|
|
|
ph3886$2004093 ph3886 03/04 :: 17:51
Arrivant
| | la j ai pas mal de probleme avec mon pc je m y connais pas super bien j ai une toolbar omegasearch qui s affiche a chaque fois que je me connecte j ai nettoyé ma base de registre plusieurs fois avec easycleaner apparemment rien de suspect ad aware 6 ne repere pas non plus de spy je supprime regulierement l integralite des cookies et temporary files pourtant le probleme persiste que dois je faire merci par avance de votre aide | |
|
stin07bis$2004001 stin07bis 03/04 :: 17:53
Arrivant
| | salut, telecharge "hijackthis", puis colle le log ici...@+ | |
|
ph3886$2004093 ph3886 04/04 :: 20:02
Arrivant
| | Logfile of HijackThis v1.94.0 Scan saved at 20:01:26, on 04/04/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://omegasearch.com/passthrough/index.html?http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://home.free.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride=;localhost;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - F:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO: (no name) - {06849E9F-C7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - F:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - F:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "F:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "F:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe" O4 - HKLM\..\Run: [NeroCheck] F:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] F:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [zBrowser Launcher] F:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [BearShare] "F:\Program Files\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [About Balm] F:\PROGRA~1\thunkfoursecond\reffrag.exe O4 - HKLM\..\Run: [Trickler] "f:\windows\temp\adware\fsg_4104a.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [LDM] F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [IDMan] F:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Steam] F:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [RamBoostXp] F:\Program Files\RamBoost XP\rambxpfr.exe O8 - Extra context menu item: Chercher avec Copernic Agent - F:\Program Files\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: Download All Links with IDM - F:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - F:\PROGRA~1\INTERN~2\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent (HKLM) O9 - Extra button: Copernic Agent (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://sea2fd.sea2.hotmail.msn.com/activex/HMAtchmt.ocx
| |
|
raph28$2004064 raph28 04/04 :: 20:48
Arrivante
| | R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://omegasearch.com/passthrough/index.html?http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html
Tu peux déjà virer ceux-là. Pour le reste, attends les pros. Je te conseille le téléchargement de spybot (lien dispo sur ce site) qui se chargera d'éliminer ce genre de pb. | |
|
stin07bis$2004001 stin07bis 05/04 :: 01:00
Arrivant
| | R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - F:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - F:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [About Balm] F:\PROGRA~1\thunkfoursecond\reffrag.exe O4 - HKLM\..\Run: [Trickler] "f:\windows\temp\adware\fsg_4104a.exe"
salut, ceux d'en a virés....celui d'en bas, si c'est une applic a toi, soit tu le garde ou le vire....... O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
| |
|
ph3886$2004093 ph3886 06/04 :: 20:04
Arrivant
| | ok ca marche mieux deja par contre j arrive pas a virer about balm merci bcp | |
|
raph28$2004064 raph28 06/04 :: 20:15
Arrivante
| | S'il revient à chaque fois, essaye peut-être d'éliminer le programme reffrag.exe manuellement. Visiblement, il se trouve dans F. Essaye tjs tu verras s'il revient | |
|
july$2004125 july 05/05 :: 15:05
Arrivante
| | hello je suis pas tres callée en matiere de virus vers et tt...je voudrais me debarasser de omegasearch alors, pares avoir lu les messages, j'ai telechargé hijackthis et je voudrais savoir si je peux supprimes les memes lignes que Ph3886 qui a eu le meme pb que moi?
