Hijack sur mon IE

BigRed065

12/01/2005 à 09:27

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
www2.canoe.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
C:PROGRA~1COPERN~1COPERN~1.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:Program
FilesGetRightxx2gr.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
FilesNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
C:WINDOWSsystem32lgfe.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
FilesTechSmithSnagIt 7SnagItIEAddin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
C:Program FilesCopernic AgentCopernicAgentExt.dll
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe"
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
Protype32.exe"
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
SharedccApp.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
-AutoStart
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavaj2re1.4.2_06binjusched.exe
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: Chercher avec Copernic Agent -
res://C:Program FilesCopernic
AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Download with GetRight - C:Program
FilesGetRightGRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:Program
FilesGetRightGRbrowse.htm
O8 - Extra context menu item: Voir les cookies -
C:WINDOWSwebshowcookies.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSsystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent -
{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
AgentCopernicAgent.exe
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
- http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) -
http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093686613969
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
http://www.meetstream.com/activex/login4/login.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
http://desync.com/nsvplayx_vp6_aac.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class)
- http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique -
Unknown - C:WINDOWSSystem32dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: Journal des événements - Unknown -
C:WINDOWSsystem32services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
C:WINDOWSSystem32imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown -
C:WINDOWSSystem32mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec Corporation
- C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
C:WINDOWSsystem32npkcsvc.exe
O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance -
Unknown - C:WINDOWSsystem32sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation -
C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:Program
FilesFichiers communsSC Test Branding 1 SharedServiceSCTestService1.exe
O23 - Service: Carte à puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - C:Program
FilesPhotodexCompuPicProScsiAccess.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: Journaux et alertes de performance - Unknown -
C:WINDOWSsystem32smlogsvc.exe
O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
O23 - Service: Cliché instantané de volume - Unknown -
C:WINDOWSSystem32vssvc.exe
O23 - Service: Carte de performance WMI - Unknown -
C:WINDOWSSystem32wbemwmiapsrv.exe

Vous avez filtré cet utilisateur ! Consultez son message

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
www2.canoe.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
C:PROGRA~1COPERN~1COPERN~1.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:Program
FilesGetRightxx2gr.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
FilesNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
C:WINDOWSsystem32lgfe.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
FilesTechSmithSnagIt 7SnagItIEAddin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
C:Program FilesCopernic AgentCopernicAgentExt.dll
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe"
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
Protype32.exe"
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
SharedccApp.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
-AutoStart
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavaj2re1.4.2_06binjusched.exe
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: Chercher avec Copernic Agent -
res://C:Program FilesCopernic
AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Download with GetRight - C:Program
FilesGetRightGRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:Program
FilesGetRightGRbrowse.htm
O8 - Extra context menu item: Voir les cookies -
C:WINDOWSwebshowcookies.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSsystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent -
{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
AgentCopernicAgent.exe
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
- http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) -
http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093686613969
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
http://www.meetstream.com/activex/login4/login.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
http://desync.com/nsvplayx_vp6_aac.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class)
- http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique -
Unknown - C:WINDOWSSystem32dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: Journal des événements - Unknown -
C:WINDOWSsystem32services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
C:WINDOWSSystem32imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown -
C:WINDOWSSystem32mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec Corporation
- C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
C:WINDOWSsystem32npkcsvc.exe
O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance -
Unknown - C:WINDOWSsystem32sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation -
C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:Program
FilesFichiers communsSC Test Branding 1 SharedServiceSCTestService1.exe
O23 - Service: Carte à puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - C:Program
FilesPhotodexCompuPicProScsiAccess.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: Journaux et alertes de performance - Unknown -
C:WINDOWSsystem32smlogsvc.exe
O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
O23 - Service: Cliché instantané de volume - Unknown -
C:WINDOWSSystem32vssvc.exe
O23 - Service: Carte de performance WMI - Unknown -
C:WINDOWSSystem32wbemwmiapsrv.exe

