54:15 [Error]: 4028 31069
08/24/06 20:54:17 [Error]: 4028 31069
08/24/06 20:54:17 [Error]: 4028 31069
08/24/06 20:54:18 [Error]: 4028 31069
08/24/06 20:54:18 [Error]: 4028 31069
08/24/06 20:54:19 [Error]: 4028 31069
08/24/06 20:54:19 [Error]: 4028 31069
08/24/06 20:54:21 [Error]: 4028 31069
08/24/06 20:54:21 [Error]: 4028 31069
08/24/06 20:54:22 [Error]: 4028 31069
08/24/06 20:54:22 [Error]: 4028 31069
08/24/06 20:54:23 [Error]: 4028 31069
08/24/06 20:54:23 [Error]: 4028 31069
08/24/06 20:54:25 [Error]: 4028 31069
08/24/06 20:54:25 [Error]: 4028 31069
08/24/06 20:54:27 [Error]: 4028 31069
08/24/06 20:54:27 [Error]: 4028 31069
08/24/06 20:54:28 [Error]: 4028 31069
08/24/06 20:54:28 [Error]: 4028 31069
08/24/06 20:54:30 [Error]: 4028 31069
08/24/06 20:54:30 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:31 [Error]: 4028 31069
08/24/06 20:54:32 [Error]: 4028 31069
08/24/06 20:54:32 [Error]: 4028 31069
08/24/06 20:54:33 [Error]: 4028 31069
08/24/06 20:54:33 [Error]: 4028 31069
08/24/06 20:54:35 [Error]: 4028 31069
08/24/06 20:54:35 [Error]: 4028 31069
08/24/06 20:54:36 [Error]: 4028 31069
08/24/06 20:54:36 [Error]: 4028 31069
08/24/06 20:54:37 [Error]: 4028 31069
08/24/06 20:54:37 [Error]: 4028 31069
08/24/06 20:54:43 [Error]: 4028 31069
08/24/06 20:54:43 [Error]: 4028 31069
08/24/06 20:54:46 [Error]: 4028 31069
08/24/06 20:54:46 [Error]: 4028 31069
08/24/06 20:54:48 [Error]: 4028 31069
08/24/06 20:54:48 [Error]: 4028 31069
08/24/06 20:54:54 [Error]: 4028 31069
08/24/06 20:54:54 [Error]: 4028 31069
08/24/06 20:54:57 [Error]: 4028 31069
08/24/06 20:54:57 [Error]: 4028 31069
08/24/06 20:55:01 [Error]: 4028 31069
08/24/06 20:55:01 [Error]: 4028 31069
08/24/06 20:55:04 [Error]: 4028 31069
08/24/06 20:55:04 [Error]: 4028 31069
08/24/06 20:55:07 [Error]: 4028 31069
08/24/06 20:55:07 [Error]: 4028 31069
08/24/06 20:55:11 [Error]: 4028 31069
08/24/06 20:55:11 [Error]: 4028 31069
08/24/06 20:55:16 [Error]: 4028 31069
08/24/06 20:55:16 [Error]: 4028 31069
08/24/06 20:55:35 [Error]: 4028 31069
08/24/06 20:55:35 [Error]: 4028 31069
08/24/06 20:55:43 [Error]: 4028 31069
08/24/06 20:55:43 [Error]: 4028 31069
08/24/06 20:55:51 [Error]: 4028 31069
08/24/06 20:55:51 [Error]: 4028 31069
08/24/06 20:55:56 [Error]: 4028 31069
08/24/06 20:55:56 [Error]: 4028 31069
08/24/06 20:56:06 [Error]: 4028 31069
08/24/06 20:56:06 [Error]: 4028 31069
08/24/06 20:56:17 [Error]: 4028 31069
08/24/06 20:56:17 [Error]: 4028 31069
08/24/06 20:56:34 [Error]: 4028 31069
08/24/06 20:56:34 [Error]: 4028 31069
08/24/06 20:56:39 [Error]: 4028 31069
08/24/06 20:56:39 [Error]: 4028 31069
08/24/06 20:56:43 [Error]: 4028 31069
08/24/06 20:56:43 [Error]: 4028 31069
08/24/06 20:56:48 [Error]: 4028 31069
08/24/06 20:56:48 [Error]: 4028 31069
08/24/06 20:57:00 [Error]: 4028 31069
08/24/06 20:57:00 [Error]: 4028 31069
08/24/06 20:57:19 [Error]: 4028 31069
08/24/06 20:57:19 [Error]: 4028 31069
08/24/06 20:57:34 [Error]: 4028 31069
08/24/06 20:57:34 [Error]: 4028 31069
08/24/06 20:57:48 [Error]: 4028 31069
08/24/06 20:57:48 [Error]: 4028 31069
08/24/06 20:58:04 [Error]: 4028 31069
08/24/06 20:58:04 [Error]: 4028 31069
08/24/06 20:58:09 [Error]: 4028 31069
08/24/06 20:58:09 [Error]: 4028 31069
08/24/06 20:58:10 [Error]: 4028 31069
08/24/06 20:58:10 [Error]: 4028 31069
08/24/06 20:58:12 [Error]: 4028 31069
08/24/06 20:58:12 [Error]: 4028 31069
08/24/06 20:58:14 [Note]: 7007 0
gfile of HijackThis v1.99.1
Scan saved at 21:04:15, on 24/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
C:\Program Files\Washer\washer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [sxkvqh] c:\windows\system32\sxkvqh.exe sxkvqh
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\RunServices: [MSys32] "C:\Program Files\Tetris 3000\data\morfitwebentrance.exe"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Propriétaire"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYFR
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/w...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EB504BE1-BFA2-41FE-8F49-C4DD2524E246} (Canal+ Active MSWAY) - http://servicesv4.canalplusactive.com/cabs/msway42.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Salut
Il y a encore pas mal de chose a supprimer.