je vais qd meme vous laisser les resultats du prog: Logfile of HijackThis v1.94.0 Scan saved at 15:00:44, on 05/05/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://omegasearch.com/passthrough/index.html?http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {06849E9F-C7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {8B6CEB15-5A34-95F9-43E5-6C45623E7CFE} - C:\PROGRA~1\MPEGPR~1\Platformdumb.dll (file missing) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: BirdError - {971408B6-E90B-0C0F-BDE1-4073DAB532} - C:\PROGRA~1\MPEGPR~1\Platformdumb.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [Barb License] C:\PROGRA~1\DELETE~1\Wipe fork send.exe O4 - HKLM\..\Run: [DRJTBOZGR] C:\WINDOWS\DRJTBOZGR.exe O4 - HKLM\..\Run: [yjsp] C:\WINDOWS\yjsp.exe O4 - HKLM\..\Run: [obolkfgz] C:\WINDOWS\obolkfgz.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - htt
Merci d'avance d'avoir lu ce message! | |
|
enclique4$2004065 enclique4 05/05 :: 16:16
Arrivant
| | R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://omegasearch.com/passthrough/index.html?http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://omegasearch.com/searchbar.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://omegasearch.com/searchbar.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {8B6CEB15-5A34-95F9-43E5-6C45623E7CFE} - C:\PROGRA~1\MPEGPR~1\Platformdumb.dll (file missing) O3 - Toolbar: BirdError - {971408B6-E90B-0C0F-BDE1-4073DAB532} - C:\PROGRA~1\MPEGPR~1\Platformdumb.dll (file missing) O4 - HKLM\..\Run: [DRJTBOZGR] C:\WINDOWS\DRJTBOZGR.exe O4 - HKLM\..\Run: [yjsp] C:\WINDOWS\yjsp.exe O4 - HKLM\..\Run: [obolkfgz] C:\WINDOWS\obolkfgz.exe voila July tu vire tout d'abord cela......avant de les enlever, crait tout de meme un point de restoration, demarrer accessoires outils systeme et tu crrer un point de restauration et apres tu vire ceux d'en haut @+ | |
|
laserpe$2003349 laserpe 05/05 :: 17:08
Arrivant
| | et toujours le même conseil : mets ton système à jour... | |
|
redneck$2004129 redneck 09/05 :: 16:17
Arrivant
| | Logfile of HijackThis v1.97.7 Scan saved at 16:14:30, on 09/05/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = omegasearch.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://home.free.fr/ R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Program Files\DAP\DAPIEBar.dll O2 - BHO: (no name) - {06849E9F-C7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C088721-8706-5F3D-5AB1-8762ED695079} - C:\PROGRA~1\GRIDNO~1\Wait Else.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem216.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Dvd face] C:\PROGRA~1\SIXTHB~1\audio camp scr.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" O4 - HKLM\..\Run: [msbb] c:\program files\180solutions\msbb.exe O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe O4 - HKCU\..\Run: [SkwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKLM\..\RunOnce: [Remove at boot] C:\DeleteAtReboot.bat O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
Voila , j'ai suprimer les fichier .exe louche dans windows, jai suprimer tous ce qui ryhme avec tool ou bar et mega et search lol mais rien a fair cette saloperie de page home revien mais pas la bar et mon internet explorer planke tout les 2 sec jpe plus surfer :'( help plz
| |
|
Louny$2003355 Louny 09/05 » 17:33
Arrivante
| | istsvc - istsvc.exe - Process Information
Process File: istsvc or istsvc.exe Process Name: IST Service Description: Application that is an Internet Explorer toolbar that helps a user to find adult material on the net. The application also displays advertisements. Company: Integrated Search Technologies System Process: No Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes ________________________________
msbb - msbb.exe - Process Information
Process File: msbb or msbb.exe Process Name: MSBB Web3000 Spyware Application Description: MSBB Web3000 spyware application that is included with some adware products and is started from the registry when Windows is loaded. Company: 180Solutions.com System Process: No Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes _____________________________________
Sysupd.exe est aussi associé aux spyware.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = omegasearch.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Program Files\DAP\DAPIEBar.dll O2 - BHO: (no name) - {5C088721-8706-5F3D-5AB1-8762ED695079} - C:\PROGRA~1\GRIDNO~1\Wait Else.dll O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem216.dll O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKLM\..\Run: [msbb] c:\program files\180solutions\msbb.exe O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O4 - HKLM\..\RunOnce: [Remove at boot] C:\DeleteAtReboot.bat