°°° KLP °°°

12/01/2005 à 10:41

Bonjour,

Voir l'Ã©valuation :
http://hijackthis.de/logfiles/2fe20b2c8da57501cd5f94f7fe9a8bef.html

KLP

"BigRed065" a Ã©crit dans le message de news:
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
| res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
| res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
| R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
| www2.canoe.com
| R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
| about:blank
| R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
| about:blank
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
| R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
| R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
| C:PROGRA~1COPERN~1COPERN~1.DLL
| O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
| C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
| O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
| C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
| O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:Program
| FilesGetRightxx2gr.dll
| O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
| FilesNorton AntiVirusNavShExt.dll
| O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
| C:WINDOWSsystem32lgfe.dll
| O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
| FilesTechSmithSnagIt 7SnagItIEAddin.dll
| O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
| C:Program FilesNorton AntiVirusNavShExt.dll
| O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
| C:Program FilesCopernic AgentCopernicAgentExt.dll
| O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
| 3MsgPlus.exe"
| O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
| Protype32.exe"
| O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
| IntelliPointpoint32.exe"
| O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
| -atboottime
| O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
| SharedccApp.exe"
| O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
| O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
| -AutoStart
| O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
| O4 - HKLM..Run: [CloneCDTray] "C:Program
| FilesSlySoftCloneCDCloneCDTray.exe" /s
| O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
| communsRealUpdate_OBrealsched.exe" -osboot
| O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
| FilesJavaj2re1.4.2_06binjusched.exe
| O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
| AntiSpywaregcasServ.exe"
| O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
| 3MsgPlus.exe" /WinStart
| O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
| O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
| /background
| O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
| communsAdobeCalibrationAdobe Gamma Loader.exe
| O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
| C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
| O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
| OfficeOffice10OSA.EXE
| O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
| O8 - Extra context menu item: Chercher avec Copernic Agent -
| res://C:Program FilesCopernic
| AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
| O8 - Extra context menu item: Download with GetRight - C:Program
| FilesGetRightGRdownload.htm
| O8 - Extra context menu item: E&xporter vers Microsoft Excel -
| res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
| O8 - Extra context menu item: Open with GetRight Browser - C:Program
| FilesGetRightGRbrowse.htm
| O8 - Extra context menu item: Voir les cookies -
| C:WINDOWSwebshowcookies.htm
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
| C:WINDOWSsystem32msjava.dll
| O9 - Extra 'Tools' menuitem: Console Java (Sun) -
| {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
| O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
| C:Program FilesCopernic AgentCopernicAgent.exe
| O9 - Extra 'Tools' menuitem: DÃ©marrer Copernic Agent -
| {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
| AgentCopernicAgent.exe
| O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
| C:Program FilesCopernic AgentCopernicAgent.exe
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
| C:Program FilesMessengermsmsgs.exe
| O9 - Extra 'Tools' menuitem: Windows Messenger -
| {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
| O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
| http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
| O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
| - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
| O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
| http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
| O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) -
| http://zone.msn.com/bingame/rock/default/popcaploader1.cab
| O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
| http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
| O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
| http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/sab a/fr/win/QuickTimeInstaller.exe
| O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
| http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client /wuweb_site.cab?1093686613969
| O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
| Class) -
| http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
| O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
| http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
| O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
| http://www.meetstream.com/activex/login4/login.cab
| O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
| http://desync.com/nsvplayx_vp6_aac.cab
| O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
| http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
| O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
| http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
| O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
| http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
| O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class)
| - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
| O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
| C:WINDOWSsystem32lgfe.dll
| O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
| C:WINDOWSsystem32lgfe.dll
| O23 - Service: C-DillaCdaC11BA - Macrovision -
| C:WINDOWSsystem32driversCDAC11BA.EXE
| O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedccEvtMgr.exe
| O23 - Service: Symantec Password Validation - Symantec Corporation -
| C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
| O23 - Service: Symantec Settings Manager - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedccSetMgr.exe
| O23 - Service: Service d'administration du Gestionnaire de disque logique -
| Unknown - C:WINDOWSSystem32dmadmin.exe
| O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
| C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
| O23 - Service: Journal des Ã©vÃ©nements - Unknown -
| C:WINDOWSsystem32services.exe
| O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
| C:WINDOWSSystem32imapi.exe
| O23 - Service: Partage de Bureau Ã distance NetMeeting - Unknown -
| C:WINDOWSSystem32mnmsrvc.exe
| O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec Corporation
| - C:Program FilesNorton AntiVirusnavapsvc.exe
| O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
| C:WINDOWSsystem32npkcsvc.exe
| O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
| O23 - Service: Gestionnaire de session d'aide sur le Bureau Ã distance -
| Unknown - C:WINDOWSsystem32sessmgr.exe
| O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
| AntiVirusSAVScan.exe
| O23 - Service: ScriptBlocking Service - Symantec Corporation -
| C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
| O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:Program
| FilesFichiers communsSC Test Branding 1 SharedServiceSCTestService1.exe
| O23 - Service: Carte Ã puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
| O23 - Service: ScsiAccess - Unknown - C:Program
| FilesPhotodexCompuPicProScsiAccess.exe
| O23 - Service: SymWMI Service - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
| O23 - Service: Journaux et alertes de performance - Unknown -
| C:WINDOWSsystem32smlogsvc.exe
| O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
| O23 - Service: ClichÃ© instantanÃ© de volume - Unknown -
| C:WINDOWSSystem32vssvc.exe
| O23 - Service: Carte de performance WMI - Unknown -
| C:WINDOWSSystem32wbemwmiapsrv.exe
|