HijackThis -> Open the misc tools sections -> open Uninstall manager -> clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.
A+
Il y a encore pas mal de chose a supprimer.
HijackThis -> Open the misc tools sections -> open Uninstall manager -> clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.
A+
salut laurence10 et régis,
je me permet de faire une petite intrusion , juste pour donner ce lien qui peut être très utile concernant l'utilisation de hijack this.
Qu'en penses-tu régis ?
https://blog.sosordi.net/category/articles
salutations
je me permet de faire une petite intrusion , juste pour donner ce lien qui peut être très utile concernant l'utilisation de hijack this.
Qu'en penses-tu régis ?
https://blog.sosordi.net/category/articles
salutations
Salut martinicmiel,
C'est un bon lien que tu nous proposes.
Par contre, ce que je n aime pas, c est qu il font telecharger un antivirus, antivir, pour faire la desinfection.
Si l utilisateur a deja un bon antivirus, je n en vois pas l utilité.
Je pense qu il est plus utile dans ce cas la de proceder a l analyse HijackThis, qu en penses tu?
a+
C'est un bon lien que tu nous proposes.
Par contre, ce que je n aime pas, c est qu il font telecharger un antivirus, antivir, pour faire la desinfection.
Si l utilisateur a deja un bon antivirus, je n en vois pas l utilité.
Je pense qu il est plus utile dans ce cas la de proceder a l analyse HijackThis, qu en penses tu?
a+
Amen,
En parcourant ce site j'ai lu cela, donc je te l'ai soumis, voila !!
mais je te fais confiance.
Autre question : pourquoi tu n'as pas encore proposé à laurence10 de manip en "mode sans echec" ?
petite précision: je suis un ami à elle et je l'aide à appliquer par telephone, tes indications car elle est hyper novice!!
En parcourant ce site j'ai lu cela, donc je te l'ai soumis, voila !!
mais je te fais confiance.
Autre question : pourquoi tu n'as pas encore proposé à laurence10 de manip en "mode sans echec" ?
petite précision: je suis un ami à elle et je l'aide à appliquer par telephone, tes indications car elle est hyper novice!!
Salut
Ah d accord ! Et apres ce sera les voisins, les amies, les enfants lol
Tu as plutot raison de me faire confiance oui lol
Pour l instant, on s est occupé de system doctor.Je supose qu elle n a plus de pubs ainsi. le mode sans echec ne sert pas car les elements responsable de l infection sont cachées et ne peuvent etre qu apparentes par la manip faite juste avant.
Tu dis hyper novice, Pourtant j explique bien non? lol
;-)
A+
Ah d accord ! Et apres ce sera les voisins, les amies, les enfants lol
Tu as plutot raison de me faire confiance oui lol
Pour l instant, on s est occupé de system doctor.Je supose qu elle n a plus de pubs ainsi. le mode sans echec ne sert pas car les elements responsable de l infection sont cachées et ne peuvent etre qu apparentes par la manip faite juste avant.
Tu dis hyper novice, Pourtant j explique bien non? lol
;-)
A+
Je confirme je suis même très très novice et par téléphone et par mail c'est un peu difficile pour moi mais tu expliques très bien
C'est vrai je n'ai plus de page de pub qui s'affichent et c super
Par contre je n'ai pas très bien compris la dernière manip que tu me demandes peux tu m'expliquer plus en détails STP
Quand je fais un HijachThis je ne vois pas comment je peux accéder à Uninstall manager et cliquer sur "Save list"
C'est vrai je n'ai plus de page de pub qui s'affichent et c super
Par contre je n'ai pas très bien compris la dernière manip que tu me demandes peux tu m'expliquer plus en détails STP
Quand je fais un HijachThis je ne vois pas comment je peux accéder à Uninstall manager et cliquer sur "Save list"
Coucou
Cool, au moins tu es tranquille.
Lance hijack this, clik sur Open the misc tools sections puis open Uninstall manager , une liste s affiche, clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.
Si tu n y arrives pas, dis le moi
a+
Cool, au moins tu es tranquille.
Lance hijack this, clik sur Open the misc tools sections puis open Uninstall manager , une liste s affiche, clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.
Si tu n y arrives pas, dis le moi
a+
