Analyse hijak
nplihon
Messages postés
11
Statut
Membre
-
nplihon -
nplihon -
Bonjour,
Quelqu'un pourrait analyser mon Hijak, car je trouve que mon ordi est assez lent depuis quelques temps :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40:28, on 25/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Palm\HOTSYNC.EXE
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Grisoft\AVG Free\avgwb.dat
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
O2 - BHO: (no name) - {11243AAE-DC33-FAB6-4833-DC2FF7E2ACEC} - C:\WINDOWS\system32\yguxhhs.dll (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {20C7AC57-47CE-4C65-BC16-652366C99AC5} - C:\WINDOWS\system32\nnv.dll (file missing)
O2 - BHO: (no name) - {3C45FFDA-1412-42EA-31F6-3B46E099D5C7} - C:\WINDOWS\system32\kjbw.dll (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {9258A914-1185-3152-FDFD-45968CD029BF} - C:\WINDOWS\system32\grnyui.dll (file missing)
O2 - BHO: (no name) - {AF5CBB0F-00CB-7519-EB2B-0822871D18B6} - C:\WINDOWS\system32\vbodnu.dll (file missing)
O2 - BHO: (no name) - {C59A1A22-A2E4-856D-987B-ADC8198E2CE0} - C:\WINDOWS\system32\xevbtosl.dll (file missing)
O2 - BHO: (no name) - {C7C86E4A-D6D4-8D72-A94D-F0EA6AB87A99} - C:\WINDOWS\system32\bna.dll (file missing)
O2 - BHO: (no name) - {CB96DE57-36CC-4A16-B26B-3C0145EA2FB2} - C:\WINDOWS\system32\gnokt.dll (file missing)
O2 - BHO: (no name) - {E9237497-C856-C5F1-7B91-BD9E8E60509C} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O2 - BHO: (no name) - {E923749E-C856-B189-7B90-C69EFC6750E7} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [wwcchkgiwnf] C:\WINDOWS\System32\xhlgzins.exe
O4 - HKLM\..\Run: [AutoLoader3wuZ1ZXfMZLK] "C:\WINDOWS\System32\winarta.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winwsu32.exe
O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe
O4 - HKLM\..\Run: [MagnifyingGlass] C:\DOCUME~1\NICOLAS\LOCALS~1\Temp\Répertoire temporaire 3 pour loupe.zip\Magnifying Glass.exe /autorun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [ISP] C:\Program Files\sony\ISPselector\ISPselector.exe /SCHEDULER
O4 - HKLM\..\Run: [335T3ti] winarta.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [xggkgt] c:\windows\system32\xggkgt.exe xggkgt
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKCU\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /M "Stylus CX6400" /EF "HKCU"
O4 - HKCU\..\Run: [Eree] "C:\DOCUME~1\NICOLAS\APPLIC~1\FNTS~1\ntvdm.exe" -vt mt
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [MSN Messanger] msnmsng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [MSN Messanger] msnmsng.exe (User 'Default user')
O4 - S-1-5-18 Startup: HotSync Manager.LNK = D:\Palm\HOTSYNC.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: HotSync Manager.LNK = D:\Palm\HOTSYNC.EXE (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: HotSync Manager.LNK = D:\Palm\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=0a0f6ec6c6eb32b8b4e492b681b9ab84d77959ddaf82d8117b3c8da08f50115fdd474ed1f381cd36a8cc3fee0cc207b1ea714b8b:e4728d1327810392b739d5825a12d92f
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - http://ssl-tb.sitadelle.com/...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - https://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs:
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
Quelqu'un pourrait analyser mon Hijak, car je trouve que mon ordi est assez lent depuis quelques temps :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40:28, on 25/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Palm\HOTSYNC.EXE
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Grisoft\AVG Free\avgwb.dat
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
O2 - BHO: (no name) - {11243AAE-DC33-FAB6-4833-DC2FF7E2ACEC} - C:\WINDOWS\system32\yguxhhs.dll (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {20C7AC57-47CE-4C65-BC16-652366C99AC5} - C:\WINDOWS\system32\nnv.dll (file missing)
O2 - BHO: (no name) - {3C45FFDA-1412-42EA-31F6-3B46E099D5C7} - C:\WINDOWS\system32\kjbw.dll (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {9258A914-1185-3152-FDFD-45968CD029BF} - C:\WINDOWS\system32\grnyui.dll (file missing)
O2 - BHO: (no name) - {AF5CBB0F-00CB-7519-EB2B-0822871D18B6} - C:\WINDOWS\system32\vbodnu.dll (file missing)
O2 - BHO: (no name) - {C59A1A22-A2E4-856D-987B-ADC8198E2CE0} - C:\WINDOWS\system32\xevbtosl.dll (file missing)
O2 - BHO: (no name) - {C7C86E4A-D6D4-8D72-A94D-F0EA6AB87A99} - C:\WINDOWS\system32\bna.dll (file missing)