Bonjour,

Voir l'Ã©valuation :
http://hijackthis.de/logfiles/2fe20b2c8da57501cd5f94f7fe9a8bef.html

KLP

"BigRed065" <BigRed065@discussions.microsoft.com> a Ã©crit dans le message de news:A7878D52-20A6-4674-BCEE-E7CB1B3FFC01@microsoft.com...
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
| res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
| res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
| R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
| www2.canoe.com
| R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
| about:blank
| R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
| about:blank
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
| R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
| R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
| C:PROGRA~1COPERN~1COPERN~1.DLL
| O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
| C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
| O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
| C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
| O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:Program
| FilesGetRightxx2gr.dll
| O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
| FilesNorton AntiVirusNavShExt.dll
| O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
| C:WINDOWSsystem32lgfe.dll
| O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
| FilesTechSmithSnagIt 7SnagItIEAddin.dll
| O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
| C:Program FilesNorton AntiVirusNavShExt.dll
| O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
| C:Program FilesCopernic AgentCopernicAgentExt.dll
| O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
| 3MsgPlus.exe"
| O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
| Protype32.exe"
| O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
| IntelliPointpoint32.exe"
| O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
| -atboottime
| O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
| SharedccApp.exe"
| O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
| O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
| -AutoStart
| O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
| O4 - HKLM..Run: [CloneCDTray] "C:Program
| FilesSlySoftCloneCDCloneCDTray.exe" /s
| O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
| communsRealUpdate_OBrealsched.exe" -osboot
| O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
| FilesJavaj2re1.4.2_06binjusched.exe
| O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
| AntiSpywaregcasServ.exe"
| O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
| 3MsgPlus.exe" /WinStart
| O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
| O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
| /background
| O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
| communsAdobeCalibrationAdobe Gamma Loader.exe
| O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
| C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
| O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
| OfficeOffice10OSA.EXE
| O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
| O8 - Extra context menu item: Chercher avec Copernic Agent -
| res://C:Program FilesCopernic
| AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
| O8 - Extra context menu item: Download with GetRight - C:Program
| FilesGetRightGRdownload.htm
| O8 - Extra context menu item: E&xporter vers Microsoft Excel -
| res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
| O8 - Extra context menu item: Open with GetRight Browser - C:Program
| FilesGetRightGRbrowse.htm
| O8 - Extra context menu item: Voir les cookies -
| C:WINDOWSwebshowcookies.htm
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
| C:WINDOWSsystem32msjava.dll
| O9 - Extra 'Tools' menuitem: Console Java (Sun) -
| {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
| O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
| C:Program FilesCopernic AgentCopernicAgent.exe
| O9 - Extra 'Tools' menuitem: DÃ©marrer Copernic Agent -
| {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
| AgentCopernicAgent.exe
| O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
| C:Program FilesCopernic AgentCopernicAgent.exe
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
| C:Program FilesMessengermsmsgs.exe
| O9 - Extra 'Tools' menuitem: Windows Messenger -
| {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
| O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
| http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
| O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
| - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
| O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
| http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
| O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) -
| http://zone.msn.com/bingame/rock/default/popcaploader1.cab
| O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
| http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
| O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
| http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/sab a/fr/win/QuickTimeInstaller.exe
| O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
| http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client /wuweb_site.cab?1093686613969
| O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
| Class) -
| http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
| O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
| http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
| O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
| http://www.meetstream.com/activex/login4/login.cab
| O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
| http://desync.com/nsvplayx_vp6_aac.cab
| O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
| http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
| O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
| http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
| O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
| http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
| O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class)
| - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
| O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
| C:WINDOWSsystem32lgfe.dll
| O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
| C:WINDOWSsystem32lgfe.dll
| O23 - Service: C-DillaCdaC11BA - Macrovision -
| C:WINDOWSsystem32driversCDAC11BA.EXE
| O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedccEvtMgr.exe
| O23 - Service: Symantec Password Validation - Symantec Corporation -
| C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
| O23 - Service: Symantec Settings Manager - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedccSetMgr.exe
| O23 - Service: Service d'administration du Gestionnaire de disque logique -
| Unknown - C:WINDOWSSystem32dmadmin.exe
| O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
| C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
| O23 - Service: Journal des Ã©vÃ©nements - Unknown -
| C:WINDOWSsystem32services.exe
| O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
| C:WINDOWSSystem32imapi.exe
| O23 - Service: Partage de Bureau Ã distance NetMeeting - Unknown -
| C:WINDOWSSystem32mnmsrvc.exe
| O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec Corporation
| - C:Program FilesNorton AntiVirusnavapsvc.exe
| O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
| C:WINDOWSsystem32npkcsvc.exe
| O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
| O23 - Service: Gestionnaire de session d'aide sur le Bureau Ã distance -
| Unknown - C:WINDOWSsystem32sessmgr.exe
| O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
| AntiVirusSAVScan.exe
| O23 - Service: ScriptBlocking Service - Symantec Corporation -
| C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
| O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:Program
| FilesFichiers communsSC Test Branding 1 SharedServiceSCTestService1.exe
| O23 - Service: Carte Ã puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
| O23 - Service: ScsiAccess - Unknown - C:Program
| FilesPhotodexCompuPicProScsiAccess.exe
| O23 - Service: SymWMI Service - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
| O23 - Service: Journaux et alertes de performance - Unknown -
| C:WINDOWSsystem32smlogsvc.exe
| O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
| O23 - Service: ClichÃ© instantanÃ© de volume - Unknown -
| C:WINDOWSSystem32vssvc.exe
| O23 - Service: Carte de performance WMI - Unknown -
| C:WINDOWSSystem32wbemwmiapsrv.exe
|

Vous avez filtré cet utilisateur ! Consultez son message

Bonjour,

Voir l'Ã©valuation :
http://hijackthis.de/logfiles/2fe20b2c8da57501cd5f94f7fe9a8bef.html

KLP

"BigRed065" a Ã©crit dans le message de news:
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
| res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
| res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
| R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
| www2.canoe.com
| R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
| about:blank
| R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
| about:blank
| R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
| R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
| R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
| R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
| C:PROGRA~1COPERN~1COPERN~1.DLL
| O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
| C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
| O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
| C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
| O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:Program
| FilesGetRightxx2gr.dll
| O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
| FilesNorton AntiVirusNavShExt.dll
| O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
| C:WINDOWSsystem32lgfe.dll
| O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
| FilesTechSmithSnagIt 7SnagItIEAddin.dll
| O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
| C:Program FilesNorton AntiVirusNavShExt.dll
| O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
| C:Program FilesCopernic AgentCopernicAgentExt.dll
| O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
| 3MsgPlus.exe"
| O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
| Protype32.exe"
| O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
| IntelliPointpoint32.exe"
| O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
| -atboottime
| O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
| SharedccApp.exe"
| O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
| O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
| -AutoStart
| O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
| O4 - HKLM..Run: [CloneCDTray] "C:Program
| FilesSlySoftCloneCDCloneCDTray.exe" /s
| O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
| communsRealUpdate_OBrealsched.exe" -osboot
| O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
| FilesJavaj2re1.4.2_06binjusched.exe
| O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
| AntiSpywaregcasServ.exe"
| O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
| 3MsgPlus.exe" /WinStart
| O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
| O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
| /background
| O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
| communsAdobeCalibrationAdobe Gamma Loader.exe
| O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
| C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
| O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
| OfficeOffice10OSA.EXE
| O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
| O8 - Extra context menu item: Chercher avec Copernic Agent -
| res://C:Program FilesCopernic
| AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
| O8 - Extra context menu item: Download with GetRight - C:Program
| FilesGetRightGRdownload.htm
| O8 - Extra context menu item: E&xporter vers Microsoft Excel -
| res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
| O8 - Extra context menu item: Open with GetRight Browser - C:Program
| FilesGetRightGRbrowse.htm
| O8 - Extra context menu item: Voir les cookies -
| C:WINDOWSwebshowcookies.htm
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
| C:WINDOWSsystem32msjava.dll
| O9 - Extra 'Tools' menuitem: Console Java (Sun) -
| {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
| O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
| C:Program FilesCopernic AgentCopernicAgent.exe
| O9 - Extra 'Tools' menuitem: DÃ©marrer Copernic Agent -
| {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
| AgentCopernicAgent.exe
| O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
| C:Program FilesCopernic AgentCopernicAgent.exe
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
| C:Program FilesMessengermsmsgs.exe
| O9 - Extra 'Tools' menuitem: Windows Messenger -
| {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
| O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
| http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
| O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
| - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
| O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
| http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
| O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) -
| http://zone.msn.com/bingame/rock/default/popcaploader1.cab
| O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
| http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
| O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
| http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/sab a/fr/win/QuickTimeInstaller.exe
| O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
| http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client /wuweb_site.cab?1093686613969
| O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
| Class) -
| http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
| O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
| http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
| O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
| http://www.meetstream.com/activex/login4/login.cab
| O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
| http://desync.com/nsvplayx_vp6_aac.cab
| O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
| http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
| O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
| http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
| O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
| http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
| O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class)
| - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
| O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
| C:WINDOWSsystem32lgfe.dll
| O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
| C:WINDOWSsystem32lgfe.dll
| O23 - Service: C-DillaCdaC11BA - Macrovision -
| C:WINDOWSsystem32driversCDAC11BA.EXE
| O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedccEvtMgr.exe
| O23 - Service: Symantec Password Validation - Symantec Corporation -
| C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
| O23 - Service: Symantec Settings Manager - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedccSetMgr.exe
| O23 - Service: Service d'administration du Gestionnaire de disque logique -
| Unknown - C:WINDOWSSystem32dmadmin.exe
| O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
| C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
| O23 - Service: Journal des Ã©vÃ©nements - Unknown -
| C:WINDOWSsystem32services.exe
| O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
| C:WINDOWSSystem32imapi.exe
| O23 - Service: Partage de Bureau Ã distance NetMeeting - Unknown -
| C:WINDOWSSystem32mnmsrvc.exe
| O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec Corporation
| - C:Program FilesNorton AntiVirusnavapsvc.exe
| O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
| C:WINDOWSsystem32npkcsvc.exe
| O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
| O23 - Service: Gestionnaire de session d'aide sur le Bureau Ã distance -
| Unknown - C:WINDOWSsystem32sessmgr.exe
| O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
| AntiVirusSAVScan.exe
| O23 - Service: ScriptBlocking Service - Symantec Corporation -
| C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
| O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:Program
| FilesFichiers communsSC Test Branding 1 SharedServiceSCTestService1.exe
| O23 - Service: Carte Ã puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
| O23 - Service: ScsiAccess - Unknown - C:Program
| FilesPhotodexCompuPicProScsiAccess.exe
| O23 - Service: SymWMI Service - Symantec Corporation - C:Program
| FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
| O23 - Service: Journaux et alertes de performance - Unknown -
| C:WINDOWSsystem32smlogsvc.exe
| O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
| O23 - Service: ClichÃ© instantanÃ© de volume - Unknown -
| C:WINDOWSSystem32vssvc.exe
| O23 - Service: Carte de performance WMI - Unknown -
| C:WINDOWSSystem32wbemwmiapsrv.exe
|

Jceel

12/01/2005 à 11:06

"BigRed065" a écrit dans le message de
news:

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar > res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar > res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > www2.canoe.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
C:PROGRA~1COPERN~1COPERN~1.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -
C:Program
FilesGetRightxx2gr.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
FilesNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
C:WINDOWSsystem32lgfe.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
FilesTechSmithSnagIt 7SnagItIEAddin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
C:Program FilesCopernic AgentCopernicAgentExt.dll
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe"
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
Protype32.exe"
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
SharedccApp.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
-AutoStart
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavaj2re1.4.2_06binjusched.exe
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk > C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: Chercher avec Copernic Agent -
res://C:Program FilesCopernic
AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Download with GetRight - C:Program
FilesGetRightGRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:Program
FilesGetRightGRbrowse.htm
O8 - Extra context menu item: Voir les cookies -
C:WINDOWSwebshowcookies.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSsystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent -
{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
AgentCopernicAgent.exe
O9 - Extra button: Copernic Agent -
{688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class)
- http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl
Class) -
http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093686613969
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
http://www.meetstream.com/activex/login4/login.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
http://desync.com/nsvplayx_vp6_aac.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown
Class)
- http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation -
C:Program
FilesFichiers communsSymantec SharedccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque
logique -
Unknown - C:WINDOWSSystem32dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: Journal des événements - Unknown -
C:WINDOWSsystem32services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
C:WINDOWSSystem32imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown -
C:WINDOWSSystem32mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec
Corporation
- C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
C:WINDOWSsystem32npkcsvc.exe
O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance -
Unknown - C:WINDOWSsystem32sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation -
C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 -
C:Program
FilesFichiers communsSC Test Branding 1
SharedServiceSCTestService1.exe
O23 - Service: Carte à puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - C:Program
FilesPhotodexCompuPicProScsiAccess.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: Journaux et alertes de performance - Unknown -
C:WINDOWSsystem32smlogsvc.exe
O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
O23 - Service: Cliché instantané de volume - Unknown -
C:WINDOWSSystem32vssvc.exe
O23 - Service: Carte de performance WMI - Unknown -
C:WINDOWSSystem32wbemwmiapsrv.exe

tu as multiposté ça un peu partout ;-(
sp.dll est bien connue et je t'ai répondu je ne sais plus..... où en
t'envoyant sur pestpatrol

--
@++++Jceel

En vérité je te le dis mais sous O E
internaute indécis pour le HacheuTeuMeuLeu
seul le click droit Control+F deux
la lumière t'apportera C'est ce qu'il y a de mieux
netevangile..selon Jceel.livre du windows.psaume alt-255..verset ÿp
Jceel http://jceel.free.fr l'hyper du gratuit du net
Founding Chairman of the International Pebkac Busters Company

"BigRed065" <BigRed065@discussions.microsoft.com> a écrit dans le message de
news: A7878D52-20A6-4674-BCEE-E7CB1B3FFC01@microsoft.com...

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar > res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar > res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > www2.canoe.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
C:PROGRA~1COPERN~1COPERN~1.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -
C:Program
FilesGetRightxx2gr.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
FilesNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
C:WINDOWSsystem32lgfe.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
FilesTechSmithSnagIt 7SnagItIEAddin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
C:Program FilesCopernic AgentCopernicAgentExt.dll
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe"
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
Protype32.exe"
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
SharedccApp.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
-AutoStart
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavaj2re1.4.2_06binjusched.exe
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk > C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: Chercher avec Copernic Agent -
res://C:Program FilesCopernic
AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Download with GetRight - C:Program
FilesGetRightGRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:Program
FilesGetRightGRbrowse.htm
O8 - Extra context menu item: Voir les cookies -
C:WINDOWSwebshowcookies.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSsystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent -
{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
AgentCopernicAgent.exe
O9 - Extra button: Copernic Agent -
{688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class)
- http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl
Class) -
http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093686613969
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
http://www.meetstream.com/activex/login4/login.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
http://desync.com/nsvplayx_vp6_aac.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown
Class)
- http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation -
C:Program
FilesFichiers communsSymantec SharedccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque
logique -
Unknown - C:WINDOWSSystem32dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: Journal des événements - Unknown -
C:WINDOWSsystem32services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
C:WINDOWSSystem32imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown -
C:WINDOWSSystem32mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec
Corporation
- C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
C:WINDOWSsystem32npkcsvc.exe
O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance -
Unknown - C:WINDOWSsystem32sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation -
C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 -
C:Program
FilesFichiers communsSC Test Branding 1
SharedServiceSCTestService1.exe
O23 - Service: Carte à puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - C:Program
FilesPhotodexCompuPicProScsiAccess.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: Journaux et alertes de performance - Unknown -
C:WINDOWSsystem32smlogsvc.exe
O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
O23 - Service: Cliché instantané de volume - Unknown -
C:WINDOWSSystem32vssvc.exe
O23 - Service: Carte de performance WMI - Unknown -
C:WINDOWSSystem32wbemwmiapsrv.exe

tu as multiposté ça un peu partout ;-(
sp.dll est bien connue et je t'ai répondu je ne sais plus..... où en
t'envoyant sur pestpatrol

--
@++++Jceel

En vérité je te le dis mais sous O E
internaute indécis pour le HacheuTeuMeuLeu
seul le click droit Control+F deux
la lumière t'apportera C'est ce qu'il y a de mieux
netevangile..selon Jceel.livre du windows.psaume alt-255..verset ÿp
Jceel http://jceel.free.fr l'hyper du gratuit du net
Founding Chairman of the International Pebkac Busters Company

Vous avez filtré cet utilisateur ! Consultez son message

"BigRed065" a écrit dans le message de
news:

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar > res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar > res://C:DOCUME~1MathieuLOCALS~1Tempsp.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > www2.canoe.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} -
C:PROGRA~1COPERN~1COPERN~1.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} -
C:Program FilesTechSmithSnagIt 7SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -
C:Program
FilesGetRightxx2gr.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
FilesNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {C900C251-366C-4080-A185-5F4E3919A9E8} -
C:WINDOWSsystem32lgfe.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program
FilesTechSmithSnagIt 7SnagItIEAddin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} -
C:Program FilesCopernic AgentCopernicAgentExt.dll
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe"
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType
Protype32.exe"
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [ccApp] "C:Program FilesFichiers communsSymantec
SharedccApp.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon.exe
-AutoStart
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavaj2re1.4.2_06binjusched.exe
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus!
3MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk > C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: Chercher avec Copernic Agent -
res://C:Program FilesCopernic
AgentCopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Download with GetRight - C:Program
FilesGetRightGRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:Program
FilesGetRightGRbrowse.htm
O8 - Extra context menu item: Voir les cookies -
C:WINDOWSwebshowcookies.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSsystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent -
{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:Program FilesCopernic
AgentCopernicAgent.exe
O9 - Extra button: Copernic Agent -
{688DC797-DC11-46A7-9F1B-445F4F58CE6E} -
C:Program FilesCopernic AgentCopernicAgent.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class)
- http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl
Class) -
http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/316f4cb57470120e2305/netzip/RdxIE601_fr.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093686613969
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {A9F2611F-C7CE-49D7-AEE9-17E9028711C1} (SafeGuard Class) -
http://www.meetstream.com/activex/login4/login.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) -
http://desync.com/nsvplayx_vp6_aac.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) -
http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) -
http://zone.msn.com/bingame/rmcb/default/RumbleCube.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown
Class)
- http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: text/html - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O18 - Filter: text/plain - {51CC35B1-0538-4219-BC2A-96FB348E20CA} -
C:WINDOWSsystem32lgfe.dll
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: Symantec Event Manager - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:Program FilesFichiers communsSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation -
C:Program
FilesFichiers communsSymantec SharedccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque
logique -
Unknown - C:WINDOWSSystem32dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: Journal des événements - Unknown -
C:WINDOWSsystem32services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown -
C:WINDOWSSystem32imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown -
C:WINDOWSSystem32mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec
Corporation
- C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. -
C:WINDOWSsystem32npkcsvc.exe
O23 - Service: Plug-and-Play - Unknown - C:WINDOWSsystem32services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance -
Unknown - C:WINDOWSsystem32sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton
AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation -
C:PROGRA~1FICHIE~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 -
C:Program
FilesFichiers communsSC Test Branding 1
SharedServiceSCTestService1.exe
O23 - Service: Carte à puce - Unknown - C:WINDOWSSystem32SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - C:Program
FilesPhotodexCompuPicProScsiAccess.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:Program
FilesFichiers communsSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: Journaux et alertes de performance - Unknown -
C:WINDOWSsystem32smlogsvc.exe
O23 - Service: Telnet - Unknown - C:WINDOWSSystem32tlntsvr.exe
O23 - Service: Cliché instantané de volume - Unknown -
C:WINDOWSSystem32vssvc.exe
O23 - Service: Carte de performance WMI - Unknown -
C:WINDOWSSystem32wbemwmiapsrv.exe

tu as multiposté ça un peu partout ;-(
sp.dll est bien connue et je t'ai répondu je ne sais plus..... où en
t'envoyant sur pestpatrol

--
@++++Jceel

En vérité je te le dis mais sous O E
internaute indécis pour le HacheuTeuMeuLeu
seul le click droit Control+F deux
la lumière t'apportera C'est ce qu'il y a de mieux
netevangile..selon Jceel.livre du windows.psaume alt-255..verset ÿp
Jceel http://jceel.free.fr l'hyper du gratuit du net
Founding Chairman of the International Pebkac Busters Company

BigRed065

12/01/2005 à 18:15

salut Jceel
oui j'ai posté dans l'internet 6.0 aussi car malgré avoir suivi tout les
conseils que l,on ma donné, rien n'a marché. Le hijack m'empèchait de faire
un scan online avec pestpatrol et toutes les étapes de désintallation du
hijack n'était pas bonne car je ne trouvait aucune des clé / fichier que je
devais modifier / éffacé.

Cependant, hier je me suis rendu compte avec hijackthis qu,il y avait 2
filtres ( O-18 ) html et plain text utilisant lgfe.dll . depuis que j,ai
éffacé lgfe.dll et ces 2 filtres, mon problème c'est réglé. j'aimerais
toujours savoir comment le fichier lgfe.dll ne cessait de se reproduire
malgré son effacement car je crois qu,il reste des fichiers lié a ce hijacker.

Hijack sur mon IE

4 réponses

Veuillez sélectionner un problème