plus accès aide et support souris difficile ?Résolu/Fermé

Question

Bonjour,

Quand je suis sur mon ordinateur, je rencontre quelques soucis, je n'ai plus accès à l'aide et support, la fonction rechercher ne fonctionne plus, et ma souris sans fil semble comme magnétisée sur le bureau, j'en aurais le poignet fatigué, l'anti virus ne donne rien kaspersky et Spyboot  non plus.
Je serais désireuse de faire une analyse avec hijackthis, cela est -il possible par l'un d'entre vous ?

Merci

Regis59 · Answer

Salut

Oui.

télécharge HijackThis ici: 
http://telechargement.zebulon.fr/138-hijackthis-1991.html 

Dézippe le dans un dossier prévu à cet effet. 
Par exemple C:\hijackthis < Enregistre le bien dans c : ! 
Démo : (Merci a Balltrap34 pour cette réalisation)   
http://pageperso.aol.fr/balltrap34/Hijenr.gif 
	
Lance le puis: 
clique sur "do a system scan and save logfile" (cf démo) 
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)   
http://pageperso.aol.fr/balltrap34/demohijack.htm
	
Bon courage

A+

LILYBELL · Answer

Bonsoir,

Je suis rentrée du travail et vous adresse au plus vite, le log pour lequel, j'ai souhaité de votre part une analyse

Logfile of HijackThis v1.99.1
Scan saved at 22:32:24, on 18/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32
etdde.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\StudioLine Photo Basic\NMSAccess.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Belgacom Skynet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Synchronization Manager] C:\WINDOWS\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Micro Application Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL (file missing)
O9 - Extra 'Tools' menuitem: Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32B2E503-04E8-4D40-9DA0-9B855C1ABB4F}: NameServer = 212.68.193.32,212.68.193.30
O18 - Protocol: bw+0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw+0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw-0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw-0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw00 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw00s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw10 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw10s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw20 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw20s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw30 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw30s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw40 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw40s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw50 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw50s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw60 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw60s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw70 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw70s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw80 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw80s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw90 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw90s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwa0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwa0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwb0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwb0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwc0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwc0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwd0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwd0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwe0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwe0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwf0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwf0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: bwg0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwg0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwh0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwh0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwi0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwi0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwj0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwj0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwk0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwk0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwl0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwl0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwm0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwm0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwn0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwn0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwo0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwo0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwp0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwp0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwq0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwq0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwr0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwr0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bws0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bws0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwt0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwt0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwu0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwu0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwv0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwv0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bww0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bww0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwx0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwx0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwy0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwy0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwz0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwz0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: offline-8876480 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: AdobeVersionCue - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\StudioLine Photo Basic\NMSAccess.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - (no file)
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

Grand merci pour votre aide, je compte sur votre bonne volonté pour la suite, je suis dans le groupe des 3 x 20ans alors, il faut tout expliquer au pas à pas.
est-il possible de communiquer une seconde adresse mail ?

A bientôt

Regis59 · Answer

ok

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

LILYBELL · Answer

Bonsoir,


Je vous adresse le log pour lequel j'ai demandé une analyse de votre part, celui-ci vous est adresssé de mon domicile.
je compte beaucoup sur vous pour me venir en aide, au besoin, puis-je communiquer une seconde adresse mail ?