Fixer tout ça; après avoir fermé internet explorer. (sois certain d'avoir désactivé la restauration automatique sous XP ou ME)
Redémarrer en mode sans échec. Supprimer: - Program Files\ISTsvc\istsvc.exe - DeleteAtReboot.bat - DAP\dapextie.htm - msbb.exe
Lancer Spybot SD et faire le nécessaire, ainsi que ton antivirus. Nettoyage disque dur complet de tous fichiers temporaires, cookies sysupd.exe | |
|
redneck$2004129 redneck 09/05 :: 17:43
Arrivant
| | C parfait, merci bcp louny mais un seul bleme mon IE plante tjrs autant et impossible de naviguer plus de 30sec jai refait un hijackthis ensuite pour voir :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://home.free.fr/ O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: (no name) - {06849E9F-C7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C088721-8706-5F3D-5AB1-8762ED695079} - C:\PROGRA~1\GRIDNO~1\Wait Else.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem216.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Dvd face] C:\PROGRA~1\SIXTHB~1\audio camp scr.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe O4 - HKCU\..\Run: [SkwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
Voila , c'est mon seul probleme que IE plante et prend 100% de CPU ensuite il fait un probleme et IE se coupe sans fair planter lordi totalement | |
|
redneck$2004129 redneck 09/05 :: 17:59
Arrivant
| | Voila je vien de fair le prog en scan sur mon ordi a moi cette fois si et sa me sort tout sa .... si vous pouvez aussi verifier mon pc sa serai cool merci
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://if.searchcentrix.com/sidecat.jsp?p=98567&appid=21&id=11573619216801 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://if.searchcentrix.com/sidecat.jsp?p=98567&appid=21&id=11573619216801 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {936063-44BE-49B9-BD14-BB9663FD38FC} - (no file) O1 - Hosts: 216.177.73.139 auto.search.msn.com O1 - Hosts: 216.177.73.139 search.netscape.com O1 - Hosts: 216.177.73.139 ieautosearch O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-AB2D-32436313D9} - C:\WINDOWS\bsx5.dll O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Program Files\DAP\DAPIEBar.dll O2 - BHO: (no name) - {06849E9F-C7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {4E7BD74F-2B-469E-DFF7-EC6BF4D5FA7D} - C:\WINDOWS\gsim.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: (no name) - {A85C4A1B-BD36-44E5-A70F-8EC347D9B24F} - C:\WINDOWS\bs3.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun O4 - HKLM\..\Run: [bxsx5] RunDLL32.EXE C:\WINDOWS\bsx5.dll,DllRun O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: Run DAP (HKLM) O9 - Extra button: Real.com (HKLM) O9 - Extra button: FlashGet (HKLM) O9 - Extra 'Tools' menuitem: &FlashGet (HKLM) O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ | |
|
Louny$2003355 Louny 09/05 :: 20:47
Arrivante
| | Je veux le log rapport en entier... J'ai l'impression que tu te fiches de nous... | |
|
enclique4$2004065 enclique4 09/05 :: 21:56
Arrivant
| | R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://if.searchcentrix.com/sidecat.jsp?p=98567&appid=21&id=11573619216801 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://if.searchcentrix.com/sidecat.jsp?p=98567&appid=21&id=11573619216801 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: (no name) - {936063-44BE-49B9-BD14-BB9663FD38FC} - (no file) O1 - Hosts: 216.177.73.139 auto.search.msn.com O1 - Hosts: 216.177.73.139 search.netscape.com O1 - Hosts: 216.177.73.139 ieautosearch R3 - URLSearchHook: (no name) - {936063-44BE-49B9-BD14-BB9663FD38FC} - (no file) O1 - Hosts: 216.177.73.139 auto.search.msn.com O1 - Hosts: 216.177.73.139 search.netscape.com O1 - Hosts: 216.177.73.139 ieautosearch O2 - BHO: (no name) - {4E7BD74F-2B-469E-DFF7-EC6BF4D5FA7D} - C:\WINDOWS\gsim.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: (no name) - {A85C4A1B-BD36-44E5-A70F-8EC347D9B24F} - C:\WINDOWS\bs3.dll O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun O4 - HKLM\..\Run: [bxsx5] RunDLL32.EXE C:\WINDOWS\bsx5.dll,DllRun O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: Run DAP (HKLM) O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net