O2 - BHO: (no name) - {CB96DE57-36CC-4A16-B26B-3C0145EA2FB2} - C:\WINDOWS\system32\gnokt.dll (file missing)
O2 - BHO: (no name) - {E9237497-C856-C5F1-7B91-BD9E8E60509C} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O2 - BHO: (no name) - {E923749E-C856-B189-7B90-C69EFC6750E7} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [wwcchkgiwnf] C:\WINDOWS\System32\xhlgzins.exe
O4 - HKLM\..\Run: [AutoLoader3wuZ1ZXfMZLK] "C:\WINDOWS\System32\winarta.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winwsu32.exe
O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe
O4 - HKLM\..\Run: [MagnifyingGlass] C:\DOCUME~1\NICOLAS\LOCALS~1\Temp\Répertoire temporaire 3 pour loupe.zip\Magnifying Glass.exe /autorun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [ISP] C:\Program Files\sony\ISPselector\ISPselector.exe /SCHEDULER
O4 - HKLM\..\Run: [335T3ti] winarta.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [xggkgt] c:\windows\system32\xggkgt.exe xggkgt
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKCU\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0L2.EXE /P19 "EPSON Stylus CX6400" /M "Stylus CX6400" /EF "HKCU"
O4 - HKCU\..\Run: [Eree] "C:\DOCUME~1\NICOLAS\APPLIC~1\FNTS~1\ntvdm.exe" -vt mt
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [MSN Messanger] msnmsng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [MSN Messanger] msnmsng.exe (User 'Default user')
O4 - S-1-5-18 Startup: HotSync Manager.LNK = D:\Palm\HOTSYNC.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: HotSync Manager.LNK = D:\Palm\HOTSYNC.EXE (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: HotSync Manager.LNK = D:\Palm\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=0a0f6ec6c6eb32b8b4e492b681b9ab84d77959ddaf82d8117b3c8da08f50115fdd474ed1f381cd36a8cc3fee0cc207b1ea714b8b:e4728d1327810392b739d5825a12d92f
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - http://ssl-tb.sitadelle.com/...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - https://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs:
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
A voir également:
- Analyse hijak
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
- Échec de l'analyse antivirus. ✓ - Forum Antivirus
- Analyse et réparation disque dur externe - Guide
3 réponses
Salut,
coche et fait fix checked :
R3 - URLSearchHook: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {11243AAE-DC33-FAB6-4833-DC2FF7E2ACEC} - C:\WINDOWS\system32\yguxhhs.dll (file missing)
O2 - BHO: (no name) - {20C7AC57-47CE-4C65-BC16-652366C99AC5} - C:\WINDOWS\system32\nnv.dll (file missing)
O2 - BHO: (no name) - {3C45FFDA-1412-42EA-31F6-3B46E099D5C7} - C:\WINDOWS\system32\kjbw.dll (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
O2 - BHO: (no name) - {9258A914-1185-3152-FDFD-45968CD029BF} - C:\WINDOWS\system32\grnyui.dll (file missing)
O2 - BHO: (no name) - {AF5CBB0F-00CB-7519-EB2B-0822871D18B6} - C:\WINDOWS\system32\vbodnu.dll (file missing)
O2 - BHO: (no name) - {C59A1A22-A2E4-856D-987B-ADC8198E2CE0} - C:\WINDOWS\system32\xevbtosl.dll (file missing)
O2 - BHO: (no name) - {C7C86E4A-D6D4-8D72-A94D-F0EA6AB87A99} - C:\WINDOWS\system32\bna.dll (file missing)
O2 - BHO: (no name) - {CB96DE57-36CC-4A16-B26B-3C0145EA2FB2} - C:\WINDOWS\system32\gnokt.dll (file missing)
O2 - BHO: (no name) - {E9237497-C856-C5F1-7B91-BD9E8E60509C} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O2 - BHO: (no name) - {E923749E-C856-B189-7B90-C69EFC6750E7} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O4 - HKLM\..\Run: [wwcchkgiwnf] C:\WINDOWS\System32\xhlgzins.exe
O4 - HKLM\..\Run: [AutoLoader3wuZ1ZXfMZLK] "C:\WINDOWS\System32\winarta.exe"
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winwsu32.exe
O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe
O4 - HKLM\..\Run: [MagnifyingGlass] C:\DOCUME~1\NICOLAS\LOCALS~1\Temp\Répertoire temporaire 3 pour loupe.zip\Magnifying Glass.exe /autorun
O4 - HKLM\..\Run: [335T3ti] winarta.exe
O4 - HKLM\..\Run: [xggkgt] c:\windows\system32\xggkgt.exe xggkgt
O4 - HKLM\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKCU\..\Run: [Eree] "C:\DOCUME~1\NICOLAS\APPLIC~1\FNTS~1\ntvdm.exe" -vt mt
O4 - HKCU\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKUS\S-1-5-18\..\RunServices: [MSN Messanger] msnmsng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunServices: [MSN Messanger] msnmsng.exe (User 'Default user')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - http://ssl-tb.sitadelle.com/
O20 - AppInit_DLLs:
OUFFFF fix tout ca redemarre le et et touche plus a rien.
je te donne la suite
coche et fait fix checked :
R3 - URLSearchHook: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {11243AAE-DC33-FAB6-4833-DC2FF7E2ACEC} - C:\WINDOWS\system32\yguxhhs.dll (file missing)
O2 - BHO: (no name) - {20C7AC57-47CE-4C65-BC16-652366C99AC5} - C:\WINDOWS\system32\nnv.dll (file missing)
O2 - BHO: (no name) - {3C45FFDA-1412-42EA-31F6-3B46E099D5C7} - C:\WINDOWS\system32\kjbw.dll (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {52765048-BB83-EA7D-A312-951C859FB19A} - C:\WINDOWS\system32\mmzm.dll (file missing)
O2 - BHO: (no name) - {9258A914-1185-3152-FDFD-45968CD029BF} - C:\WINDOWS\system32\grnyui.dll (file missing)
O2 - BHO: (no name) - {AF5CBB0F-00CB-7519-EB2B-0822871D18B6} - C:\WINDOWS\system32\vbodnu.dll (file missing)
O2 - BHO: (no name) - {C59A1A22-A2E4-856D-987B-ADC8198E2CE0} - C:\WINDOWS\system32\xevbtosl.dll (file missing)
O2 - BHO: (no name) - {C7C86E4A-D6D4-8D72-A94D-F0EA6AB87A99} - C:\WINDOWS\system32\bna.dll (file missing)
O2 - BHO: (no name) - {CB96DE57-36CC-4A16-B26B-3C0145EA2FB2} - C:\WINDOWS\system32\gnokt.dll (file missing)
O2 - BHO: (no name) - {E9237497-C856-C5F1-7B91-BD9E8E60509C} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O2 - BHO: (no name) - {E923749E-C856-B189-7B90-C69EFC6750E7} - C:\WINDOWS\system32\pmynbe.dll (file missing)
O4 - HKLM\..\Run: [wwcchkgiwnf] C:\WINDOWS\System32\xhlgzins.exe
O4 - HKLM\..\Run: [AutoLoader3wuZ1ZXfMZLK] "C:\WINDOWS\System32\winarta.exe"
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winwsu32.exe
O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe
O4 - HKLM\..\Run: [MagnifyingGlass] C:\DOCUME~1\NICOLAS\LOCALS~1\Temp\Répertoire temporaire 3 pour loupe.zip\Magnifying Glass.exe /autorun
O4 - HKLM\..\Run: [335T3ti] winarta.exe
O4 - HKLM\..\Run: [xggkgt] c:\windows\system32\xggkgt.exe xggkgt
O4 - HKLM\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKCU\..\Run: [Eree] "C:\DOCUME~1\NICOLAS\APPLIC~1\FNTS~1\ntvdm.exe" -vt mt
O4 - HKCU\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKUS\S-1-5-18\..\RunServices: [MSN Messanger] msnmsng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunServices: [MSN Messanger] msnmsng.exe (User 'Default user')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - http://ssl-tb.sitadelle.com/
O20 - AppInit_DLLs:
OUFFFF fix tout ca redemarre le et et touche plus a rien.
je te donne la suite
Désactive la restauration système :
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924
Affiche les dossiers et fichiers cachés :
Outils-> option -> affichages :
afficher les dossiers et fichiers cachés.
Télécharge CCleaner et fait un nettoyage : https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Cherche et supprime :
C:\WINDOWS\System32\xhlgzins.exe
C:\WINDOWS\System32\winarta.exe
C:\windows\system32\winwsu32.exe
c:\windows\system32\xggkgt.exe
c:\program files\180search assistant\ (dossier)
C:\DOCUME~1\NICOLAS\APPLIC~1\FNTS~1\ntvdm.exe
fait une recherche pour eux :
winarta.exe
msnmsng.exe
PowerReg Scheduler.exe
puis fait un scan en ligne :
connecte toi sur :
https://www.eset.com/
ensuite : Scanner en ligne.
Coche la case et puis clique sur start.
Accepte l'active X
Coche les 2 options du scan et fait un scan complet.
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924
Affiche les dossiers et fichiers cachés :
Outils-> option -> affichages :
afficher les dossiers et fichiers cachés.
Télécharge CCleaner et fait un nettoyage : https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Cherche et supprime :
C:\WINDOWS\System32\xhlgzins.exe
C:\WINDOWS\System32\winarta.exe
C:\windows\system32\winwsu32.exe
c:\windows\system32\xggkgt.exe
c:\program files\180search assistant\ (dossier)
C:\DOCUME~1\NICOLAS\APPLIC~1\FNTS~1\ntvdm.exe
fait une recherche pour eux :
winarta.exe
msnmsng.exe
PowerReg Scheduler.exe
puis fait un scan en ligne :
connecte toi sur :
https://www.eset.com/
ensuite : Scanner en ligne.
Coche la case et puis clique sur start.
Accepte l'active X
Coche les 2 options du scan et fait un scan complet.