Logfile of HijackThis v1.99.1
Scan saved at 2:35:57, on 19/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32
etdde.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\StudioLine Photo Basic\NMSAccess.exe
C:\WINDOWS\System32	cpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Belgacom Skynet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Synchronization Manager] C:\WINDOWS\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Micro Application Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL (file missing)
O9 - Extra 'Tools' menuitem: Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32B2E503-04E8-4D40-9DA0-9B855C1ABB4F}: NameServer = 212.68.193.32,212.68.193.30
O18 - Protocol: bw+0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw+0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw-0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw-0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw00 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw00s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw10 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw10s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw20 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw20s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw30 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw30s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw40 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw40s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw50 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw50s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw60 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw60s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw70 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw70s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw80 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw80s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw90 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bw90s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwa0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwa0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwb0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwb0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwc0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwc0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwd0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwd0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwe0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwe0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwf0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwf0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: bwg0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwg0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwh0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwh0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwi0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwi0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwj0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwj0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwk0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwk0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwl0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwl0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwm0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwm0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwn0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwn0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwo0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwo0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwp0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwp0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwq0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwq0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwr0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwr0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bws0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bws0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwt0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwt0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwu0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwu0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwv0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwv0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bww0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bww0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwx0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwx0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwy0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwy0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwz0 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: bwz0s - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O18 - Protocol: offline-8876480 - {28302BB8-9688-495E-AC5E-15D8B7437436} - (no file)
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: AdobeVersionCue - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\StudioLine Photo Basic\NMSAccess.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - (no file)
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe



A bientôt

lilybell · Answer

Bonsoir, Suite à votre demande, voici le rapport d'analyse CamboFix ComboFix 07-09-18.4 - "Rose-Marie" 2007-09-19 21:26:44.1 - NTFSx86 Microsoft Windows XP dition familiale 5.1.2600.2.1252.33.1036.18.201 [GMT 2:00] * Created a new restore point . [i] ADS - svchost.exe: deleted 88 bytes in 2 streams. [/i] (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\pack.epk C:\WINDOWS\system32\_000008_.tmp.dll C:\WINDOWS\system32\ddblleg.dat C:\WINDOWS\system32\ddblleg.exe C:\WINDOWS\system32\ddblleg_nav.dat C:\WINDOWS\system32\ddblleg_navps.dat C:\WINDOWS\system32\MabryObj.dll C:\WINDOWS\system32 vs2.inf . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-19 to 2007-09-19 )))))))))))))))))))))))))))))))))))) . 2007-09-19 21:24 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-18 00:25 d-------- C:\bootcd 2007-09-16 13:18 d-------- C:\Program Files\R‚cuperation fichier avec logiciel restoration 2007-09-16 00:00 34,480 --------- C:\WINDOWS\hpomdl03.dat 2007-09-16 00:00 29,204 --a------ C:\WINDOWS\hpoins03.dat 2007-09-11 23:54 d-------- C:\Program Files\PC Inspector File Recovery 2007-09-02 20:08 d-------- C:\Program Files\Hijackthis Version Fran‡aise 2007-09-02 06:15 d-------- C:\Program Files\Hijackthis 03092007 2007-09-01 15:44 d-------- C:\Program Files\spybot seach and destroy 01092007 2007-08-21 19:55 527,850 --a------ C:\WINDOWS\system32\perfh040.dat 2007-08-21 19:55 101,744 --a------ C:\WINDOWS\system32\perfc040.dat 2007-08-20 19:33 d-------- C:\DOCUME~1\ROSE-M~1\APPLIC~1\Genie-Soft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-19 21:40 695328 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-09-19 21:40 11737632 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-19 21:38 66140 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2007-09-19 21:38 158012 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-17 22:20 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater 2007-09-16 13:44 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-12 00:12 --------- d-------- C:\Program Files\Zeb-Utility 2007-09-09 17:42 --------- d-------- C:\Program Files\Registry Mechanic 2007-09-08 20:38 --------- d-------- C:\Program Files\HP 2007-09-08 15:44 --------- d-------- C:\DOCUME~1\ROSE-M~1\APPLIC~1\Image Zone Express 2007-09-01 16:29 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-08-29 20:12 --------- d-------- C:\DOCUME~1\ROSE-M~1\APPLIC~1\Lavasoft 2007-08-24 19:38 --------- d-------- C:\Program Files\CCleaner 2007-08-24 19:37 --------- d-------- C:\Program Files\Yahoo! 2007-08-18 19:38 --------- d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-08-18 19:25 --------- d-------- C:\Program Files\Registry Fast 2007-08-03 18:56 720896 --a------ C:\WINDOWS\iun6002.exe 2007-08-01 20:30 --------- d-------- C:\Program Files hemexp 2007-07-30 18:41 --------- d-------- C:\Program Files\Micro Application 2007-07-28 17:37 --------- d-------- C:\Program Files\Google 2007-07-21 19:04 60416 --a------ C:\WINDOWS bap350.dll 2007-07-21 19:04 54784 --a------ C:\WINDOWS\RBQT350.DLL 2006-02-19 04:28 12288 --a--c--- C:\WINDOWS\Fonts\RandFont.dll 2005-11-30 21:51 21 --a--c--- C:\Program Files\Fichiers communs\appop.log 2005-08-27 22:58 774144 --a------ C:\Program Files\RngInterstitial.dll 2005-03-24 16:24 976020 --a------ C:\Program Files\BDAXP.cab 2005-03-24 16:24 911188 --a------ C:\Program Files\Apr2005_MDX_x86.cab 2005-03-24 16:24 72400 --a--c--- C:\Program Files\DSETUP.dll 2005-03-24 16:24 703080 --a------ C:\Program Files\BDA.cab 2005-03-24 16:24 66520 --a------ C:\Program Files\dxupdate.cab 2005-03-24 16:24 480976 --a------ C:\Program Files\DXSETUP.exe 2005-03-24 16:24 2245328 --a--c--- C:\Program Files\dsetup32.dll 2005-03-24 16:24 15493481 --a--c--- C:\Program Files\DirectX.cab 2005-03-24 16:24 1348242 --a------ C:\Program Files\Apr2005_d3dx9_25_x64.cab 2005-03-24 16:24 13265040 --a--c--- C:\Program Files\dxnt.cab 2005-03-24 16:24 1156363 --a------ C:\Program Files\BDANT.cab 2005-03-24 16:24 1079850 --a------ C:\Program Files\Apr2005_d3dx9_25_x86.cab --------- C:\Program Files\Récuperation fichier avec logiciel restoration --------- C:\Program Files\Hijackthis Version Française 2005-07-29 19:53:07 1,001 --sha-w C:\WINDOWS\system32\mmf.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-11-08 18:28] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54] "NWEReboot"="" [] "AdobeVersionCue"="C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [] "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 17:24 C:\WINDOWS\system32\Ati2mdxx.exe] "ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 22:10] "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 12:31] "Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-20 01:09] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-12-16 22:37] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-12-16 22:39] "LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-12-16 22:37] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 03:41] "RegistryMechanic"="" [] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2005-09-16 09:47] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe" [] C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\ Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-07-25 18:52:40] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsMenu"=0 (0x0) "NoFavoritesMenu"=0 (0x0) "NoWinKeys"=1 (0x1) "NoViewOnDrive"=0 (0x0) "NoRecentDocsHistory"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"= sockspy.dll sockspy.dll sockspy.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Intégrateur Diagonal 32 bits.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Intégrateur Diagonal 32 bits.lnk backup=C:\WINDOWS\pss\Intégrateur Diagonal 32 bits.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rose-Marie^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] path=C:\Documents and Settings\Rose-Marie\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange] Ati2mdxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ddblleg] c:\windows\system32\ddblleg.exe ddblleg [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gwirmvl] c:\windows\system32\gwirmvl.exe gwirmvl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] ???? [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager] C:\WINDOWS\system32\mobsync.exe /logon [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToniArts EasyCleaner] "C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe" -s -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck] %systemroot%\system32\dumprep 0 -u [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=2 (0x2) "WZCSVC"=2 (0x2) "WudfSvc"=2 (0x2) "wuauserv"=2 (0x2) "wscsvc"=2 (0x2) "WMPNetworkSvc"=2 (0x2) "WmiApSrv"=2 (0x2) "WmdmPmSN"=2 (0x2) "winmgmt"=2 (0x2) "WebClient"=2 (0x2) "W32Time"=2 (0x2) "VSS"=2 (0x2) "VCSSecS"=2 (0x2) "UPS"=2 (0x2) "upnphost"=2 (0x2) "TrkWks"=2 (0x2) "Themes"=2 (0x2) "TermService"=2 (0x2) "TapiSrv"=2 (0x2) "SysmonLog"=2 (0x2) "SwPrv"=2 (0x2) "stisvc"=3 (0x3) "SSDPSRV"=2 (0x2) "srservice"=2 (0x2) "Spooler"=2 (0x2) "SNMPTRAP"=2 (0x2) "SNMP"=2 (0x2) "SLService"=2 (0x2) "ShellHWDetection"=2 (0x2) "SharedAccess"=2 (0x2) "SerialKeys"=2 (0x2) "SENS"=2 (0x2) "seclogon"=2 (0x2) "Schedule"=2 (0x2) "SCardSvr"=2 (0x2) "SamSs"=2 (0x2) "RSVP"=2 (0x2) "RemoteAccess"=2 (0x2) "RDSessMgr"=2 (0x2) "RasMan"=2 (0x2) "RasAuto"=2 (0x2) "ProtectedStorage"=2 (0x2) "PolicyAgent"=2 (0x2) "Pml Driver HPZ12"=2 (0x2) "PlugPlay"=2 (0x2) "ose"=2 (0x2) "NtmsSvc"=2 (0x2) "NtLmSsp"=2 (0x2) "NMSAccess"=2 (0x2) "Nla"=2 (0x2) "Netman"=2 (0x2) "Netlogon"=2 (0x2) "NetDDEdsdm"=2 (0x2) "NetDDE"=2 (0x2) "MSIServer"=2 (0x2) "MSDTC"=2 (0x2) "mnmsrvc"=2 (0x2) "MDM"=2 (0x2) "LPDSVC"=2 (0x2) "LmHosts"=2 (0x2) "LicCtrlService"=2 (0x2) "lanmanworkstation"=2 (0x2) "lanmanserver"=2 (0x2) "ImapiService"=2 (0x2) "HTTPFilter"=2 (0x2) "HidServ"=2 (0x2) "helpsvc"=2 (0x2) "gusvc"=2 (0x2) "Fax"=2 (0x2) "FastUserSwitchingCompatibility"=2 (0x2) "EventSystem"=2 (0x2) "Eventlog"=2 (0x2) "ERSvc"=2 (0x2) "Dnscache"=2 (0x2) "dmserver"=2 (0x2) "dmadmin"=2 (0x2) "Dhcp"=2 (0x2) "CryptSvc"=3 (0x3) "COMSysApp"=2 (0x2) "clr_optimization_v2.0.50727_32"=3 (0x3) "ClipSrv"=2 (0x2) "cisvc"=2 (0x2) "CCALib8"=2 (0x2) "C-DillaCdaC11BA"=2 (0x2) "Browser"=2 (0x2) "Boonty Games"=2 (0x2) "BITS"=3 (0x3) "avast! Web Scanner"=3 (0x3) "avast! Mail Scanner"=3 (0x3) "avast! Antivirus"=2 (0x2) "AudioSrv"=2 (0x2) "ATI Smart"=2 (0x2) "aswUpdSv"=2 (0x2) "aspnet_state"=3 (0x3) "AppMgmt"=2 (0x2) "ALG"=2 (0x2) "Alerter"=2 (0x2) "Adobe LM Service"=3 (0x3) "AcrSch2Svc"=2 (0x2) "SimpTcp"=2 (0x2) "Messenger"=2 (0x2) "hpdjaio"=2 (0x2) "AVP"=2 (0x2) R0 snapman;Acronis Snapshots Manager;C:\WINDOWS\system32\DRIVERS\snapman.sys R1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys R1 vcsmpdrv;vcsmpdrv;C:\WINDOWS\system32\DRIVERS\vcsmpdrv.sys R2 LicCtrlService;LicCtrl Service;rundll32.exe C:\WINDOWS\mmfs.dll,Service R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" S3 tj2knd5;Terayon Cable Modem (NDIS);C:\WINDOWS\system32\DRIVERS j2knd5.sys S3 tj2kunic;Terayon Cable Modem (WDM);C:\WINDOWS\system32\DRIVERS j2kunic.sys . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-03 17:57:00 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#hp psc 2500 series#1070704385.job" - C:\Program Files\HP\hpcoretech\comp\hpdarc.exe "2007-09-19 19:39:47 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe "2006-12-13 19:01:08 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job" - C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe "2007-09-03 18:00:00 C:\WINDOWS\Tasks\XoftSpy.job" - C:\Program Files\XoftSpy\XoftSpy.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-19 21:40:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-19 21:43:18 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-19 21:43 . --- E O F --- Par avance merci de votre aide et de votre patience A bientôt

lilybell · Answer

Bonsoir, Voici le résultat de l'analyse ComboFix demandée. ComboFix 07-09-18.4 - "Rose-Marie" 2007-09-19 21:26:44.1 - NTFSx86 Microsoft Windows XP dition familiale 5.1.2600.2.1252.33.1036.18.201 [GMT 2:00] * Created a new restore point . [i] ADS - svchost.exe: deleted 88 bytes in 2 streams. [/i] (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\pack.epk C:\WINDOWS\system32\_000008_.tmp.dll C:\WINDOWS\system32\ddblleg.dat C:\WINDOWS\system32\ddblleg.exe C:\WINDOWS\system32\ddblleg_nav.dat C:\WINDOWS\system32\ddblleg_navps.dat C:\WINDOWS\system32\MabryObj.dll C:\WINDOWS\system32 vs2.inf . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-19 to 2007-09-19 )))))))))))))))))))))))))))))))))))) . 2007-09-19 21:24 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-18 00:25 d-------- C:\bootcd 2007-09-16 13:18 d-------- C:\Program Files\R‚cuperation fichier avec logiciel restoration 2007-09-16 00:00 34,480 --------- C:\WINDOWS\hpomdl03.dat 2007-09-16 00:00 29,204 --a------ C:\WINDOWS\hpoins03.dat 2007-09-11 23:54 d-------- C:\Program Files\PC Inspector File Recovery 2007-09-02 20:08 d-------- C:\Program Files\Hijackthis Version Fran‡aise 2007-09-02 06:15 d-------- C:\Program Files\Hijackthis 03092007 2007-09-01 15:44 d-------- C:\Program Files\spybot seach and destroy 01092007 2007-08-21 19:55 527,850 --a------ C:\WINDOWS\system32\perfh040.dat 2007-08-21 19:55 101,744 --a------ C:\WINDOWS\system32\perfc040.dat 2007-08-20 19:33 d-------- C:\DOCUME~1\ROSE-M~1\APPLIC~1\Genie-Soft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-19 21:40 695328 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-09-19 21:40 11737632 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-19 21:38 66140 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2007-09-19 21:38 158012 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-17 22:20 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater 2007-09-16 13:44 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-12 00:12 --------- d-------- C:\Program Files\Zeb-Utility 2007-09-09 17:42 --------- d-------- C:\Program Files\Registry Mechanic 2007-09-08 20:38 --------- d-------- C:\Program Files\HP 2007-09-08 15:44 --------- d-------- C:\DOCUME~1\ROSE-M~1\APPLIC~1\Image Zone Express 2007-09-01 16:29 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-08-29 20:12 --------- d-------- C:\DOCUME~1\ROSE-M~1\APPLIC~1\Lavasoft 2007-08-24 19:38 --------- d-------- C:\Program Files\CCleaner 2007-08-24 19:37 --------- d-------- C:\Program Files\Yahoo! 2007-08-18 19:38 --------- d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-08-18 19:25 --------- d-------- C:\Program Files\Registry Fast 2007-08-03 18:56 720896 --a------ C:\WINDOWS\iun6002.exe 2007-08-01 20:30 --------- d-------- C:\Program Files hemexp 2007-07-30 18:41 --------- d-------- C:\Program Files\Micro Application 2007-07-28 17:37 --------- d-------- C:\Program Files\Google 2007-07-21 19:04 60416 --a------ C:\WINDOWS bap350.dll 2007-07-21 19:04 54784 --a------ C:\WINDOWS\RBQT350.DLL 2006-02-19 04:28 12288 --a--c--- C:\WINDOWS\Fonts\RandFont.dll 2005-11-30 21:51 21 --a--c--- C:\Program Files\Fichiers communs\appop.log 2005-08-27 22:58 774144 --a------ C:\Program Files\RngInterstitial.dll 2005-03-24 16:24 976020 --a------ C:\Program Files\BDAXP.cab 2005-03-24 16:24 911188 --a------ C:\Program Files\Apr2005_MDX_x86.cab 2005-03-24 16:24 72400 --a--c--- C:\Program Files\DSETUP.dll 2005-03-24 16:24 703080 --a------ C:\Program Files\BDA.cab 2005-03-24 16:24 66520 --a------ C:\Program Files\dxupdate.cab 2005-03-24 16:24 480976 --a------ C:\Program Files\DXSETUP.exe 2005-03-24 16:24 2245328 --a--c--- C:\Program Files\dsetup32.dll 2005-03-24 16:24 15493481 --a--c--- C:\Program Files\DirectX.cab 2005-03-24 16:24 1348242 --a------ C:\Program Files\Apr2005_d3dx9_25_x64.cab 2005-03-24 16:24 13265040 --a--c--- C:\Program Files\dxnt.cab 2005-03-24 16:24 1156363 --a------ C:\Program Files\BDANT.cab 2005-03-24 16:24 1079850 --a------ C:\Program Files\Apr2005_d3dx9_25_x86.cab --------- C:\Program Files\Récuperation fichier avec logiciel restoration --------- C:\Program Files\Hijackthis Version Française 2005-07-29 19:53:07 1,001 --sha-w C:\WINDOWS\system32\mmf.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-11-08 18:28] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54] "NWEReboot"="" [] "AdobeVersionCue"="C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [] "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 17:24 C:\WINDOWS\system32\Ati2mdxx.exe] "ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 22:10] "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 12:31] "Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-20 01:09] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-12-16 22:37] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-12-16 22:39] "LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-12-16 22:37] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 03:41] "RegistryMechanic"="" [] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2005-09-16 09:47] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe" [] C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\ Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-07-25 18:52:40] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsMenu"=0 (0x0) "NoFavoritesMenu"=0 (0x0) "NoWinKeys"=1 (0x1) "NoViewOnDrive"=0 (0x0) "NoRecentDocsHistory"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"= sockspy.dll sockspy.dll sockspy.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Intégrateur Diagonal 32 bits.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Intégrateur Diagonal 32 bits.lnk backup=C:\WINDOWS\pss\Intégrateur Diagonal 32 bits.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rose-Marie^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] path=C:\Documents and Settings\Rose-Marie\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange] Ati2mdxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ddblleg] c:\windows\system32\ddblleg.exe ddblleg [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gwirmvl] c:\windows\system32\gwirmvl.exe gwirmvl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] ???? [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager] C:\WINDOWS\system32\mobsync.exe /logon [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToniArts EasyCleaner] "C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe" -s -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck] %systemroot%\system32\dumprep 0 -u [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=2 (0x2) "WZCSVC"=2 (0x2) "WudfSvc"=2 (0x2) "wuauserv"=2 (0x2) "wscsvc"=2 (0x2) "WMPNetworkSvc"=2 (0x2) "WmiApSrv"=2 (0x2) "WmdmPmSN"=2 (0x2) "winmgmt"=2 (0x2) "WebClient"=2 (0x2) "W32Time"=2 (0x2) "VSS"=2 (0x2) "VCSSecS"=2 (0x2) "UPS"=2 (0x2) "upnphost"=2 (0x2) "TrkWks"=2 (0x2) "Themes"=2 (0x2) "TermService"=2 (0x2) "TapiSrv"=2 (0x2) "SysmonLog"=2 (0x2) "SwPrv"=2 (0x2) "stisvc"=3 (0x3) "SSDPSRV"=2 (0x2) "srservice"=2 (0x2) "Spooler"=2 (0x2) "SNMPTRAP"=2 (0x2) "SNMP"=2 (0x2) "SLService"=2 (0x2) "ShellHWDetection"=2 (0x2) "SharedAccess"=2 (0x2) "SerialKeys"=2 (0x2) "SENS"=2 (0x2) "seclogon"=2 (0x2) "Schedule"=2 (0x2) "SCardSvr"=2 (0x2) "SamSs"=2 (0x2) "RSVP"=2 (0x2) "RemoteAccess"=2 (0x2) "RDSessMgr"=2 (0x2) "RasMan"=2 (0x2) "RasAuto"=2 (0x2) "ProtectedStorage"=2 (0x2) "PolicyAgent"=2 (0x2) "Pml Driver HPZ12"=2 (0x2) "PlugPlay"=2 (0x2) "ose"=2 (0x2) "NtmsSvc"=2 (0x2) "NtLmSsp"=2 (0x2) "NMSAccess"=2 (0x2) "Nla"=2 (0x2) "Netman"=2 (0x2) "Netlogon"=2 (0x2) "NetDDEdsdm"=2 (0x2) "NetDDE"=2 (0x2) "MSIServer"=2 (0x2) "MSDTC"=2 (0x2) "mnmsrvc"=2 (0x2) "MDM"=2 (0x2) "LPDSVC"=2 (0x2) "LmHosts"=2 (0x2) "LicCtrlService"=2 (0x2) "lanmanworkstation"=2 (0x2) "lanmanserver"=2 (0x2) "ImapiService"=2 (0x2) "HTTPFilter"=2 (0x2) "HidServ"=2 (0x2) "helpsvc"=2 (0x2) "gusvc"=2 (0x2) "Fax"=2 (0x2) "FastUserSwitchingCompatibility"=2 (0x2) "EventSystem"=2 (0x2) "Eventlog"=2 (0x2) "ERSvc"=2 (0x2) "Dnscache"=2 (0x2) "dmserver"=2 (0x2) "dmadmin"=2 (0x2) "Dhcp"=2 (0x2) "CryptSvc"=3 (0x3) "COMSysApp"=2 (0x2) "clr_optimization_v2.0.50727_32"=3 (0x3) "ClipSrv"=2 (0x2) "cisvc"=2 (0x2) "CCALib8"=2 (0x2) "C-DillaCdaC11BA"=2 (0x2) "Browser"=2 (0x2) "Boonty Games"=2 (0x2) "BITS"=3 (0x3) "avast! Web Scanner"=3 (0x3) "avast! Mail Scanner"=3 (0x3) "avast! Antivirus"=2 (0x2) "AudioSrv"=2 (0x2) "ATI Smart"=2 (0x2) "aswUpdSv"=2 (0x2) "aspnet_state"=3 (0x3) "AppMgmt"=2 (0x2) "ALG"=2 (0x2) "Alerter"=2 (0x2) "Adobe LM Service"=3 (0x3) "AcrSch2Svc"=2 (0x2) "SimpTcp"=2 (0x2) "Messenger"=2 (0x2) "hpdjaio"=2 (0x2) "AVP"=2 (0x2) R0 snapman;Acronis Snapshots Manager;C:\WINDOWS\system32\DRIVERS\snapman.sys R1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys R1 vcsmpdrv;vcsmpdrv;C:\WINDOWS\system32\DRIVERS\vcsmpdrv.sys R2 LicCtrlService;LicCtrl Service;rundll32.exe C:\WINDOWS\mmfs.dll,Service R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" S3 tj2knd5;Terayon Cable Modem (NDIS);C:\WINDOWS\system32\DRIVERS j2knd5.sys S3 tj2kunic;Terayon Cable Modem (WDM);C:\WINDOWS\system32\DRIVERS j2kunic.sys . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-03 17:57:00 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#hp psc 2500 series#1070704385.job" - C:\Program Files\HP\hpcoretech\comp\hpdarc.exe "2007-09-19 19:39:47 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe "2006-12-13 19:01:08 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job" - C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe "2007-09-03 18:00:00 C:\WINDOWS\Tasks\XoftSpy.job" - C:\Program Files\XoftSpy\XoftSpy.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-19 21:40:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-19 21:43:18 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-19 21:43 . --- E O F ---

Regis59 · Answer

ok

Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

LILYBELL · Answer

Bonsoir,

Voici le nouveau rapport demandé
Search Navipromo version 3.0.4 commencé le jeu. 20/09/2007 à 18:34:31,09

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files
avilog1
Mise a jour le 19.09.2007 a 15h00 by IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11 


*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\Rose-Marie\Application Data ***


*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.

[+] Started on 09/20/07 at 18:34:34.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ........................................................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 09/20/07 at 18:46:33 (return code = 0).


*** Recherche avec GenericNaviSearch ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!

* Scan C:\WINDOWS\system32 *

Fichiers trouvés :

Aucun Fichier trouvé !

Fichiers suspects :

Aucun Fichier suspect trouvé !



*** Recherche fichiers *** 




*** Recherche cles registre ***



*** Module de Recherche complémentaire *** 
(Recherche fichiers spécifiques) 
 
1)Recherche fichiers connus:

2)Recherche Heuristique :

Encore une fois grand merci de votre aide - Bonne nouvelle j'ai remédié au problème de ma souris, matériel défectueux une pièce intérieure usagée

Regis59 · Answer

ok

ou en sont tes soucis

merci

a+

LILYBELL · Answer

Re Bonsoir,


Mon souci  perturbant pour moi, est de ne plus avoir accès à la rubrique aide et support ou à la fonction " rechercher".
Il me semble après analyses, ne pas avoir un pc infecté et donc, je pense peut être rencontrer un problème au niveau des fichiers windows.
Que pensez-vous ? Dès lors, je sais ne pas me trouver dans le bon forum, mais puisque vous m'aider, si cela est possible, je continue avec vous.

Bonne soirée

Regis59 · Answer

Salut

Par Démarrer/Exécuter... (ou Windows+r), saisir la commande regsvr32 %systemroot%\srchasst\srchui.dll
Une boîte de dialogue informera que la librairie est enregistrée. 

Regarde si la fonction Recherche remarche.

a+

LILYBELL · Answer

Bonsoir,

Je viens à l'instant d'exécuter cette commande  et après le OK, j'ai cette réponse " Aucun programmen'est associé à ce fichier pour exécuter cette action. Créez une association en utilisant l'application"Options des dossiers" dans le panneau de configuration.
Comment dois-je faire s'il vous plaît ?

Bonne soirée et merci encore

Regis59 · Answer

Ok

Lorsque 'Aide et Support' ne se lance pas en cliquant sur son raccourci dans le menu Démarrer, le coupable est le plus souvent un utilitaire de nettoyage du Registre qui a fait un ménage trop complet (c'est le cas de EasyCleaner). Les valeurs associées à l'Aide et Support ont probablement disparu du Registre.

Télécharger le fichier fixwinxp_aide_support.vbs créé par Doug Knox. Double-cliquer sur le fichier pour restaurer les associations et retrouver l'assistant.
http://www.d2i.ch/pn/telechargement/vbs/fixwinxp_aide_support.vbs

A+

LILYBELL · Answer

Bonjour,

J'ai téléchargé le fichier conseillé, mais comment dois-je procéder pour restaurer les associations et retrouver l'assistant ?
je ne suis pas experte en la matière et compte beaucoup sur votre aide.

Regis59 · Answer

Bonjour,

 Double-cliquer sur le fichier téléchargé.
Ensuite, regarde si tu as récupéré la rubrique aide et support ou à la fonction " rechercher". 

A+

Regis59 · Answer

ok :-)

Plus accès aide et support souris difficile ?

16 réponses

Discussions similaires

Newsletters