| |
|
enclique4$2004065 enclique4 09/05 :: 21:57
Arrivant
| | Mais attend l'avis des autres menbres | |
|
redneck$2004129 redneck 10/05 :: 14:47
Arrivant
| | bon lordi avec des bleme de omegasearch na plus de probleme ,j'ai fait un scan sur un otre pc, viola ce que sa donne
Logfile of HijackThis v1.97.7 Scan saved at 14:46:16, on 10/05/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\ISTsvc\istsvc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\teamspeak2_RC2\TeamSpeak.exe D:\Mirc fr\mircfr\mirc.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\hi\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://if.searchcentrix.com/sidecat.jsp?p=98567&appid=21&id=11573619216801 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://if.searchcentrix.com/sidecat.jsp?p=98567&appid=21&id=11573619216801 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {936063-44BE-49B9-BD14-BB9663FD38FC} - (no file) O1 - Hosts: 216.177.73.139 auto.search.msn.com O1 - Hosts: 216.177.73.139 search.netscape.com O1 - Hosts: 216.177.73.139 ieautosearch O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-AB2D-32436313D9} - C:\WINDOWS\bsx5.dll O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Program Files\DAP\DAPIEBar.dll O2 - BHO: (no name) - {06849E9F-C7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {4E7BD74F-2B-469E-DFF7-EC6BF4D5FA7D} - C:\WINDOWS\gsim.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: (no name) - {A85C4A1B-BD36-44E5-A70F-8EC347D9B24F} - C:\WINDOWS\bs3.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun O4 - HKLM\..\Run: [bxsx5] RunDLL32.EXE C:\WINDOWS\bsx5.dll,DllRun O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: Run DAP (HKLM) O9 - Extra button: Real.com (HKLM) O9 - Extra button: FlashGet (HKLM) O9 - Extra 'Tools' menuitem: &FlashGet (HKLM) O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
et il est en entier comme lotre !! | |
|
laserpe$2003349 laserpe 10/05 :: 16:40
Arrivant
| | 1- ce log est entier, certes, mais pas l'avant dernier il y manquait tout le haut. 2- commence par mettre ton système à jour de ses correctifs ça pourra t'éviter pas mal de problèmes du genre de ceux que tu as rencontrés 3-suis ce que t'a indiqué enclique4, on y verra plus clair... tu peux y rajouter celui-ci : O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll | |
|
apophis76$2004132 apophis76 12/05 :: 16:53
Arrivant
| | R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://omegasearch.com/searchbar.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://omegasearch.com/searchbar.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = omegasearch.com O2 - BHO: (no name) - {06849E9F-C7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-29DF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: (no name) - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\justDo\Jd2002.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\tppaldr.exe O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [2 Tray] C:\PROGRA~1\MEMOBOREWMA\FileLongBags.exe O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe /q O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\justDo\IECatcher.DLL/FlashCatcher.htm O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM) O9 - Extra button: Flash Catcher (HKLM) O9 - Extra 'Tools' menuitem: Flash Catcher (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {0E8FB6E3-783C-11D8-AA67-00E018B0585C} (TestLABMarkActiveXContrôle) - http://users.skynet.be/sky37131/TestLABMark.ocx O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA1E71} (RdxIE Class) - http://software-dl.real.com/2153c0bdb466ec0d3a15/netzip/RdxIE601_fr.cab O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.alloticket.com/MicroPaiement/kit/WebInstall.dll O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.webdynamit.net/HardwareDetection/activex/hardwaredetection.cab O16 - DPF: {A40ED8B3-F960-11D4-F3-89955D701717} (TestLABCPUContrôle) - http://users.skynet.be/sky37131/TestLABCPU_proj.ocx O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB O16 - DPF: {C410AF67-780F-11D8-AA67-00E018B0585C} (TestLABMEMActiveXContrôle) - http://users.skynet.be/sky37131/TestLABMEM.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{206A1700-2B14-4255-9970-2219FE85E46E}: NameServer = 80.10.246.1 80.10.246.132 O17 - HKLM\System\CS1\Services\Tcpip\..\{206A1700-2B14-4255-9970-2219FE85E46E}: NameServer = 80.10.246.1 80.10.246.132
| |