Sujet Précédent Sujet Suivant

Help Lag

Résolu/Fermé
Navid_92 Messages postés 711 Date d'inscription dimanche 7 décembre 2008 Statut Membre Dernière intervention 12 février 2015 - 11 févr. 2009 à 18:07
Navid_92 Messages postés 711 Date d'inscription dimanche 7 décembre 2008 Statut Membre Dernière intervention 12 février 2015 - 14 févr. 2009 à 00:11
Bonjour,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:57:07, on 11/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\OFFICE11\WINWORD.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\Navid\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PSwitch] C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Navid\Local Settings\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe" /min
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://euroafkabparis.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur PC-BaX - Unknown owner - C:\Program Files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

14 réponses

Réponse 1 / 14
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
11 févr. 2009 à 21:16
bonjour, passes toolbar S&D et poste le rapport , Merci

Télécharge ToolBar-S&D ( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

Lances l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar-S&D.
Sélectionnes la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Postes le rapport généré. (C:\TB.txt)
0
Réponse 2 / 14
Navid_92
11 févr. 2009 à 22:30
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Navid ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:113 Go (Free:22 Go)
D:\ (Local Disk) - FAT32 - Total:114 Go (Free:61 Go)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 11/02/2009|22:23 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Navid) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 11/02/2009|22:25 - Option : [1]

-----------\\ Fin du rapport a 22:25:20,81

CORDIALEMENT
EN ATTENTE D UNE REPONSE !
0
Réponse 3 / 14
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
11 févr. 2009 à 22:55
bon , rien de particulier la dessus tu as des problème particulier ??? car je ne vois pas de problème mais passes< malwarebytes par sécurité

Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Il va se mettre à jour une fois faite
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés)

. cliques sur Supprimer la sélection

. Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc
. une fois redémarré double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


0
Réponse 4 / 14
Navid_92
11 févr. 2009 à 23:09
Merci, mon problème n'est pas très important mais tout de même car je sens que mon PC freeze et lag quand je lance une application ou autre.
Je ne sais pas si cela viens de cookies ou virus,..
L'analyse est lancée je te posterai le rapport de midi vers 13h20.
Cordialement
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
11 févr. 2009 à 23:28
ok si tu pense que c'est du à des cookies après malwarebytes tu peux passer ccleaner comme expliqué


passes Ccleaner avec ces réglages LA



télécharge Ccleaner à partir de cette adresses


.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur intaller
.cliques sur fermer
.double-cliques sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
.cochesla première case vieilles données du perfetch que celle-la ce qui te donnes la case vielles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-la
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vériffis en appuiant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.cliques maintenant sur registre et puis sur rechercher les erreurs
.laisses tout cochées et cliques sur réparrer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.cliques sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et fermer tu vériffis en relancant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner



et pour mieux le connaire : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm
0
Réponse 6 / 14
Navid_92
12 févr. 2009 à 08:00
Rebonjour,
Après avoir fait une analyse malware bytes sa m'a écrit un élément infecté mais quand je fait afficher les résultats il n'y avait rien. Quand je veux enregistrer sa me met un message d'erreur. Cela est normal que l'analyse a duré 8 Hours, 54 Minutes, 45 Seconds.
J'utilise CCleaner depuis longtemps et supprime les cookies et autre.
Aurait-tu d'autre idée pour améliorer la vitesse du PC voir baisser les lags.
0
Réponse 7 / 14
Navid_92
12 févr. 2009 à 08:01
Je te remet un rapport hijackthis cela peut toujours t'aider.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:56:57, on 12/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\Navid\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Navid\Local Settings\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe" /min
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://euroafkabparis.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur PC-BaX - Unknown owner - C:\Program Files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
0
Réponse 8 / 14
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
12 févr. 2009 à 21:58
bonjour, bizare que malwarebytes si il te dit avoir trouvé quelque chose ne te l'affiche pas, coté infection sur hijackthis je ne vois rien mais tu peux toujours essayer combofix mais la perso comme c'est un outil à risque je te donne la procédure mais si tu l'utilises tu prends bien soins de suivre les recommendations du tutoriel officiel que tu prendras le temps de lire avant , et surtout de ne pas toucher au pc pendant qu'il travail

Télécharge Combofix.exe de sUBs sur ton Bureau;

tutoriel officiel prend le temps de le lire : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Déconnectes toi d'internet et désactives ton antivirus pour que Combofix puisse s'exécuter normalement.

Doubles clique sur Combofix.exe
Mets le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

tu Ne touches à rien tant que le scan n'est pas terminé.

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.


Une fois le scan achevé, un rapport va s'afficher : Poste son contenu et un nouveau rapport HijackThis

Réactives la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à Internet.

Note : Le rapport se trouve également là : C:\Combofix.txt
0
Réponse 9 / 14
Navid_92 Messages postés 711 Date d'inscription dimanche 7 décembre 2008 Statut Membre Dernière intervention 12 février 2015 87
13 févr. 2009 à 21:18
ComboFix 09-02-12.03 - Navid 2009-02-12 23:01:11.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.249 [GMT 1:00]
Lancé depuis: c:\documents and settings\Navid\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Navid\Application Data\BITS
c:\documents and settings\Navid\Application Data\BITS\BITS.ini
c:\documents and settings\Navid\Application Data\BITS\DHTTable.dat
c:\documents and settings\Navid\Application Data\BITS\ProxyList.ini
c:\documents and settings\Navid\Application Data\BITS\UPnP.ini
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\windows\system32\AutoRun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-12 au 2009-02-12 ))))))))))))))))))))))))))))))))))))
.

2009-02-12 13:13 . 2009-02-12 13:13 <REP> d-------- C:\rsit
2009-02-12 07:17 . 2009-02-08 20:38 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-02-11 23:21 . 2009-02-11 23:21 <REP> d-------- c:\documents and settings\NetworkService\Bureau
2009-02-11 22:23 . 2009-02-12 22:56 <REP> d-------- C:\ToolBar SD
2009-02-11 17:28 . 2009-02-12 07:17 <REP> d-------- c:\windows\Patch Darluok
2009-02-10 21:32 . 2009-02-10 21:32 <REP> d-------- c:\program files\adslTV
2009-02-10 21:05 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\system32\d3dx9_34.dll
2009-02-10 21:05 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\system32\D3DCompiler_34.dll
2009-02-10 21:05 . 2007-05-16 16:45 443,752 --a------ c:\windows\system32\d3dx10_34.dll
2009-02-10 21:05 . 2007-05-31 19:30 266,088 --a------ c:\windows\system32\xactengine2_8.dll
2009-02-10 21:05 . 2007-05-31 19:29 18,280 --a------ c:\windows\system32\x3daudio1_2.dll
2009-02-10 21:01 . 2009-02-10 21:06 103,736 --a------ c:\windows\system32\PnkBstrB.exe
2009-02-10 21:01 . 2009-02-10 21:06 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-02-10 21:01 . 2009-02-10 21:06 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-02-10 21:01 . 2009-02-10 21:01 22,328 --a------ c:\documents and settings\Navid\Application Data\PnkBstrK.sys
2009-02-10 21:01 . 2009-02-10 21:01 319 --a------ c:\windows\game.ini
2009-02-10 20:33 . 2009-02-10 20:33 <REP> d-------- c:\program files\Activision
2009-02-10 13:19 . 2009-02-10 13:19 <REP> d-------- c:\documents and settings\Navid\Application Data\Nvu
2009-02-10 13:16 . 2009-02-10 13:16 <REP> d-------- c:\program files\Nvu
2009-02-09 22:32 . 2009-02-09 22:32 <REP> d-------- c:\program files\Microsoft Works
2009-02-09 22:32 . 2000-10-26 22:48 392,192 -ra------ c:\windows\system32\ltkrn11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 285,184 -ra------ c:\windows\system32\lfcmp11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 262,656 -ra------ c:\windows\system32\ltdis11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 172,032 -ra------ c:\windows\system32\lfpng11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 127,488 -ra------ c:\windows\system32\ltimg11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 118,784 -ra------ c:\windows\system32\ltfil11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 59,392 -ra------ c:\windows\system32\lfwmf11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 36,864 -ra------ c:\windows\system32\lfbmp11n.dll
2009-02-09 22:26 . 2009-02-09 22:26 <REP> dr-h----- C:\MSOCache
2009-02-09 21:23 . 2009-02-09 21:23 <REP> d-------- c:\program files\WinHTTrack
2009-02-09 21:09 . 2009-02-09 21:09 <REP> d-------- C:\profiles
2009-02-09 20:06 . 2009-02-09 20:06 <REP> d-------- c:\temp\ext48948
2009-02-09 20:06 . 2009-02-09 20:06 <REP> d-------- C:\temp
2009-02-09 20:06 . 2009-02-10 00:25 <REP> d-------- c:\program files\Microsoft FrontPage Express
2009-02-09 20:06 . 2009-02-10 00:25 91 --a------ c:\windows\fpxpress.ini
2009-02-09 08:15 . 2009-02-09 08:15 <REP> d-------- c:\program files\VirginMega
2009-02-09 08:14 . 2009-02-09 08:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-06 23:43 . 2009-02-06 23:43 <REP> d-------- c:\documents and settings\Navid\Application Data\Media Player Classic
2009-02-06 23:29 . 2009-02-06 23:29 <REP> d-------- c:\program files\AviSynth 2.5
2009-02-06 23:28 . 2009-02-06 23:28 <REP> d-------- c:\program files\K-Lite Codec Pack
2009-02-06 23:28 . 2008-09-24 19:41 839,680 --a------ c:\windows\system32\lameACM.acm
2009-02-06 23:28 . 2008-12-08 12:53 57,344 --a------ c:\windows\system32\ff_vfw.dll
2009-02-06 23:28 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-02-06 23:28 . 2008-10-03 13:30 414 --a------ c:\windows\system32\lame_acm.xml
2009-02-06 23:25 . 2009-02-06 23:25 <REP> d-------- c:\program files\eRightSoft
2009-02-04 20:53 . 2009-02-04 20:53 <REP> d-------- C:\HLServer
2009-02-03 23:41 . 2009-02-03 23:41 <REP> d-------- c:\program files\MSECache
2009-02-03 19:42 . 2009-02-03 19:43 <REP> d-------- c:\program files\mp3DirectCut
2009-02-03 18:28 . 2009-02-03 18:28 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-02-03 16:13 . 2009-02-12 12:59 <REP> d-------- c:\program files\MovieMaking by LANguille
2009-02-03 09:32 . 2009-02-03 09:32 <REP> d-------- c:\windows\system32\Futuremark
2009-02-03 09:23 . 2009-02-03 09:23 <REP> d-------- C:\865c6e4bf89fb0dd2888b01107c053
2009-02-03 09:22 . 2009-02-03 09:22 <REP> dr-h----- C:\AHCache
2009-02-02 23:33 . 2009-02-02 23:33 262,144 --a------ c:\windows\system32\wrap_oal.dll
2009-02-02 23:33 . 2009-02-02 23:33 86,016 --a------ c:\windows\system32\OpenAL32.dll
2009-02-02 23:22 . 2007-09-07 14:55 27,672 --a------ c:\windows\system32\drivers\Entech.sys
2009-02-02 23:22 . 2007-09-07 14:55 12,744 --a------ c:\windows\system32\drivers\Entech64.sys
2009-02-02 23:22 . 2007-09-07 14:55 6,173 --a------ c:\windows\system32\drivers\Entech.vxd
2009-02-02 23:22 . 2001-11-19 20:05 3,972 --a------ c:\windows\system32\drivers\PciBus.sys
2009-02-02 23:20 . 2009-02-02 23:20 <REP> d-------- c:\program files\Futuremark
2009-02-02 20:03 . 2009-02-03 12:58 <REP> d-------- c:\program files\ATITool
2009-02-02 01:19 . 2009-02-02 01:20 <REP> d-------- c:\documents and settings\Navid\Application Data\Microgaming
2009-02-02 01:18 . 2009-02-02 01:18 <REP> d-------- C:\Microgaming
2009-02-01 20:56 . 2009-02-03 13:43 <REP> d-------- c:\program files\compLexity Demo Player
2009-02-01 20:37 . 2009-01-18 22:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-01 20:33 . 2009-02-03 09:22 <REP> d-------- c:\program files\Lavasoft
2009-02-01 20:33 . 2009-02-03 09:22 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-31 23:06 . 2009-02-03 09:21 <REP> d-------- c:\program files\Pvm
2009-01-31 20:59 . 2009-02-03 12:57 <REP> d-------- C:\Casino
2009-01-31 12:24 . 2009-02-03 09:09 <REP> d-------- c:\program files\Freeplayer
2009-01-31 12:06 . 2009-02-03 09:20 <REP> d-------- c:\program files\FpTest
2009-01-30 21:37 . 2009-01-30 21:37 <REP> d-------- c:\program files\Maïdo Production
2009-01-29 18:20 . 2009-02-03 09:20 <REP> d-------- c:\program files\WinHex
2009-01-29 14:03 . 2009-02-03 12:59 <REP> d-------- c:\program files\ma-config.com
2009-01-29 14:03 . 2009-02-03 12:59 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com
2009-01-28 22:50 . 2009-01-28 22:50 <REP> d-------- c:\documents and settings\Navid\Application Data\Screaming Bee
2009-01-28 22:49 . 2009-02-03 09:19 <REP> d-------- c:\documents and settings\All Users\Application Data\Screaming Bee
2009-01-26 20:17 . 2009-02-03 09:19 <REP> d-------- c:\program files\PhotoFiltre
2009-01-26 13:15 . 2009-02-03 09:13 <REP> d-------- c:\program files\Wakfu
2009-01-24 13:19 . 2009-02-03 09:14 <REP> d-------- c:\program files\No-IP
2009-01-24 13:02 . 2009-02-04 21:54 <REP> d-------- C:\HLDS
2009-01-24 13:00 . 2009-01-24 13:00 0 --a------ c:\documents and settings\Navid\hldsupdatetool.exe
2009-01-24 12:50 . 2009-02-03 09:18 <REP> d-------- C:\srcds
2009-01-23 23:55 . 2009-02-03 09:18 <REP> d-------- c:\documents and settings\Navid\Application Data\Logitech
2009-01-23 23:55 . 2008-09-26 09:52 10,384 --a------ c:\windows\system32\drivers\LBeepKE.sys
2009-01-23 23:54 . 2009-01-23 23:54 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-01-23 23:54 . 2009-01-23 23:54 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-01-23 23:50 . 2008-11-07 16:37 301,656 --a------ c:\windows\system32\BtCoreIf.dll
2009-01-23 23:50 . 2008-11-07 16:38 170,512 --a------ c:\windows\system32\kemutb.dll
2009-01-23 23:50 . 2008-11-07 16:38 145,936 --a------ c:\windows\system32\KemUtil.dll
2009-01-23 23:50 . 2008-11-07 16:38 117,264 --a------ c:\windows\system32\KemWnd.dll
2009-01-23 23:50 . 2008-11-07 16:38 84,496 --a------ c:\windows\system32\KemXML.dll
2009-01-23 23:49 . 2009-02-03 09:17 <REP> d-------- c:\documents and settings\All Users\Application Data\Logitech
2009-01-22 21:26 . 2009-02-03 13:03 <REP> d-------- c:\program files\PowerStrip
2009-01-20 19:40 . 2009-01-20 19:40 1,946 --a------ C:\users.ini
2009-01-19 18:26 . 2009-01-19 18:27 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-18 22:10 . 2009-02-09 21:12 <REP> d-------- C:\Downloads
2009-01-16 20:39 . 2009-01-16 20:39 127,034 -r------- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2009-01-16 20:37 . 2009-01-16 20:37 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-16 20:37 . 2009-01-16 20:37 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-01-16 20:35 . 2009-02-03 09:17 <REP> d-------- c:\program files\Fichiers communs\Logishrd
2009-01-16 20:34 . 2009-01-16 20:38 <REP> d-------- c:\program files\Logitech
2009-01-16 20:34 . 2009-01-16 20:34 <REP> d-------- c:\documents and settings\All Users\Application Data\LogiShrd
2009-01-15 21:20 . 2006-06-27 14:24 31,744 --a------ c:\windows\system32\drivers\AmdTools.sys
2009-01-15 19:40 . 2009-01-15 19:40 <REP> d-------- c:\program files\Custom-Strike
2009-01-15 18:01 . 2009-02-12 22:47 <REP> d-------- c:\program files\Steam
2009-01-15 17:49 . 2009-01-15 17:49 <REP> d-------- c:\documents and settings\Navid\Application Data\Blender Foundation
2009-01-15 13:53 . 2009-02-03 09:18 <REP> d-------- c:\program files\FlashGet
2009-01-13 18:30 . 2009-01-13 18:30 37,440 --a------ c:\windows\system32\drivers\pssdklbf.drv
2009-01-13 18:30 . 2009-01-13 18:30 30,272 --a------ c:\windows\system32\drivers\pssdk31.drv
2009-01-13 17:00 . 2009-01-13 17:00 <REP> d-------- c:\documents and settings\Navid\Application Data\WNR

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 20:17 --------- d-----w c:\program files\eChanblard
2009-02-12 19:12 --------- d-----w c:\documents and settings\Navid\Application Data\HPAppData
2009-02-12 16:27 --------- d-----w c:\documents and settings\Navid\Application Data\mIRC
2009-02-12 16:26 --------- d-----w c:\program files\mIRC
2009-02-12 11:56 --------- d-----w c:\program files\Notepad++
2009-02-12 11:56 --------- d-----w c:\documents and settings\Navid\Application Data\Notepad++
2009-02-12 06:53 --------- d-----w c:\program files\CCleaner
2009-02-11 22:02 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-11 18:15 --------- d-----w c:\program files\Visio11
2009-02-11 18:11 --------- d-----w c:\program files\OFFICE11
2009-02-11 16:29 --------- d-----w c:\program files\World of Warcraft
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-10 20:00 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-10 18:57 --------- d-----w c:\documents and settings\Navid\Application Data\FileZilla
2009-02-10 16:42 --------- d-----w c:\documents and settings\Navid\Application Data\HLSW
2009-02-10 15:29 --------- d-----w c:\documents and settings\Navid\Application Data\teamspeak2
2009-02-10 00:08 --------- d-----w c:\program files\BitComet
2009-02-09 07:11 --------- d-----w c:\program files\Windows Media Connect 2
2009-02-06 22:26 --------- d-----w c:\program files\DivX
2009-02-06 22:25 --------- d-----w c:\program files\MediaCoder
2009-02-05 19:25 --------- d-----w c:\program files\Dofus
2009-02-05 17:44 --------- d-----w c:\program files\Teamspeak2_RC2
2009-02-05 13:38 --------- d-----w c:\documents and settings\Navid\Application Data\dvdcss
2009-02-05 12:53 --------- d-----w c:\documents and settings\Navid\Application Data\Skype
2009-02-05 12:06 --------- d-----w c:\documents and settings\Navid\Application Data\skypePM
2009-02-03 15:59 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-03 12:02 --------- d-----w c:\program files\QuickMediaConverter
2009-02-03 11:58 --------- d-----w c:\program files\Stardock
2009-02-03 08:21 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-03 08:21 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-03 08:20 --------- d-----w c:\program files\HardwareDetection
2009-02-03 08:18 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-02-03 08:17 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2009-02-03 08:07 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-01-31 11:25 --------- d-----w c:\documents and settings\Navid\Application Data\vlc
2009-01-27 23:48 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-01-27 23:48 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-01-27 23:48 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-18 12:54 --------- d-s---w c:\program files\HLSW
2009-01-16 20:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-01-11 21:40 --------- d-----w c:\documents and settings\Navid\Application Data\AVGTOOLBAR
2009-01-10 21:59 --------- d-----w c:\program files\Hewlett-Packard
2009-01-10 12:01 --------- d-----w c:\program files\FileZilla FTP Client
2009-01-09 11:46 --------- d-----w c:\program files\SlySoft
2009-01-07 17:38 --------- d-----w c:\program files\Half-Life Model Viewer
2009-01-06 19:43 --------- d-----w c:\program files\Sony
2009-01-06 19:42 --------- d-----w c:\documents and settings\Navid\Application Data\Hide IP NG
2009-01-06 19:41 --------- d-----w c:\program files\TheMOBIWeb
2009-01-06 19:41 --------- d-----w c:\program files\ElcomSoft
2009-01-06 19:41 --------- d-----w c:\program files\A4Proxy
2009-01-06 18:28 --------- d-----w c:\documents and settings\Navid\Application Data\Mumble
2009-01-06 18:27 --------- d-----w c:\documents and settings\Navid\Application Data\Ventrilo
2009-01-06 18:26 --------- d-----w c:\program files\Mumble
2009-01-06 18:25 --------- d-----w c:\program files\Ventrilo
2009-01-04 18:17 --------- d-----w c:\program files\THQ
2009-01-04 18:17 --------- d-----w c:\program files\Speed Gear 5
2009-01-04 18:17 --------- d-----w c:\program files\Space Taxi 2
2009-01-03 08:07 81,920 ----a-w c:\windows\system32\frapsvid.dll
2009-01-02 14:21 --------- d-----w c:\program files\AVG
2009-01-01 13:43 --------- d-----w c:\program files\Google
2008-12-31 11:43 --------- d-----w c:\documents and settings\All Users\Application Data\rkfree
2008-12-31 11:43 --------- d-----w c:\documents and settings\All Users\Application Data\EmailNotifier
2008-12-30 10:29 1,037,824 ----a-w c:\windows\system32\dllcache\explorer.exe
2008-12-30 10:29 1,037,824 ----a-w c:\windows\explorer.exe
2008-12-29 23:31 --------- d-----w c:\program files\MessenPass
2008-12-28 16:43 --------- d-----w c:\documents and settings\Navid\Application Data\DeepBurner
2008-12-28 16:38 --------- d-----w c:\program files\Astonsoft
2008-12-28 11:31 --------- d-----w c:\program files\Alwil Software
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ----a-w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 09:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-17 18:41 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-17 18:36 --------- d-----w c:\documents and settings\Navid\Application Data\DivX
2008-12-16 18:42 --------- d-----w c:\program files\DLFreeTools
2008-12-14 20:19 --------- d-----w c:\program files\TSO
2008-12-14 20:19 --------- d-----w c:\program files\Trend Micro
2008-12-14 20:19 --------- d-----w c:\program files\Total Video Converter
2008-12-14 20:19 --------- d-----w c:\program files\TMPGEnc-2.524.63.181-Free
2008-12-14 20:19 --------- d-----w c:\program files\Sony Setup
2008-12-14 20:19 --------- d-----w c:\program files\Services en ligne
2008-12-14 20:19 --------- d-----w c:\program files\Red Kawa
2008-12-14 20:19 --------- d-----w c:\program files\RADVideo
2008-12-14 20:19 --------- d-----w c:\program files\Micro Application
2008-12-14 20:19 --------- d-----w c:\program files\deo
2008-12-14 20:19 --------- d-----w c:\program files\Combined Community Codec Pack
2008-12-14 20:17 --------- d-----w c:\program files\QuickTime
2008-12-14 20:17 --------- d-----w c:\program files\PowerQuest
2008-12-14 20:17 --------- d-----w c:\program files\Nuked-Klan
2007-08-24 19:52 300,400 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-02 16:08 1,132,843 --sh--w c:\windows\Config\gimcac.bak1
2007-02-02 11:11 447,240 --sh--w c:\windows\Config\gimcac.bak2
2007-02-02 22:39 469,564 --sh--w c:\windows\Config\gimcac.ini2
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll
2008-09-03 14:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090320080904\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2008-07-27 20:11 1606680 --a------ c:\program files\IsoBuster\tbIsoB.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CursorFX"="c:\program files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
"Google Update"="c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-25 133104]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-12-01 1406192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-28 1601304]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-02-08 509784]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Navid\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-11-17 385024]
Outil de notification Live Search.lnk - c:\documents and settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-02-03 143360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-01-18 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-01-23 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 16:41 72208 c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-28 00:48 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InstantTimeZone.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InstantTimeZone.lnk
backup=c:\windows\pss\InstantTimeZone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PalStart.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PalStart.lnk
backup=c:\windows\pss\PalStart.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-16 10:45 63712 c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a------ 2008-12-01 16:33 1406192 c:\program files\CCleaner\CCleaner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2006-09-28 20:21 57344 c:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps]
--a------ 2008-10-02 23:51 3309224 c:\fraps\fraps.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-11-25 12:56 133104 c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-11-21 03:12 3297280 c:\program files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 18:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2009-02-08 20:26 1410296 c:\program files\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-27 13:12 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
--a------ 2007-03-23 16:13 1006080 c:\program files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2006-11-30 21:49 4662776 c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"Apple Mobile Device"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eChanblard\\emule.exe"=
"c:\\Program Files\\PPLive\\PPLive.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Steam\\SteamApps\\erfan_91\\counter-strike\\hl.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\Program Files\\Gimp-2.0\\lib\\gimp\\2.0\\plug-ins\\script-fu.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Mumble\\murmur.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hltv.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\HLDS\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\counter-strike\\cstrike_french\\hltv.exe"=
"c:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11875:TCP"= 11875:TCP:BitComet 11875 TCP
"11875:UDP"= 11875:UDP:BitComet 11875 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8080:TCP"= 8080:TCP:freebox
"3724:TCP"= 3724:TCP:Blizzard downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"6881:TCP"= 6881:TCP:Blizzard Downloader
"6999:TCP"= 6999:TCP:Blizzard Downloader
"1234:UDP"= 1234:UDP:freeplayer1
"8080:UDP"= 8080:UDP:freeplayer2

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-01 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-02 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-02 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-02 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 298264]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 950096]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-23 10384]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2009-01-15 31744]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [2006-06-28 892032]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-17 27904]
S3 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-08-10 14336]
S3 PortlUSB;PortlUSB;c:\windows\system32\drivers\YH-925.sys [2007-03-22 7552]
S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [2009-01-13 30272]
S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.drv [2009-01-13 37440]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [2006-10-07 408064]
S3 ZDBRGSYS;ZDBRGSYS NDIS Protocol Driver;c:\windows\system32\ZDBRGSYS.sys [2004-06-30 19200]
S4 Planificateur PC-BaX;Planificateur PC-BaX;c:\program files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE --> c:\program files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56c68c10-7ef6-11db-9653-00155839c65c}]
\Shell\AutoRun\command - xfoolavp.com
\Shell\explore\Command - xfoolavp.com
\Shell\open\Command - xfoolavp.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63ccfb54-b640-11dc-98ed-00155839c65c}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7256fa15-d3da-11dc-9920-00155839c65c}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
.
Contenu du dossier 'Tâches planifiées'

2009-02-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-02-08 20:37]

2009-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2009-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1798726482-2359549395-1807667182-1005.job
- c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-25 12:56]

2009-02-09 c:\windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Navid.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []

2009-02-12 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

2008-12-17 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []

2009-02-12 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-FlashGet - c:\program files\FlashGet Network\FlashGet universal\flashget.exe


.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\OFFICE11\EXCEL.EXE/3000
IE: Snip to my eSnips account - c:\program files\eSnips\res\SnipIt.htm
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
Trusted Zone: localhost
TCP: {326DCACC-44CD-4EC8-B37C-9E1690ED69BB} = 212.27.40.240,212.27.40.241
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
FF - ProfilePath - c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-12 23:04:22
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"

[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C0BA4FA4-ECE9-C0BB-C143-8F093903C067}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nahmacmfpjjdnkofbpbejigleccp"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,
61,61,64,69,6f,68,00,00
"mafmnkhfhhkbpnepjhdkcpgopj"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,61,
61,64,69,6f,68,00,f9

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(844)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-02-12 23:06:53
ComboFix-quarantined-files.txt 2009-02-12 22:06:50

Avant-CF: 26,253,332,480 octets libres
Après-CF: 26,224,275,456 octets libres

Current=9 Default=9 Failed=8 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
522 --- E O F --- 2009-02-12 18:01:10


======================================================================================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:13:11, on 13/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
D:\Mumble\dbus-daemon.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Navid\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
0
Réponse 10 / 14
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
13 févr. 2009 à 22:55
bonjour, tu fais ce qui suis car je voudrais savoir si c'est toujours sur le pc donc tu passes otmoveit et tu poste le rappoert et puis et fais un rapport de findykill , Merci

1) Télécharge OTMoveIt3 de OldTimer sur ton Bureau en cliquant sur ce lien :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe pour le lancer.

Vérifie que la case devant "Unregister Dll's and Ocx's est bien cochée.

Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans le cadre de gauche de OTMoveIt : "Paste instructions for item to be moved".

:processes
explorer.exe

:files
c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
c:\windows\system32\AutoRun.inf



:Commands
[purity]
[emptytemp]
[start explorer]
[reboot]



Clique sur "MoveIt!" pour lancer la suppression.

Le résultat apparaitra dans le cadre "Results".

Clique sur "Exit" pour fermer.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom xxxxxx_xxxxxxxxxx.log .

Il te sera peut-être demander de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.




2) Télécharge FindyKill (de Chiquitine29) merci à lui de nous l'avoir remis en ligne !!!

.Fais un double-clique sur le lien

.enregistres le sur bureau

.Lances l'installation avec les paramètres par défaut

.Double-clique sur le raccourci FindyKill sur ton bureau

.Au menu principal, choisis l'option 1 (Recherche)

.Postes le rapport C:/FindyKill.txt (il est sauvegardé à la racine du disque dur)

tutoriel si besoin: https://www.malekal.com/tutorial-findykill/



0
Réponse 11 / 14
Navid_92 Messages postés 711 Date d'inscription dimanche 7 décembre 2008 Statut Membre Dernière intervention 12 février 2015 87
13 févr. 2009 à 23:30
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe not found.
File/Folder c:\windows\system32\AutoRun.inf not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Navid\LOCALS~1\Temp\etilqs_iXsPUQyvvYZYJAllehTu scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Navid\LOCALS~1\Temp\~DFA5D.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02132009_231905

Files moved on Reboot...
File C:\DOCUME~1\Navid\LOCALS~1\Temp\etilqs_iXsPUQyvvYZYJAllehTu not found!
C:\DOCUME~1\Navid\LOCALS~1\Temp\~DFA5D.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\XUL.mfl moved successfully.
0
Réponse 12 / 14
Navid_92 Messages postés 711 Date d'inscription dimanche 7 décembre 2008 Statut Membre Dernière intervention 12 février 2015 87
13 févr. 2009 à 23:33
############################## [ FindyKill V4.716 ]

# User : Navid (Utilisateurs du Bureau à distance) # NAV
# Update on 10/02/09 by Chiquitine29
# Start at: 23:27:50 | 13/02/2009

# AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : AVG Anti-Virus Free 8.0 [ Enabled | Updated ]

# C:\ # Disque fixe local (saeed) # NTFS
# D:\ # Disque fixe local (ACERDATA) # FAT32
# E:\ # Disque CD-ROM
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# K:\ # Disque amovible

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers / Dossiers infectieux C:\ ]


################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\Prefetch ]


################## [ C:\WINDOWS\system32 ]


################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\Documents and Settings\Navid\Application Data ]


################## [ C:\DOCUME~1\Navid\LOCALS~1\Temp ]


################## [ Registre / Clés infectieuses ]



################## [ Etat / Services ]

# Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio # Type de démarrage = 3

EapHost # Type de démarrage = 3

Ip6Fw # Type de démarrage = 3

SharedAccess # Type de démarrage = 2

wuauserv # Type de démarrage = 2

wscsvc # Type de démarrage = 2


################## [ Recherche dans supports amovibles]

# presence des fichiers :


################## [ Registre / Mountpoint2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.716 ! ]

0
Réponse 13 / 14
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
14 févr. 2009 à 00:03
bonjour, pour moi c'est bon normalement plus rien sur le pc
0
Réponse 14 / 14
Navid_92 Messages postés 711 Date d'inscription dimanche 7 décembre 2008 Statut Membre Dernière intervention 12 février 2015 87
14 févr. 2009 à 00:11
Je te remercii pour ton aide
0

Discussions similaires

Souris qui lag , saccade
Naafuunaa -
Ojey -

32 réponses
Pc très lent du jour au lendemain
Zelaz93330 -
Malekal_morte- -

33 réponses
Éviter le lag en streaming
erwan21a -
mec123 -

13 réponses
Mon pc rame sans raison
BlueSiide -
Alex -

4 réponses
Smart IPTV met un temps fou à charger depuis que je suis passé à la fibre
Ancaro13 -
glandu -

3 réponses