Sujet Précédent Sujet Suivant

Rapport navilog et hijack this

Résolu
florebcio Messages postés 193 Statut Membre -  
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour la communauté!
Je fais appel à votre aide pour m'aider à venir à bout de ces satanées pubs! En effet ces derniers temps que ce soit avec IE ou firefox je suis assailli! De plus je remarque un ralentissement de mon PC, peut-être un virus?!
Je vous joint un rapport Hijack this ainsi qu'un navilog. En vous remerciant d'avance pour votre aide. Amicalement.

Rapport Hijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:05:36, on 4/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\windows\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\wscntfy.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd3.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Winter Fun Pack 2004 for Windows XP\WinterWallToy\WinterWalltoy.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\windows\system32\WISPTIS.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft Office\Office12\INFOPATH.EXE
C:\windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\windows\system32\cmd.exe
C:\Program Files\Navilog1\catchme.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\wvusssq.dll (file missing)
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: gebcb - C:\windows\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/FLORIA~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif

29 réponses

Précédent
  • 1
  • 2
Réponse 21 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Refais un log hijackthis
stp
0
Réponse 22 / 29
florebcio Messages postés 193 Statut Membre 7
 
Salut ^^marie^^!
Je te joins le rapport hijackthis comme demandé. Merci de ton aide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:24, on 4/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Documents and Settings\Florian Leloup\Bureau\PhotoFiltre.exe
C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Florian Leloup\Bureau\HiJackThis.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - S-1-5-18 Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: gebcb - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 23 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Relance ComboFix encore un coup
St

0
Réponse 24 / 29
florebcio Messages postés 193 Statut Membre 7
 
Bonjour ^^Marie!

Tout d'abord excuse moi pour cette réponse tardive mais j'ai du m'absenter quelques jours puis j'ai ensuite reconter quelques problèmes avec comboFix quant à la création du rapport...!
Enfin bre, je réussi quand même à t'en joindre un qui je l'espère te seras utile! :)

Log:

ComboFix 08-04-24.1 - Florian Leloup 2008-04-26 11:01:37.6 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.149 [GMT 2:00]
Endroit: C:\Documents and Settings\Florian Leloup\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-03-26 to 2008-04-26 ))))))))))))))))))))))))))))))))))))
.

2008-04-26 10:03 . 2008-04-26 10:03 1,554,915 --a------ C:\Program Files\MDL_1.4.0402.exe
2008-04-25 22:54 . 2008-04-25 22:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-25 22:54 . 2008-04-25 22:54 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-19 22:43 . 2008-04-19 22:43 <REP> d-------- C:\Program Files\PowerQuest
2008-04-18 16:06 . 2008-04-18 16:06 <REP> d-------- C:\Documents and Settings\Florian Leloup\Application Data\Thunderbird
2008-04-18 16:04 . 2008-04-25 20:41 <REP> d-------- C:\Program Files\Mozilla Thunderbird
2008-04-18 00:22 . 2008-04-18 00:22 <REP> d-------- C:\Program Files\Pando Networks
2008-04-17 19:41 . 2008-04-17 19:47 <REP> d--hs---- C:\Documents and Settings\Florian Leloup\Phone Browser
2008-04-17 18:01 . 2004-08-03 23:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-04-17 18:01 . 2004-08-03 23:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-04-17 17:55 . 2008-04-17 17:55 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-04-17 17:55 . 2008-04-17 17:55 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-04-17 15:15 . 2008-04-17 15:15 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-04-17 15:15 . 2008-04-17 15:15 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-04-17 15:13 . 2008-04-17 15:13 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-04-17 15:13 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-04-17 15:11 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-04-17 15:11 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-04-17 15:10 . 2007-11-29 10:33 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-04-17 15:10 . 2007-11-29 10:39 95,744 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-04-17 15:10 . 2007-11-29 10:39 19,328 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-04-17 15:10 . 2007-11-29 10:39 16,896 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-04-17 01:01 . 2008-04-17 01:01 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information
2008-04-16 21:19 . 2008-04-16 21:19 2,228,534 --a------ C:\audacity-win-1.2.6.exe
2008-04-14 20:22 . 2008-04-16 01:12 <REP> d-------- C:\Program Files\FBrowsingAdvisor
2008-04-14 20:22 . 2008-04-14 20:22 <REP> d-------- C:\Program Files\FBrowserAdvisor
2008-04-14 18:20 . 2008-04-14 18:20 <REP> d-------- C:\Program Files\Microsoft Works
2008-04-14 18:18 . 2008-04-14 18:18 <REP> d-------- C:\Program Files\Microsoft.NET
2008-04-14 16:44 . 2008-04-14 16:44 <REP> d-------- C:\WINDOWS\[u]0[/u]38A524F58DB438A83918F7F0CA14B9E.TMP
2008-04-14 16:42 . 2008-04-14 16:42 <REP> d-------- C:\Program Files\iTunes
2008-04-14 16:42 . 2008-04-14 16:42 <REP> d-------- C:\Program Files\iPod
2008-04-14 16:42 . 2008-04-14 16:43 <REP> d-------- C:\iTunes
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Program Files\TrackMania Nations ESWC
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Program Files\Poney-Club 2
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Program Files\Hercules
2008-04-14 16:41 . 2008-04-17 20:54 <REP> d-------- C:\Program Files\Dataroute
2008-04-14 16:41 . 2008-04-17 20:11 <REP> d-------- C:\Program Files\Corel
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-a------ C:\ISP
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\install_souri
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-a------ C:\fsc-screensaver
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Fichiers Programme
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\DISNEY
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\dana
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-a------ C:\AOL
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\2b35a0c7d672da9d90af5069
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\~QTWTMP.TMP
2008-04-14 10:16 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-14 10:16 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-14 10:16 . 2008-04-10 21:00 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-14 10:16 . 2008-04-11 22:13 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-14 10:16 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-14 10:16 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-14 10:16 . 2008-04-14 10:16 4,004 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-14 10:12 . 2008-04-14 10:12 268 --ah----- C:\sqmdata08.sqm
2008-04-14 10:12 . 2008-04-14 10:12 244 --ah----- C:\sqmnoopt08.sqm
2008-04-14 10:00 . 2008-04-14 10:00 268 --ah----- C:\sqmdata07.sqm
2008-04-14 10:00 . 2008-04-14 10:00 244 --ah----- C:\sqmnoopt07.sqm
2008-04-14 00:32 . 2008-04-14 16:41 <REP> d-a------ C:\FirstSteps
2008-04-14 00:32 . 2008-04-14 16:41 <REP> d-------- C:\CocaColaMouse
2008-04-13 20:13 . 2008-04-14 16:45 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-12 20:58 . 2008-04-14 16:39 <REP> d-------- C:\Documents and Settings\Famille\Modèles
2008-04-12 20:58 . 2008-04-14 16:39 <REP> d-------- C:\Documents and Settings\Famille\Favoris
2008-04-12 20:58 . 2008-04-12 20:58 <REP> d-------- C:\Documents and Settings\Famille\Application Data\PC Suite
2008-04-12 20:58 . 2008-04-14 16:39 <REP> d---s---- C:\Documents and Settings\Famille
2008-04-12 20:58 . 2008-04-26 11:01 1,024 --ah----- C:\Documents and Settings\Famille\ntuser.dat.LOG
2008-04-12 08:38 . 2008-04-12 08:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-04-12 08:23 . 2008-04-12 08:23 <REP> d-------- C:\Program Files\MSBuild
2008-04-12 08:18 . 2008-04-14 18:14 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-12 08:15 . 2008-04-12 08:15 <REP> dr-h----- C:\MSOCache
2008-04-12 08:11 . 2008-04-14 14:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-04-11 20:40 . 2008-04-18 15:15 <REP> d-------- C:\Program Files\eMule
2008-04-10 22:51 . 2008-04-10 22:51 268 --ah----- C:\sqmdata06.sqm
2008-04-10 22:51 . 2008-04-10 22:51 244 --ah----- C:\sqmnoopt06.sqm
2008-04-09 23:40 . 2008-04-09 23:40 268 --ah----- C:\sqmdata05.sqm
2008-04-09 23:40 . 2008-04-09 23:40 244 --ah----- C:\sqmnoopt05.sqm
2008-04-09 22:16 . 2008-04-09 22:16 268 --ah----- C:\sqmdata04.sqm
2008-04-09 22:16 . 2008-04-09 22:16 244 --ah----- C:\sqmnoopt04.sqm
2008-04-08 21:42 . 2008-04-08 21:42 268 --ah----- C:\sqmdata03.sqm
2008-04-08 21:42 . 2008-04-08 21:42 244 --ah----- C:\sqmnoopt03.sqm
2008-04-06 22:20 . 2008-04-06 22:20 268 --ah----- C:\sqmdata02.sqm
2008-04-06 22:20 . 2008-04-06 22:20 244 --ah----- C:\sqmnoopt02.sqm
2008-04-05 22:49 . 2008-04-05 22:49 268 --ah----- C:\sqmdata01.sqm
2008-04-05 22:49 . 2008-04-05 22:49 244 --ah----- C:\sqmnoopt01.sqm
2008-04-05 12:32 . 2008-04-05 12:40 <REP> d-------- C:\Documents and Settings\Florian Leloup\Nouveau dossier
2008-04-05 07:39 . 2008-04-05 07:39 268 --ah----- C:\sqmdata00.sqm
2008-04-05 07:39 . 2008-04-05 07:39 244 --ah----- C:\sqmnoopt00.sqm
2008-04-04 20:40 . 2008-04-14 15:37 <REP> d-------- C:\Bazar
2008-04-02 22:23 . 2008-04-14 16:43 <REP> d-------- C:\Stars wars 3
2008-03-30 20:00 . 2008-03-30 20:02 <REP> d-------- C:\Documents and Settings\Florian Leloup\Application Data\FMZilla
2008-03-29 17:01 . 2008-04-14 16:43 <REP> d-------- C:\Stars wars 1
2008-03-29 15:53 . 2008-04-14 16:43 <REP> d-------- C:\Stars wars

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 08:08 --------- d-----w C:\Program Files\MSN Messenger
2008-04-26 08:08 --------- d-----w C:\Program Files\MessengerDiscovery
2008-04-25 18:42 --------- d-----w C:\Program Files\DivX
2008-04-19 20:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-17 22:20 --------- d-----w C:\Documents and Settings\Florian Leloup\Application Data\uTorrent
2008-04-17 18:55 --------- d-----w C:\Program Files\Java
2008-04-17 18:09 --------- d-----w C:\Program Files\Acoustica Shared Effects
2008-04-17 18:09 --------- d-----w C:\Program Files\Acoustica Mixcraft
2008-04-17 17:30 --------- d-----w C:\Documents and Settings\Florian Leloup\Application Data\PC Suite
2008-04-17 13:30 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-04-17 13:28 --------- d-----w C:\Program Files\Wolfenstein - Enemy Territory
2008-04-17 13:15 --------- d-----w C:\Program Files\Nokia
2008-04-17 13:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-04-16 19:19 --------- d-----w C:\Program Files\Audacity
2008-04-16 12:38 --------- d-----w C:\Program Files\LimeWire
2008-04-14 23:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-14 14:45 --------- d-----w C:\Program Files\Windows Live
2008-04-14 14:45 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-14 14:42 --------- d-----w C:\Program Files\Google
2008-04-14 14:41 --------- d-----w C:\Program Files\Servarena
2008-04-14 14:41 --------- d-----w C:\Program Files\Micro Application
2008-04-14 14:39 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-14 13:55 16,384 --sha-w C:\Program Files\Thumbs.db
2008-04-14 13:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-14 13:37 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-04-14 13:36 --------- d-----w C:\Program Files\Winter Fun Pack 2004 for Windows XP
2008-04-12 04:34 561,025,024 ----a-w C:\Program Files\[ThiWeb].Microsoft.Office.2007.Pro.Plus.Finale.Fr.iso
2008-04-02 20:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 22:07 --------- d-----w C:\Documents and Settings\Florian Leloup\Application Data\Media Player Classic
2008-03-11 20:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2008-03-06 09:14 831,048 ----a-w C:\WINDOWS\system32\WudfUpdate_01005.dll
2008-03-02 18:18 --------- d-----w C:\Program Files\RealVNC
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-01 12:58 267,776 ----a-w C:\WINDOWS\system32\iertutil(2).dll
2008-03-01 12:58 124,928 ----a-w C:\WINDOWS\system32\advpack(2)(2).dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-12-09 21:19 3,464,838 ----a-w C:\Program Files\httrack-3.42.exe
2007-12-08 19:53 827,024 ----a-w C:\Program Files\PhotoGreetingCards.exe
2007-12-08 19:52 1,394,568 ----a-w C:\Program Files\install_easyshare.exe
2007-12-02 14:22 4,179,293 ----a-w C:\Program Files\everesthome220.exe
2007-12-02 10:11 1,495,603 ----a-w C:\Program Files\MDL_1.3.0322.exe
2007-12-02 09:42 2,402,832 ----a-w C:\Program Files\WLinstaller.exe
2007-12-01 18:48 17,929,072 ----a-w C:\Program Files\Install_Messenger.exe
2007-11-18 19:16 1,902,536 ----a-w C:\Program Files\daemon-tools_daemon_tools_4.1_anglais_10729.exe
2007-11-08 22:18 7,736 ----a-w C:\Program Files\xip.zip
2007-11-07 20:32 684,032 ----a-w C:\Program Files\ducsetup.exe
2007-11-05 21:27 2,865,651,712 ----a-w C:\Program Files\flt-fif8.iso
2007-11-05 18:40 19,194,902 ----a-w C:\Program Files\tmnationseswc_175_to_179_setup.exe
2007-11-04 16:08 278,695,200 ----a-w C:\Program Files\TmNationsESWC_Setup.exe
2007-11-02 08:15 107 ----a-w C:\Program Files\main.c
2007-10-29 14:03 700,120 ----a-w C:\Program Files\flash-moz.exe
2007-10-29 12:36 1,367,695 ----a-w C:\Program Files\VirtualDub-MPEG2_1.6.15_b24600_Fr.exe
2007-10-18 19:11 240,365,312 ----a-w C:\Program Files\ADBEFWKSCS3_WWF.exe
2007-10-17 18:46 108,998,552 ----a-w C:\Program Files\paint-shop-pro-x_paint_shop_pro_x_10.0_francais_15224.exe
2007-10-14 10:22 2,577,800 ----a-w C:\Program Files\essentialpim2.exe
2007-07-22 11:09 132,909,372 ----a-w C:\Program Files\DofusInstaller_v1_19_0.exe
2007-07-14 17:23 22 ----a-w C:\Program Files\t.rar
2007-07-10 20:07 720,051 ----a-w C:\Program Files\vnc-4.0-x86_win32.zip
2007-07-06 23:20 8,335 ----a-w C:\Program Files\NickChange1_4.plsc
2007-07-06 20:11 3,126,056 ----a-w C:\Program Files\LimeWireWin.exe
2007-07-04 08:37 18,898,288 ----a-w C:\Program Files\Install_WLMessenger.exe
2007-07-03 16:00 1,882,020 ----a-w C:\Program Files\PhotoFiltre.zip
2007-07-01 11:02 24,708,797 ----a-w C:\Program Files\kav700123fr_1645.exe
2007-06-30 20:06 365,464 ----a-w C:\Program Files\emoticoneslive_search.exe
2007-06-28 14:27 5,370,037 ----a-w C:\Program Files\Install MPD.exe
2007-06-28 13:11 19,889,664 ----a-w C:\Program Files\WinterFunPack2004forWindowsXP.msi
2007-06-23 19:41 29,734,452 ----a-w C:\Program Files\setup-adsltv.exe
2007-06-19 20:58 3,035,141 ----a-w C:\Program Files\PimpFish.exe
2007-06-19 20:54 1,881,088 ----a-w C:\Program Files\q3cel-1.0-Windows.msi
2007-05-27 21:40 19,415,424 ----a-w C:\Program Files\StyleXPInstallMale.zip
2007-05-20 18:22 232,086 ----a-w C:\Program Files\stuffPlugybouane.oldiblog.com.exe
2007-05-18 07:44 1,104,384 ----a-w C:\Program Files\gifsetup.exe
2007-05-17 11:58 452,617 ----a-w C:\Program Files\pca1161_chateau_fantasy.zip
2007-05-17 09:46 858,310 ----a-w C:\Program Files\pca0681_naruto.zip
2007-05-17 09:43 101,472 ----a-w C:\Program Files\pca1344_eva_longoria.zip
2007-05-17 09:33 743,469 ----a-w C:\Program Files\vnc-4.0-x86_win32.exe
2007-05-14 19:06 256 ----a-w C:\Program Files\BYEBYE.ini
2007-05-14 19:03 330,391 ----a-w C:\Program Files\Byebye10.zip
2007-05-13 15:59 67,240 ----a-w C:\Program Files\vnc-4_1-javasrc[1].tar.gz
2007-05-12 08:54 121,474 ----a-w C:\Program Files\1avatars035.exe
2007-05-12 08:52 56,972 ----a-w C:\Program Files\444.exe
2007-05-12 08:19 28,374,788 ----a-w C:\Program Files\adsl-tv_adsl_tv_1.96_francais_19182.exe
2007-05-10 19:32 230,424 ----a-w C:\Program Files\img2-001.raw
2007-05-09 12:30 1,067,576 ----a-w C:\Program Files\AxCrypt-Setup.exe
2007-05-08 10:20 3,458,079 ----a-w C:\Program Files\FileZilla_2_2_32_setup.exe
2007-05-02 11:16 9,098,377 ----a-w C:\Program Files\blender-2.43-windows.exe
2007-04-30 20:24 89,478 ----a-w C:\Program Files\Tete_de_noeud.zip
2007-04-29 18:41 2,359,350 ----a-w C:\Program Files\quake.bmp
2007-04-15 12:21 811,744 ----a-w C:\Program Files\Google Updater.exe
2007-04-14 09:05 1,838,150 ----a-w C:\Program Files\Legion88-CasserDuBougnoule.mp3
2007-04-12 17:06 42,654 ----a-w C:\Program Files\SpongeBob_ScreenToy.zip
2007-04-12 14:17 167 ----a-w C:\Documents and Settings\Florian Leloup\1875.bat
2007-04-11 10:17 3,803,427 ----a-w C:\Program Files\video0.mp3
2007-04-10 18:41 1,774,682 ----a-w C:\Program Files\install_souri.rar
2007-04-10 18:40 11,716 ----a-w C:\Program Files\CocaColaMouse.zip
2007-11-09 19:23 56 --sh--r C:\WINDOWS\system32\F69E18DE48.sys
2007-11-09 19:23 3,974 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

------- Sigcheck -------

2007-06-13 15:10 4923392 e47dc53de6bfe06c58782f22ed952f1a C:\WINDOWS\explorer.exe
2004-08-05 14:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB884883$\explorer.exe
2005-04-07 20:47 1036288 0bee3b07ace3303ee57698808e1d2de3 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
.
((((((((((((((((((((((((((((( snapshot_2008-04-15_10.53.01.59 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-15 08:18:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-26 08:50:20 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-17 13:16:25 15,086 ----a-r C:\WINDOWS\Installer\{0FC76B71-2534-4354-B255-3468578E3F47}\ARPPRODUCTICON.exe
+ 2008-04-17 13:11:04 3,262 ----a-r C:\WINDOWS\Installer\{4F1DCA42-2030-437C-A94E-736692A499C1}\ARPPRODUCTICON.exe
+ 2008-04-19 20:43:46 22,486 ----a-r C:\WINDOWS\Installer\{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}\ARPPRODUCTICON.exe
+ 2008-04-17 13:13:23 10,134 ----a-r C:\WINDOWS\Installer\{AC599724-5755-48C1-ABE7-ABB857652930}\ARPPRODUCTICON.exe
+ 2008-04-17 22:22:37 25,214 ----a-r C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\ARPPRODUCTICON.exe
+ 2008-04-17 22:22:37 65,536 ----a-r C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\NewShortcut3_C0B0FA55D4E943749871BBFBF2AEF0D1.exe
+ 2008-04-17 22:22:37 65,536 ----a-r C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\NewShortcut4_C0B0FA55D4E943749871BBFBF2AEF0D1.exe
+ 2008-04-17 22:22:37 65,536 ----a-r C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\pando.exe_ED0ECD11C6AB405E9A06D25E96BD6FD7.exe
+ 2008-04-17 22:22:37 65,536 ----a-r C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\pando.exe1_ED0ECD11C6AB405E9A06D25E96BD6FD7.exe
- 2008-03-10 17:46:54 2,025 ----a-w C:\WINDOWS\mozver.dat
+ 2008-04-25 18:42:26 2,025 ----a-w C:\WINDOWS\mozver.dat
+ 2002-09-16 15:14:32 4,228 ----a-w C:\WINDOWS\system32\drivers\PQNTDRV.sys
- 2007-11-06 08:26:20 535,040 ----a-w C:\WINDOWS\system32\drivers\UMDF\PCCSWpdDriver.dll
+ 2008-03-06 09:19:36 534,016 ----a-w C:\WINDOWS\system32\drivers\UMDF\PCCSWpdDriver.dll
+ 2006-11-02 05:22:54 492,000 ------w C:\WINDOWS\system32\drivers\wdf01000.sys
+ 2006-11-02 05:22:52 32,224 ------w C:\WINDOWS\system32\drivers\wdfldr.sys
+ 2007-11-29 08:39:42 16,896 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\ccdcmb.sys
+ 2007-11-29 08:32:38 48,128 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\nmwcdcls.dll
+ 2007-11-29 08:39:44 95,744 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\nmwcdcocls.dll
+ 2007-11-29 08:33:04 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\wdfcoinstaller01005.dll
+ 2007-11-29 08:39:52 8,064 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmbcj_B642931F7B28F01BE617200298CCA42B44AAC343\usbser_lowerfltj.sys
+ 2007-11-29 08:39:42 8,064 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmbm_B642931F7B28F01BE617200298CCA42B44AAC343\usbser_lowerflt.sys
+ 2007-11-29 08:39:40 19,328 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmbo_B642931F7B28F01BE617200298CCA42B44AAC343\ccdcmbo.sys
+ 2007-09-17 13:53:26 21,632 -c--a-w C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.sys
+ 2008-03-06 09:19:36 534,016 -c--a-w C:\WINDOWS\system32\DRVSTORE\pccswpddri_CAEB6BB34654D5A4CAB32D7967078BA417F01F05\PCCSWpdDriver.dll
+ 2008-03-06 09:14:58 831,048 -c--a-w C:\WINDOWS\system32\DRVSTORE\pccswpddri_CAEB6BB34654D5A4CAB32D7967078BA417F01F05\WudfUpdate_01005.dll
- 2008-04-15 08:18:51 290,088 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-17 09:26:43 291,680 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-02-22 09:15:12 90,624 ----a-w C:\WINDOWS\system32\nmwcdcls.dll
+ 2007-11-29 08:32:38 48,128 ----a-w C:\WINDOWS\system32\nmwcdcls.dll
- 2004-08-05 12:00:00 70,656 ----a-w C:\WINDOWS\system32\notepad.exe
+ 2004-08-05 12:00:00 453,632 ----a-w C:\WINDOWS\system32\notepad.exe
+ 2002-09-16 15:16:48 1,357,032 ----a-w C:\WINDOWS\system32\XMNT2002.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F}]
C:\WINDOWS\system32\gebcb.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fsc-reminder.exe"="C:\WINDOWS\reminder\fsc-reminder.exe" [2005-01-19 17:10 28672]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-15 14:33 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
"Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [2008-04-02 15:22 6112584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-10 19:25 15969280 C:\WINDOWS\RTHDCPL.EXE]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [ ]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-09-05 15:55 339968]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2006-07-06 22:32 122880]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2003-09-29 07:10 81990]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2003-09-10 03:11 135251]
"iconcache"="" []
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"cleanup"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01 437160]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 18:41 1232896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Fichiers communs\logishrd\WUApp32.exe" [2007-10-12 04:03 439568]

C:\Documents and Settings\Florian Leloup\Menu D‚marrer\Programmes\D‚marrage\
No-IP DUC.lnk - C:\Program Files\No-IP\DUC20.exe [2007-12-10 21:38:34 1172992]

C:\Documents and Settings\Florian Leloup\Menu D‚marrer\Programmes\D‚marrage\
No-IP DUC.lnk - C:\Program Files\No-IP\DUC20.exe [2007-12-10 21:38:34 1172992]

C:\Documents and Settings\Florian Leloup\Menu D‚marrer\Programmes\D‚marrage\
No-IP DUC.lnk - C:\Program Files\No-IP\DUC20.exe [2007-12-10 21:38:34 1172992]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2006-05-17 16:05:52 2297856]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebcb]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Kodak software updater.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk
backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk
backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 13:24 167368 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2007-10-07 12:25 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Muscbrigade]
--a------ 2005-12-22 10:26 40960 c:\Musicbrigade\Musicbrigade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-15 14:33 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\Program Files\Yahoo!\Messenger\ypager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinDefend"=2 (0x2)
"gusvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\MSN Messenger\\msnmgr.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Copie de quake 3\\quake3.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Sony\\Media Manager for PSP 2.0\\MediaManager.exe"=
"C:\\Program Files\\Messenger\\Msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
"C:\\Program Files\\No-IP\\DUC20.exe"=
"C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Pando Networks\\Pando\\pando.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27960:UDP"= 27960:UDP:flo.servequake.com
"27961:UDP"= 27961:UDP:Quake 3 27960 UDP
"27962:UDP"= 27962:UDP:Quake 3 27960 UDP
"27963:UDP"= 27963:UDP:Quake 3 27960 UDP
"27964:UDP"= 27964:UDP:Quake 3 27960 UDP
"27965:UDP"= 27965:UDP:Quake 3 27960 UDP
"17966:UDP"= 17966:UDP:flo6.servequake.com
"59087:TCP"= 59087:TCP:Pando P2P TCP Listening Port
"59087:UDP"= 59087:UDP:Pando P2P UDP Listening Port

R2 DNS2GoClient;DNS2Go Client;C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE [2007-11-07 12:50]
R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 14:00]
S3 gel90xne;gel90xne;C:\DOCUME~1\FLORIA~1\LOCALS~1\Temp\gel90xne.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 15:53]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 17:53]
S3 upperdev;upperdev;C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 10:39]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 UsbserFilt;UsbserFilt;C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 10:39]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\AutoRun\command - K:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ded763e-97f3-11db-93a4-0014856b1ed5}]
\Shell\AutoRun\command - M:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f06c3252-d4b6-11dc-acbe-001b2f431027}]
\Shell\AutoRun\command - L:\.pspware\PSPWareLauncher.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-19 17:59:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 11:05:44
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 124

**************************************************************************
.
Temps d'accomplissement: 2008-04-26 11:10:15
ComboFix-quarantined-files.txt 2008-04-26 09:10:04
ComboFix2.txt 2008-04-15 08:53:23

Pre-Run: 28,979,867,648 octets libres
Post-Run: 28,961,447,936 octets libres

431 --- E O F --- 2008-04-14 23:58:35
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Coucou

Un log hijackthis dans la foulée
stp
0
Réponse 26 / 29
florebcio Messages postés 193 Statut Membre 7
 
Voilà! Et encor merci pour ta patience :D.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:18, on 4/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Florian Leloup\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - S-1-5-18 Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: gebcb - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 27 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re

1/ Télécharge et installe CCleaner
(attention à l'installation penser à DECOCHER l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).

http://www.clubic.com/lancer-le-telechargement-20932-0-ccleaner-crap-cleaner-.html

2/ 2/ Télécharge AVG
https://www.avg.com/en-ww/free-antivirus-download
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour.
Tu fermes

3/ Redémarre en mode sans échec
(Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.
http://www.coupdepoucepc.com/modules/news/article.php?storyid=253
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php

4/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - S-1-5-18 Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: gebcb - C:\WINDOWS\



5/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché)

7/ Lance CCleaner
puis bouton Analyse ensuite Bouton Lancer le Nettoyage

8/ Lance AVG
Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport

9/ Redémarre normalement

et poste un nouveau rapport HijackThis.

as-tu encore des dysfonctionnements ?

télécharger la version gratuite de Kerio

Kerio (pare-feu) : reste gratuit après la période d'essai en français
https://kerio.probb.fr/
Regarde ce tutoriel si tu as besoin d'aide pour l'installation et la configuration de Kerio
https://kerio.probb.fr/
Plus d'info :
->https://kerio.probb.fr/

+++

0
Réponse 28 / 29
florebcio Messages postés 193 Statut Membre 7
 
Bonjour ^^Marie^^!

Encore un gros MERCI pour ton aide si précieuse!
Concernant mes "dysfonctionnements", c'est parfait je n'ai plus du tout de pub et ça c'est déjà super génialisisme! :D. Par contre je ne vais pas te cacher qu'il est encore et toujours très très lent et c'est franchement désagréable à l'utilisation :'(! Je pense que tu fais tout ce que tu peux pour m'aider mais malheuresement ca n'as rien changé à sa lenteur :s.

Je te poste un rapport HijackThis comme demandé, tu n'auras pas le rapport de AVG anti-spyware car j'ai complétement omis de l'enregistrer...Désolé. Tout ce que je peux te dire c'est qu'il avait détecté trois objets en "risque élevé" et un en "risque faible". Trois sur quatre ont pu être supprimés. Ah! Un message au moment ou j t'écris me disant : https://imageshack.com/ J'ai cliqué sur réparer puis l'alerte suivante s'est manifesté : https://imageshack.com/ J'ai alors cliqué sur supprimer! Peut tu encore faire qqch pour moi?! plz ...

Rapport Hijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:50, on 4/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Florian Leloup\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 29 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re

4/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = _ HYPERLINK "https://www.google.fr/?gws_rd=ssl" \t "_blank" _https://www.google.fr/?gws_rd=ssl => Google Connexion IE
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background => Microsoft Network Messenger
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') => Microsoft Windows NT
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') => Microsoft Windows NT
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') => Microsoft Windows NT
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') => Microsoft Windows NT

Pense à faire une déframentation
Pense à nettoyer ton PC ► poussière

Relance Tool, tu l'as en début de page.

Installe cet outil

1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

https://www.malwarebytes.com/

3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7) Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12) Ferme MBAM en cliquant sur Quitter.

13) Poste le rapport dans ta réponse

+++

0
florebcio Messages postés 193 Statut Membre 7
 
Bonjour ^^Marie^^!

J'ai fait toutes les manipulations que tu m'as dit, rien à faire mon PC est d'une lenteur des plus atroces!!!! Encore ppplus qu'avant j'ai l'impression! Il devient casi-inutilisable. Je vais donc procéder à un formatage de mon disque dur pous ensuite réinstaller mon OS.

Je te remercie vivement pour toute la patience dont tu as faite preuve, ainsi que des efforts que tu as fournis pour m'aider dans ma "galère"!

Merci encore et continue comme ça, ton aide sur le forum est des plus remarquables. Merci, merci, merci! A=

Amicalement. Flo.
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279 > florebcio Messages postés 193 Statut Membre
 
Bonjour,

Merci pour ton message.
Parfois cela arrive que nous n'arrivons pas au bout.
Bon courage
parfois aussi, cela fait du bien ;;))
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses