Rapport Hijackthis et combofix aidez moi svp
salma
-
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour,
Bonjour,
Voila j'ai un probleme avec ma connexion internet, la page passe un temps fou à se charger d'ailleurs elle ne charge meme pas, en mode sans echec la connexion se passe trés bien (rapide). Quand j'essaye de me connecter à ce forum j y arrive bien mais quand j'essaye d'aller sur ma boite mail Yahoo cela est impossible!!!
Je ne comprends pas la cause. Je vous en prie aidez moi.
VOICI le rapport Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 21:36, on 2008-06-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {018B27FF-E05F-4CB5-8763-540CB3FD457A} - C:\WINDOWS\system32\geBrpppm.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {03911DE4-E10B-4917-9894-EF1038CD104A} - C:\WINDOWS\system32\rqRJDtSj.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9352FD23-F873-40A9-B127-6B752B6308BC} - C:\WINDOWS\system32\cbXRIawT.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: {101afcd7-257c-a8aa-3ce4-cc6da96cc5ae} - {ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101} - C:\WINDOWS\system32\jqmpyh.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [1c1f6341] rundll32.exe "C:\WINDOWS\system32\tfldhwpj.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BM1f2c50dd] Rundll32.exe "C:\WINDOWS\system32\rpgimabv.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4079] command /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8282] cmd /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB2250] command /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4311] cmd /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: geBrpppm - C:\WINDOWS\SYSTEM32\geBrpppm.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
ComboFix 08-06-20.4 - salima moulti 2008-06-30 23:02:43.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.490 [GMT 2:00]
Endroit: C:\Documents and Settings\salima moulti\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cbXRIawT.dll
C:\WINDOWS\system32\jpwhdlft.ini
C:\WINDOWS\system32\jStDJRqr.ini
C:\WINDOWS\system32\jStDJRqr.ini2
C:\WINDOWS\system32\TwaIRXbc.ini
C:\WINDOWS\system32\TwaIRXbc.ini2
C:\WINDOWS\system32\xioxadqm.ini
.
---- Previous Run -------
.
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\pWHhQqru.ini
C:\WINDOWS\system32\pWHhQqru.ini2
C:\WINDOWS\system32\urqQhHWp.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))))))))
.
2008-06-30 21:28 . 2008-06-30 21:28 103,424 --a------ C:\WINDOWS\system32\vovivqur.dll
2008-06-30 21:28 . 2008-06-30 21:28 103,424 --a------ C:\WINDOWS\system32\jqmpyh.dll
2008-06-30 21:26 . 2008-06-30 21:26 91,136 --a------ C:\WINDOWS\system32\rpgimabv.dll
2008-06-30 10:56 . 2008-06-30 10:56 95 --a------ C:\WINDOWS\wininit.ini
2008-06-30 02:35 . 2008-06-30 10:56 <REP> d-------- C:\Program Files\a-squared Free
2008-06-30 01:31 . 2008-06-30 01:31 <REP> d-------- C:\Program Files\Lavasoft
2008-06-30 01:31 . 2008-06-30 22:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Lavasoft
2008-06-30 01:31 . 2008-06-30 01:31 82,432 --a------ C:\WINDOWS\system32\mqdaxoix.dll
2008-06-30 01:29 . 2008-06-30 01:29 103,424 --a------ C:\WINDOWS\system32\irundlbe.dll
2008-06-30 01:29 . 2008-06-30 01:29 103,424 --a------ C:\WINDOWS\system32\blnete.dll
2008-06-30 01:29 . 2008-06-30 01:29 90,624 --a------ C:\WINDOWS\system32\errvqvte.dll
2008-06-30 00:55 . 2008-06-30 00:56 294 ---hs---- C:\WINDOWS\system32\bnhtxlqy.ini
2008-06-30 00:55 . 2008-06-30 00:55 0 --a------ C:\WINDOWS\BM1f2c50dd.xml
2008-06-29 14:25 . 2008-06-29 14:25 <REP> d-------- C:\Program Files\Avira
2008-06-28 20:48 . 2008-06-29 14:09 <REP> d-------- C:\QUARANTINE
2008-06-28 20:29 . 2008-06-28 20:29 103,424 --a------ C:\WINDOWS\system32\ukiube.dll
2008-06-28 20:29 . 2008-06-28 20:29 103,424 --a------ C:\WINDOWS\system32\nyhwmida.dll
2008-06-28 20:27 . 2008-06-28 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Cisco Systems
2008-06-28 20:27 . 2006-12-19 15:06 1,495,552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll
2008-06-28 20:22 . 2008-06-28 20:22 26,112 --a------ C:\WINDOWS\system32\geBrpppm.dll
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-25 00:32 . 2008-06-25 00:32 82,928 --a------ C:\IMG_1258.JPG
2008-06-24 19:28 . 2002-11-11 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\pctvvbi.sys
2008-06-24 19:27 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-06-24 19:25 . 2008-06-24 19:25 <REP> d-------- C:\Pinnacle
2008-06-24 19:08 . 2008-06-24 19:10 455 --a------ C:\WINDOWS\VFO.VST
2008-06-24 19:08 . 2008-06-24 19:08 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-06-24 19:07 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-24 18:52 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-06-24 18:52 . 2008-06-24 19:44 1,196 --a------ C:\WINDOWS\VFO.INI
2008-06-24 18:51 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-24 18:46 . 2008-06-24 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-06-24 18:44 . 2008-06-24 19:43 <REP> d-------- C:\Program Files\Pinnacle
2008-06-24 18:44 . 2008-06-24 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2008-06-24 16:40 . 2004-10-11 11:28 671,744 --a------ C:\WINDOWS\system32\DolbyHph.dll
2008-06-24 16:40 . 2004-11-12 16:01 60,416 --a------ C:\WINDOWS\system32\DSETUP.dll
2008-06-24 16:40 . 2004-12-13 09:44 14,848 --a------ C:\WINDOWS\system32\drivers\nvndis.sys
2008-06-24 16:40 . 2004-10-11 11:28 9,856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-06-18 12:49 . 2008-06-18 12:49 268 --ah----- C:\sqmdata06.sqm
2008-06-18 12:49 . 2008-06-18 12:49 244 --ah----- C:\sqmnoopt06.sqm
2008-06-15 11:25 . 2008-06-15 11:25 <REP> d-------- C:\Program Files\VintaSoft
2008-06-15 11:10 . 2008-06-15 11:12 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-15 10:59 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-15 10:59 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-15 10:59 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-15 10:59 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-15 10:59 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-15 10:59 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-15 10:59 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-15 10:59 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-15 10:59 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-13 11:54 . 2008-06-13 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\Yahoo!
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-06-12 22:21 . 2008-06-12 22:21 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Malwarebytes
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-11 20:25 . 2008-06-11 20:25 <REP> d-------- C:\WINDOWS\Sun
2008-06-11 16:48 . 2008-06-29 15:01 672 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-11 16:21 . 2008-06-30 21:36 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-06-11 15:55 . 2008-06-11 15:55 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2008-06-11 15:32 . 2008-06-13 11:49 <REP> d-------- C:\Program Files\Trend Micro
2008-06-11 14:13 . 2008-06-30 02:32 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:13 . 2008-06-30 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 13:59 . 2008-06-30 22:01 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-11 13:04 . 2008-06-11 15:23 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-06-11 12:38 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-11 12:38 . 2008-06-11 12:38 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-06-11 12:38 . 2008-06-13 11:49 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-11 12:22 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-06-11 12:22 . 2008-06-11 15:55 <REP> d-------- C:\Documents and Settings\Administrateur
2008-06-11 12:16 . 2008-06-11 18:56 <REP> d-------- C:\Program Files\LabelCommand
2008-06-11 11:18 . 2008-06-11 13:33 0 --a------ C:\WINDOWS\system32\ieupdates.exe.tmp
2008-06-11 01:04 . 2008-06-11 01:04 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-06-10 19:31 . 2008-06-10 19:31 <REP> d-------- C:\MenuGEO
2008-06-10 19:31 . 2008-02-12 08:39 48 --a------ C:\WINDOWS\camsad.ini
2008-06-10 19:24 . 2008-06-10 19:28 <REP> d-------- C:\Program Files\@Last Software
2008-06-10 19:18 . 2008-06-10 19:18 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-06-09 10:12 . 2008-06-09 10:12 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\ItsLabel
2008-06-09 10:12 . 2008-06-09 10:12 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-06-08 20:58 . 2008-06-09 22:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DivX
2008-06-08 20:55 . 2008-06-24 19:44 <REP> d-------- C:\Program Files\DivX
2008-06-08 20:54 . 2008-06-08 20:54 <REP> d-------- C:\Program Files\EoRezo
2008-06-08 20:54 . 2008-06-11 17:50 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\EoRezo
2008-06-08 18:27 . 2008-06-08 18:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Talkback
2008-06-08 18:27 . 2008-06-08 18:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-08 18:22 . 2008-06-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-06 01:03 . 2008-06-17 22:43 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\dvdcss
2008-06-04 21:26 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia Multimedia Player
2008-06-04 21:06 . 2008-06-04 21:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-04 21:03 . 2008-06-04 21:03 <REP> d-------- C:\Program Files\DIFX
2008-06-04 21:03 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-06-04 21:02 . 2008-06-04 21:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\PC Suite
2008-06-04 21:02 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-06-04 21:02 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-06-04 21:02 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-06-04 21:02 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-06-04 21:01 . 2008-06-04 21:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-06-04 16:19 . 2008-06-04 16:19 <REP> d-------- C:\Live!Cam
2008-06-04 14:08 . 2008-06-04 14:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-04 00:58 . 2008-06-04 00:58 268 --ah----- C:\sqmdata05.sqm
2008-06-04 00:58 . 2008-06-04 00:58 244 --ah----- C:\sqmnoopt05.sqm
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\DNA
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\BitTorrent
2008-06-03 23:16 . 2008-06-30 23:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DNA
2008-06-03 23:16 . 2008-06-28 20:14 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\BitTorrent
2008-06-03 22:17 . 2008-06-25 15:47 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\LimeWire
2008-06-03 21:49 . 2008-06-03 21:50 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-06-03 21:45 . 2008-06-04 00:59 <REP> d-------- C:\Documents and Settings\salima moulti\Contacts
2008-06-03 21:27 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Sun
2008-06-03 21:27 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-03 21:25 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Java
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-30 19:36 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-06-27 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-24 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 15:50 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 15:47 --------- d-----w C:\Program Files\epson
2008-06-02 12:40 --------- d-----w C:\Program Files\MSBuild
2008-06-02 12:40 --------- d-----w C:\Program Files\Microsoft Works
2008-06-02 12:23 --------- d-----w C:\Program Files\Synaptics
2008-06-02 12:22 --------- d-----w C:\Program Files\Intel
2008-06-02 12:21 --------- d-----w C:\Program Files\AvRack
2008-06-02 12:21 --------- d-----w C:\Program Files\Avance Sound Manager
2008-06-02 12:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 12:08 --------- d-----w C:\Program Files\Services en ligne
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{018B27FF-E05F-4CB5-8763-540CB3FD457A}]
2008-06-28 20:22 26112 --a------ C:\WINDOWS\system32\geBrpppm.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03911DE4-E10B-4917-9894-EF1038CD104A}]
C:\WINDOWS\system32\rqRJDtSj.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5CA34395-BD83-4DC2-B2E8-1A7BE446E369}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101}]
2008-06-30 21:28 103424 --a------ C:\WINDOWS\system32\jqmpyh.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:54 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-08 18:22 68856]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-06-03 23:16 289088]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"1c1f6341"="C:\WINDOWS\system32\tfldhwpj.dll" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"BM1f2c50dd"="C:\WINDOWS\system32\rpgimabv.dll" [2008-06-30 21:26 91136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{018B27FF-E05F-4CB5-8763-540CB3FD457A}"= C:\WINDOWS\system32\geBrpppm.dll [2008-06-28 20:22 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geBrpppm]
geBrpppm.dll 2008-06-28 20:22 26112 C:\WINDOWS\system32\geBrpppm.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
--a------ 2001-09-04 03:24 28672 C:\WINDOWS\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
--a------ 2002-03-12 04:30 286720 C:\WINDOWS\system32\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-04 01:54 15360 C:\WINDOWS\system32\CTFMON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX5000 Series]
--a------ 2006-02-14 06:00 131072 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
C:\Program Files\ItsLabel\ItsMedia\ItsTV.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter]
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2008-01-15 20:48 569344 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"ServiceLayer"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"gusvc"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"aspnet_state"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplicat-ions\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
S3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 19:52]
S3 rtl8180;%RTL8180.Service.DispName%;C:\WINDOWS\system32\DRIVERS\MA521nd5.SYS [2003-04-16 13:53]
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 08:57]
S3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 06:45]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-30 20:46:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
Bonjour,
Voila j'ai un probleme avec ma connexion internet, la page passe un temps fou à se charger d'ailleurs elle ne charge meme pas, en mode sans echec la connexion se passe trés bien (rapide). Quand j'essaye de me connecter à ce forum j y arrive bien mais quand j'essaye d'aller sur ma boite mail Yahoo cela est impossible!!!
Je ne comprends pas la cause. Je vous en prie aidez moi.
VOICI le rapport Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 21:36, on 2008-06-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {018B27FF-E05F-4CB5-8763-540CB3FD457A} - C:\WINDOWS\system32\geBrpppm.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {03911DE4-E10B-4917-9894-EF1038CD104A} - C:\WINDOWS\system32\rqRJDtSj.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9352FD23-F873-40A9-B127-6B752B6308BC} - C:\WINDOWS\system32\cbXRIawT.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: {101afcd7-257c-a8aa-3ce4-cc6da96cc5ae} - {ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101} - C:\WINDOWS\system32\jqmpyh.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [1c1f6341] rundll32.exe "C:\WINDOWS\system32\tfldhwpj.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BM1f2c50dd] Rundll32.exe "C:\WINDOWS\system32\rpgimabv.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4079] command /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8282] cmd /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB2250] command /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4311] cmd /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: geBrpppm - C:\WINDOWS\SYSTEM32\geBrpppm.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
ComboFix 08-06-20.4 - salima moulti 2008-06-30 23:02:43.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.490 [GMT 2:00]
Endroit: C:\Documents and Settings\salima moulti\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cbXRIawT.dll
C:\WINDOWS\system32\jpwhdlft.ini
C:\WINDOWS\system32\jStDJRqr.ini
C:\WINDOWS\system32\jStDJRqr.ini2
C:\WINDOWS\system32\TwaIRXbc.ini
C:\WINDOWS\system32\TwaIRXbc.ini2
C:\WINDOWS\system32\xioxadqm.ini
.
---- Previous Run -------
.
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\pWHhQqru.ini
C:\WINDOWS\system32\pWHhQqru.ini2
C:\WINDOWS\system32\urqQhHWp.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))))))))
.
2008-06-30 21:28 . 2008-06-30 21:28 103,424 --a------ C:\WINDOWS\system32\vovivqur.dll
2008-06-30 21:28 . 2008-06-30 21:28 103,424 --a------ C:\WINDOWS\system32\jqmpyh.dll
2008-06-30 21:26 . 2008-06-30 21:26 91,136 --a------ C:\WINDOWS\system32\rpgimabv.dll
2008-06-30 10:56 . 2008-06-30 10:56 95 --a------ C:\WINDOWS\wininit.ini
2008-06-30 02:35 . 2008-06-30 10:56 <REP> d-------- C:\Program Files\a-squared Free
2008-06-30 01:31 . 2008-06-30 01:31 <REP> d-------- C:\Program Files\Lavasoft
2008-06-30 01:31 . 2008-06-30 22:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Lavasoft
2008-06-30 01:31 . 2008-06-30 01:31 82,432 --a------ C:\WINDOWS\system32\mqdaxoix.dll
2008-06-30 01:29 . 2008-06-30 01:29 103,424 --a------ C:\WINDOWS\system32\irundlbe.dll
2008-06-30 01:29 . 2008-06-30 01:29 103,424 --a------ C:\WINDOWS\system32\blnete.dll
2008-06-30 01:29 . 2008-06-30 01:29 90,624 --a------ C:\WINDOWS\system32\errvqvte.dll
2008-06-30 00:55 . 2008-06-30 00:56 294 ---hs---- C:\WINDOWS\system32\bnhtxlqy.ini
2008-06-30 00:55 . 2008-06-30 00:55 0 --a------ C:\WINDOWS\BM1f2c50dd.xml
2008-06-29 14:25 . 2008-06-29 14:25 <REP> d-------- C:\Program Files\Avira
2008-06-28 20:48 . 2008-06-29 14:09 <REP> d-------- C:\QUARANTINE
2008-06-28 20:29 . 2008-06-28 20:29 103,424 --a------ C:\WINDOWS\system32\ukiube.dll
2008-06-28 20:29 . 2008-06-28 20:29 103,424 --a------ C:\WINDOWS\system32\nyhwmida.dll
2008-06-28 20:27 . 2008-06-28 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Cisco Systems
2008-06-28 20:27 . 2006-12-19 15:06 1,495,552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll
2008-06-28 20:22 . 2008-06-28 20:22 26,112 --a------ C:\WINDOWS\system32\geBrpppm.dll
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-25 00:32 . 2008-06-25 00:32 82,928 --a------ C:\IMG_1258.JPG
2008-06-24 19:28 . 2002-11-11 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\pctvvbi.sys
2008-06-24 19:27 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-06-24 19:25 . 2008-06-24 19:25 <REP> d-------- C:\Pinnacle
2008-06-24 19:08 . 2008-06-24 19:10 455 --a------ C:\WINDOWS\VFO.VST
2008-06-24 19:08 . 2008-06-24 19:08 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-06-24 19:07 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-24 18:52 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-06-24 18:52 . 2008-06-24 19:44 1,196 --a------ C:\WINDOWS\VFO.INI
2008-06-24 18:51 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-24 18:46 . 2008-06-24 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-06-24 18:44 . 2008-06-24 19:43 <REP> d-------- C:\Program Files\Pinnacle
2008-06-24 18:44 . 2008-06-24 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2008-06-24 16:40 . 2004-10-11 11:28 671,744 --a------ C:\WINDOWS\system32\DolbyHph.dll
2008-06-24 16:40 . 2004-11-12 16:01 60,416 --a------ C:\WINDOWS\system32\DSETUP.dll
2008-06-24 16:40 . 2004-12-13 09:44 14,848 --a------ C:\WINDOWS\system32\drivers\nvndis.sys
2008-06-24 16:40 . 2004-10-11 11:28 9,856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-06-18 12:49 . 2008-06-18 12:49 268 --ah----- C:\sqmdata06.sqm
2008-06-18 12:49 . 2008-06-18 12:49 244 --ah----- C:\sqmnoopt06.sqm
2008-06-15 11:25 . 2008-06-15 11:25 <REP> d-------- C:\Program Files\VintaSoft
2008-06-15 11:10 . 2008-06-15 11:12 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-15 10:59 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-15 10:59 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-15 10:59 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-15 10:59 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-15 10:59 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-15 10:59 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-15 10:59 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-15 10:59 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-15 10:59 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-13 11:54 . 2008-06-13 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\Yahoo!
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-06-12 22:21 . 2008-06-12 22:21 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Malwarebytes
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-11 20:25 . 2008-06-11 20:25 <REP> d-------- C:\WINDOWS\Sun
2008-06-11 16:48 . 2008-06-29 15:01 672 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-11 16:21 . 2008-06-30 21:36 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-06-11 15:55 . 2008-06-11 15:55 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2008-06-11 15:32 . 2008-06-13 11:49 <REP> d-------- C:\Program Files\Trend Micro
2008-06-11 14:13 . 2008-06-30 02:32 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:13 . 2008-06-30 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 13:59 . 2008-06-30 22:01 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-11 13:04 . 2008-06-11 15:23 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-06-11 12:38 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-11 12:38 . 2008-06-11 12:38 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-06-11 12:38 . 2008-06-13 11:49 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-11 12:22 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-06-11 12:22 . 2008-06-11 15:55 <REP> d-------- C:\Documents and Settings\Administrateur
2008-06-11 12:16 . 2008-06-11 18:56 <REP> d-------- C:\Program Files\LabelCommand
2008-06-11 11:18 . 2008-06-11 13:33 0 --a------ C:\WINDOWS\system32\ieupdates.exe.tmp
2008-06-11 01:04 . 2008-06-11 01:04 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-06-10 19:31 . 2008-06-10 19:31 <REP> d-------- C:\MenuGEO
2008-06-10 19:31 . 2008-02-12 08:39 48 --a------ C:\WINDOWS\camsad.ini
2008-06-10 19:24 . 2008-06-10 19:28 <REP> d-------- C:\Program Files\@Last Software
2008-06-10 19:18 . 2008-06-10 19:18 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-06-09 10:12 . 2008-06-09 10:12 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\ItsLabel
2008-06-09 10:12 . 2008-06-09 10:12 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-06-08 20:58 . 2008-06-09 22:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DivX
2008-06-08 20:55 . 2008-06-24 19:44 <REP> d-------- C:\Program Files\DivX
2008-06-08 20:54 . 2008-06-08 20:54 <REP> d-------- C:\Program Files\EoRezo
2008-06-08 20:54 . 2008-06-11 17:50 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\EoRezo
2008-06-08 18:27 . 2008-06-08 18:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Talkback
2008-06-08 18:27 . 2008-06-08 18:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-08 18:22 . 2008-06-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-06 01:03 . 2008-06-17 22:43 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\dvdcss
2008-06-04 21:26 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia Multimedia Player
2008-06-04 21:06 . 2008-06-04 21:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-04 21:03 . 2008-06-04 21:03 <REP> d-------- C:\Program Files\DIFX
2008-06-04 21:03 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-06-04 21:02 . 2008-06-04 21:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\PC Suite
2008-06-04 21:02 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-06-04 21:02 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-06-04 21:02 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-06-04 21:02 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-06-04 21:01 . 2008-06-04 21:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-06-04 16:19 . 2008-06-04 16:19 <REP> d-------- C:\Live!Cam
2008-06-04 14:08 . 2008-06-04 14:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-04 00:58 . 2008-06-04 00:58 268 --ah----- C:\sqmdata05.sqm
2008-06-04 00:58 . 2008-06-04 00:58 244 --ah----- C:\sqmnoopt05.sqm
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\DNA
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\BitTorrent
2008-06-03 23:16 . 2008-06-30 23:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DNA
2008-06-03 23:16 . 2008-06-28 20:14 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\BitTorrent
2008-06-03 22:17 . 2008-06-25 15:47 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\LimeWire
2008-06-03 21:49 . 2008-06-03 21:50 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-06-03 21:45 . 2008-06-04 00:59 <REP> d-------- C:\Documents and Settings\salima moulti\Contacts
2008-06-03 21:27 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Sun
2008-06-03 21:27 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-03 21:25 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Java
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-30 19:36 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-06-27 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-24 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 15:50 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 15:47 --------- d-----w C:\Program Files\epson
2008-06-02 12:40 --------- d-----w C:\Program Files\MSBuild
2008-06-02 12:40 --------- d-----w C:\Program Files\Microsoft Works
2008-06-02 12:23 --------- d-----w C:\Program Files\Synaptics
2008-06-02 12:22 --------- d-----w C:\Program Files\Intel
2008-06-02 12:21 --------- d-----w C:\Program Files\AvRack
2008-06-02 12:21 --------- d-----w C:\Program Files\Avance Sound Manager
2008-06-02 12:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 12:08 --------- d-----w C:\Program Files\Services en ligne
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{018B27FF-E05F-4CB5-8763-540CB3FD457A}]
2008-06-28 20:22 26112 --a------ C:\WINDOWS\system32\geBrpppm.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03911DE4-E10B-4917-9894-EF1038CD104A}]
C:\WINDOWS\system32\rqRJDtSj.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5CA34395-BD83-4DC2-B2E8-1A7BE446E369}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101}]
2008-06-30 21:28 103424 --a------ C:\WINDOWS\system32\jqmpyh.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:54 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-08 18:22 68856]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-06-03 23:16 289088]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"1c1f6341"="C:\WINDOWS\system32\tfldhwpj.dll" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"BM1f2c50dd"="C:\WINDOWS\system32\rpgimabv.dll" [2008-06-30 21:26 91136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{018B27FF-E05F-4CB5-8763-540CB3FD457A}"= C:\WINDOWS\system32\geBrpppm.dll [2008-06-28 20:22 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geBrpppm]
geBrpppm.dll 2008-06-28 20:22 26112 C:\WINDOWS\system32\geBrpppm.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
--a------ 2001-09-04 03:24 28672 C:\WINDOWS\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
--a------ 2002-03-12 04:30 286720 C:\WINDOWS\system32\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-04 01:54 15360 C:\WINDOWS\system32\CTFMON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX5000 Series]
--a------ 2006-02-14 06:00 131072 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
C:\Program Files\ItsLabel\ItsMedia\ItsTV.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter]
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2008-01-15 20:48 569344 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"ServiceLayer"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"gusvc"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"aspnet_state"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplicat-ions\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
S3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 19:52]
S3 rtl8180;%RTL8180.Service.DispName%;C:\WINDOWS\system32\DRIVERS\MA521nd5.SYS [2003-04-16 13:53]
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 08:57]
S3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 06:45]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-30 20:46:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
A voir également:
- Rapport Hijackthis et combofix aidez moi svp
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
2 réponses
Salut
ta version de hijackthis est un peu depassée !
Télécharge ceci :
Lien : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Tuto : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
ta version de hijackthis est un peu depassée !
Télécharge ceci :
Lien : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Tuto : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:46, on 2008-07-01
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [1c1f6341] rundll32.exe "C:\WINDOWS\system32\ucpoyrym.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BM1f2c50dd] Rundll32.exe "C:\WINDOWS\system32\qgaiewju.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe