Problème Pub ImtempestiveFermé

Question

Bonjour,

J'ai un problème de pub imtempestive sous Internet Explorer et Mozilla Firefox
Voici mon rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49:30, on 22/08/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\System32undll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skra\Skra.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32undll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\The Foufoun&\Documents\Mes fichiers reçus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ol.fr/fr-FR/prehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skra] C:\Program Files\Skra\Skra.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Magic-i Visual Effects.lnk = C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin
pjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin
pjpi160_01.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

mermo · Answer

bonjour quel est ton anti virus?

The Foufoun& · Answer

Mon Anti Virus est "NOD32 antivirus"

sKe69 · Answer

salut,

Edit :

1-Vas dans panneau de config/ajout et suppression de prg . 
regardes dans la listes si tu trouves un prg comme : " CID Help ", "Circle Developement" ou 
"Adverts" --->si ils s'y trouvent , supprimes les 

2-Télécharges Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Double clik sur sur l'.exe que tu viens de télécharger pour lancer l'instale .

Une fois l'instalation faite, click droit sur le raccourci et choisis " exécuter entant qu' admin..." .  

Là,laisses toi guider: 
--->choisis l'option 1 (recherche) et valides.

(Tu ne fais pas l'option de nettoyage ( 2 ou 3) ).
 
Une fois le scan terminer ,le Bloc-Notes contenant le rapport va s'ouvrir.
Postes ce rapport dans ta prochaine réponse pour analyse .

Tuto : https://sites.google.com/site/eric71mespages/lop.sd.exe

The Foufoun& · Answer

Reponse à sKe69


 --------------------\  Lop S&D 4.2.3-3   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6000 ) 
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU     T7100  @ 1.80GHz )
   Ver 1.00PARTTBL
   BOOT : Normal boot

   "C:\Lop SD" ( MAJ : 21-08-2008|11:16 )
   Option : [1] ( 22/08/2008|14:32 )

   [ UAC => 0 ]
 
   --------------------\  Listing des dossiers dans Local  

   [14/08/2008|22:53] C:\Users\THEFOU~1\AppData\Local\Adobe
   [10/07/2008|15:58] C:\Users\THEFOU~1\AppData\Local\Apple
   [06/08/2008|23:36] C:\Users\THEFOU~1\AppData\Local\Apple Computer
   [10/07/2008|13:18] C:\Users\THEFOU~1\AppData\Local\Application Data 
   [18/08/2008|13:59] C:\Users\THEFOU~1\AppData\Local\d3d8caps.dat
   [18/08/2008|12:53] C:\Users\THEFOU~1\AppData\Local\d3d9caps.dat
   [18/08/2008|23:13] C:\Users\THEFOU~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [13/07/2008|12:58] C:\Users\THEFOU~1\AppData\Local\eMule
   [14/08/2008|15:56] C:\Users\THEFOU~1\AppData\Local\ESET
   [17/08/2008|19:40] C:\Users\THEFOU~1\AppData\Local\GDIPFONTCACHEV1.DAT
   [10/07/2008|13:25] C:\Users\THEFOU~1\AppData\Local\Google
   [10/07/2008|13:18] C:\Users\THEFOU~1\AppData\Local\Historique 
   [14/08/2008|01:44] C:\Users\THEFOU~1\AppData\Local\Microsoft
   [15/08/2008|19:56] C:\Users\THEFOU~1\AppData\Local\Microsoft Games
   [17/08/2007|15:33] C:\Users\THEFOU~1\AppData\Local\Microsoft Help
   [13/08/2008|00:33] C:\Users\THEFOU~1\AppData\Local\Mozilla
   [09/08/2008|10:29] C:\Users\THEFOU~1\AppData\Local\Real
   [17/08/2007|15:37] C:\Users\THEFOU~1\AppData\Local\Seven Zip
   [14/07/2008|00:14] C:\Users\THEFOU~1\AppData\Local\Sony Corporation
   [20/07/2008|10:09] C:\Users\THEFOU~1\AppData\Local\Symantec_Corporation
   [22/08/2008|14:29] C:\Users\THEFOU~1\AppData\Local\Temp
   [10/07/2008|13:18] C:\Users\THEFOU~1\AppData\Local\Temporary Internet Files 
   [10/07/2008|14:40] C:\Users\THEFOU~1\AppData\Local\VirtualStore
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [22/08/2008 12:20][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{F13707C0-F9E2-4D5A-9B33-6063F69A6BFF}.job
   [22/08/2008 14:20][--ah-----] C:\Windows	asks\SA.DAT
   [22/08/2008 14:10][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [17/08/2007|15:37] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
   [17/07/2008|12:11] C:\ProgramData\Adobe
   [10/07/2008|15:57] C:\ProgramData\Apple
   [10/07/2008|16:01] C:\ProgramData\Apple Computer
   [02/11/2006|15:02] C:\ProgramData\Application Data 
   [12/08/2008|11:10] C:\ProgramData\BM7bd2a322.txt
   [14/08/2008|16:54] C:\ProgramData\BM7bd2a322.xml
   [17/08/2007|12:10] C:\ProgramData\Bureau 
   [02/11/2006|15:02] C:\ProgramData\Desktop 
   [02/11/2006|15:02] C:\ProgramData\Documents 
   [13/07/2008|12:59] C:\ProgramData\eMule
   [14/08/2008|15:38] C:\ProgramData\ESET
   [17/08/2007|12:10] C:\ProgramData\Favoris 
   [02/11/2006|15:02] C:\ProgramData\Favorites 
   [17/08/2007|15:43] C:\ProgramData\Google
   [17/08/2007|12:10] C:\ProgramData\Menu D‚marrer 
   [13/07/2008|20:40] C:\ProgramData\Messenger Plus!
   [16/07/2008|19:32] C:\ProgramData\Microsoft
   [20/08/2008|13:19] C:\ProgramData\Microsoft Help
   [17/08/2007|12:10] C:\ProgramData\ModŠles 
   [14/08/2008|16:57] C:\ProgramData\pskt.ini
   [09/08/2008|10:29] C:\ProgramData\Real
   [08/09/2007|03:38] C:\ProgramData\Skype
   [08/09/2007|03:37] C:\ProgramData\Sonic
   [17/08/2007|15:40] C:\ProgramData\Sony
   [18/07/2008|13:28] C:\ProgramData\Sony Corporation
   [14/08/2008|14:21] C:\ProgramData\Spybot - Search & Destroy
   [02/11/2006|15:02] C:\ProgramData\Start Menu 
   [15/08/2008|21:11] C:\ProgramData\Symantec
   [02/11/2006|15:02] C:\ProgramData\Templates 
   [08/09/2007|03:48] C:\ProgramData\VAIO Media Platform
   [10/07/2008|15:05] C:\ProgramData\WLInstaller

   --------------------\  Listing des dossiers dans C:\Program Files

   [17/08/2007|15:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
   [13/07/2008|14:11] C:\Program Files\Adobe
   [10/07/2008|15:58] C:\Program Files\Apple Software Update
   [08/09/2007|03:33] C:\Program Files\ArcSoft
   [18/07/2008|16:11] C:\Program Files\AviSynth 2.5
   [17/08/2007|15:40] C:\Program Files\BFG
   [10/07/2008|16:00] C:\Program Files\Bonjour
   [14/08/2008|16:59] C:\Program Files\Common Files
   [10/07/2008|12:06] C:\Program Files\CONEXANT
   [14/07/2008|09:49] C:\Program Files\desktop.ini
   [17/08/2007|15:40] C:\Program Files\DivX
   [08/09/2007|03:58] C:\Program Files\Documentation
   [19/08/2008|20:11] C:\Program Files\EA GAMES
   [17/08/2008|12:01] C:\Program Files\eMule
   [14/08/2008|15:38] C:\Program Files\ESET
   [17/08/2007|12:10] C:\Program Files\Fichiers communs [Y:\Program Files\Common Files]
   [17/08/2007|15:43] C:\Program Files\Google
   [17/08/2007|15:42] C:\Program Files\Google BAE
   [15/07/2008|17:25] C:\Program Files\GTA3Mods
   [17/08/2007|14:29] C:\Program Files\IDT
   [13/07/2008|14:17] C:\Program Files\InstallShield Installation Information
   [17/08/2007|15:43] C:\Program Files\Intel
   [16/08/2008|11:56] C:\Program Files\Internet Explorer
   [08/09/2007|04:01] C:\Program Files\InterVideo
   [07/08/2008|13:13] C:\Program Files\iPod
   [07/08/2008|13:13] C:\Program Files\iTunes
   [17/08/2007|15:45] C:\Program Files\Java
   [09/08/2008|10:29] C:\Program Files\K-Lite Codec Pack
   [13/07/2008|14:03] C:\Program Files\Lecteur CANALPLAY
   [13/07/2008|12:53] C:\Program Files\LimeWire
   [10/07/2008|15:35] C:\Program Files\Messenger Plus! Live
   [14/07/2008|03:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [17/08/2008|19:05] C:\Program Files\Microsoft Games
   [17/08/2007|15:42] C:\Program Files\Microsoft Office
   [17/08/2007|15:42] C:\Program Files\Microsoft Works
   [17/08/2007|15:35] C:\Program Files\Microsoft.NET
   [11/08/2008|22:47] C:\Program Files\Mjcore
   [02/11/2006|14:42] C:\Program Files\Movie Maker
   [20/08/2008|13:44] C:\Program Files\Mozilla Firefox
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [02/11/2006|14:37] C:\Program Files\MSN
   [17/08/2007|13:55] C:\Program Files\MSXML 4.0
   [15/08/2008|01:41] C:\Program Files\Neuf
   [14/08/2008|01:18] C:\Program Files\Norton Save and Restore
   [17/08/2007|15:42] C:\Program Files\Picasa2
   [10/07/2008|15:59] C:\Program Files\QuickTime
   [17/08/2007|14:21] C:\Program Files\Realtek
   [18/07/2008|16:10] C:\Program Files\Red Kawa
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [16/07/2008|19:45] C:\Program Files\Rockstar Games
   [08/09/2007|03:36] C:\Program Files\Roxio
   [11/08/2008|22:57] C:\Program Files\Skra
   [08/09/2007|03:38] C:\Program Files\Skype
   [08/09/2007|04:14] C:\Program Files\Sony
   [14/08/2008|14:22] C:\Program Files\Spybot - Search & Destroy
   [17/08/2007|14:41] C:\Program Files\Synaptics
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [11/08/2008|22:52] C:\Program Files\Webtools
   [17/08/2007|14:34] C:\Program Files\WIDCOMM
   [19/07/2008|03:06] C:\Program Files\Windows Calendar
   [02/11/2006|14:42] C:\Program Files\Windows Collaboration
   [17/08/2007|13:58] C:\Program Files\Windows Defender
   [02/11/2006|14:42] C:\Program Files\Windows Journal
   [10/07/2008|15:16] C:\Program Files\Windows Live
   [16/08/2008|11:56] C:\Program Files\Windows Mail
   [14/07/2008|09:43] C:\Program Files\Windows Media Player
   [17/08/2007|12:10] C:\Program Files\Windows NT
   [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
   [14/07/2008|09:42] C:\Program Files\Windows Sidebar
   [19/08/2008|20:51] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [13/07/2008|14:09] C:\Program Files\Common Files\Adobe
   [10/07/2008|15:57] C:\Program Files\Common Files\Apple
   [17/08/2007|15:35] C:\Program Files\Common Files\DESIGNER
   [08/09/2007|03:33] C:\Program Files\Common Files\InstallShield
   [08/09/2007|04:01] C:\Program Files\Common Files\InterVideo
   [17/08/2007|15:45] C:\Program Files\Common Files\Java
   [12/08/2008|02:39] C:\Program Files\Common Files\microsoft shared
   [17/08/2007|15:40] C:\Program Files\Common Files\PX Storage Engine
   [08/09/2007|03:36] C:\Program Files\Common Files\Roxio Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [08/09/2007|03:38] C:\Program Files\Common Files\Skype
   [08/09/2007|03:36] C:\Program Files\Common Files\Sonic Shared
   [08/09/2007|03:48] C:\Program Files\Common Files\Sony Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [15/08/2008|21:11] C:\Program Files\Common Files\Symantec Shared
   [17/08/2007|13:59] C:\Program Files\Common Files\System
   [10/07/2008|14:21] C:\Program Files\Common Files\WindowsLiveInstaller

   --------------------\  Process

   ( 78 Processus )

   iexplore.exe ~ [PID:4556] ~ [Threads:18]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\Windows\system32\drivers\etc\hosts.msn
   C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@advertstream[2].txt
   C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@advertising[1].txt
   C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@adopt.euroclick[1].txt
   C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@pacificpoker[2].txt
   C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@32vegas[1].txt
   C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@banner.32vegas[2].txt
   C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@888[1].txt
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-22 14:27:01
   Windows 6.0.6000  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-22 14:32:18
   Windows 6.0.6000  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 14
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\THEFOU~1\AppData\Roaming\Microsoft\Windows\Cookies	he_foufoun&@crackserialkeygen[1].txt
   C:\Users\THEFOU~1\AppData\Roaming\Microsoft\Windows\Recent\357571@cracknocd.lnk


   [F:148][D:16]-> C:\Users\THEFOU~1\AppData\Local\Temp
   [F:287][D:1]-> C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:3060][D:8]-> C:\Users\THEFOU~1\AppData\Local\MICROS~2\Windows\TEMPOR~1\content.IE5
   [F:99][D:6]-> C:\$Recycle.Bin

   --------------------\  Fin du rapport a 14:33:58
   [ UAC => 1 ]

sKe69 · Answer

très bien ... la suite :


Relances Lop S&D : click droit sur le raccourci et choisis " exécuter entant qu' admin..." .  

Là,laisses toi guider: 
--->choisis l'option 3 (Nettoyage) et valides.

Une fois le scan terminer ,le Bloc-Notes contenant le rapport va s'ouvrir.
Postes ce rapport dans ta prochaine réponse pour analyse et attends la suite ...

The Foufoun& · Answer

Pour sKe69


   --------------------\  Lop S&D 4.2.3-3   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6000 ) 
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU     T7100  @ 1.80GHz )
   Ver 1.00PARTTBL
   BOOT : Normal boot

   "C:\Lop SD" ( MAJ : 21-08-2008|11:16 )
   Option : [3] ( 22/08/2008|14:41 )

   [ UAC => 1 ]


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\Windows\system32\drivers\etc\hosts.msn
   Supprime! - C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@advertstream[2].txt
   Supprime! - C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@advertising[1].txt
   Supprime! - C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@adopt.euroclick[1].txt
   Supprime! - C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@pacificpoker[2].txt
   Supprime! - C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@32vegas[1].txt
   Supprime! - C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@banner.32vegas[2].txt
   Supprime! - C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies	he_foufoun&@888[1].txt
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans Local  

   [14/08/2008|22:53] C:\Users\THEFOU~1\AppData\Local\Adobe
   [10/07/2008|15:58] C:\Users\THEFOU~1\AppData\Local\Apple
   [06/08/2008|23:36] C:\Users\THEFOU~1\AppData\Local\Apple Computer
   [10/07/2008|13:18] C:\Users\THEFOU~1\AppData\Local\Application Data 
   [18/08/2008|13:59] C:\Users\THEFOU~1\AppData\Local\d3d8caps.dat
   [18/08/2008|12:53] C:\Users\THEFOU~1\AppData\Local\d3d9caps.dat
   [18/08/2008|23:13] C:\Users\THEFOU~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [13/07/2008|12:58] C:\Users\THEFOU~1\AppData\Local\eMule
   [14/08/2008|15:56] C:\Users\THEFOU~1\AppData\Local\ESET
   [17/08/2008|19:40] C:\Users\THEFOU~1\AppData\Local\GDIPFONTCACHEV1.DAT
   [10/07/2008|13:25] C:\Users\THEFOU~1\AppData\Local\Google
   [10/07/2008|13:18] C:\Users\THEFOU~1\AppData\Local\Historique 
   [14/08/2008|01:44] C:\Users\THEFOU~1\AppData\Local\Microsoft
   [15/08/2008|19:56] C:\Users\THEFOU~1\AppData\Local\Microsoft Games
   [17/08/2007|15:33] C:\Users\THEFOU~1\AppData\Local\Microsoft Help
   [13/08/2008|00:33] C:\Users\THEFOU~1\AppData\Local\Mozilla
   [09/08/2008|10:29] C:\Users\THEFOU~1\AppData\Local\Real
   [17/08/2007|15:37] C:\Users\THEFOU~1\AppData\Local\Seven Zip
   [14/07/2008|00:14] C:\Users\THEFOU~1\AppData\Local\Sony Corporation
   [20/07/2008|10:09] C:\Users\THEFOU~1\AppData\Local\Symantec_Corporation
   [22/08/2008|14:42] C:\Users\THEFOU~1\AppData\Local\Temp
   [10/07/2008|13:18] C:\Users\THEFOU~1\AppData\Local\Temporary Internet Files 
   [10/07/2008|14:40] C:\Users\THEFOU~1\AppData\Local\VirtualStore
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [22/08/2008 12:20][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{F13707C0-F9E2-4D5A-9B33-6063F69A6BFF}.job
   [22/08/2008 14:20][--ah-----] C:\Windows	asks\SA.DAT
   [22/08/2008 14:10][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [17/08/2007|15:37] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
   [17/07/2008|12:11] C:\ProgramData\Adobe
   [10/07/2008|15:57] C:\ProgramData\Apple
   [10/07/2008|16:01] C:\ProgramData\Apple Computer
   [02/11/2006|15:02] C:\ProgramData\Application Data 
   [12/08/2008|11:10] C:\ProgramData\BM7bd2a322.txt
   [14/08/2008|16:54] C:\ProgramData\BM7bd2a322.xml
   [17/08/2007|12:10] C:\ProgramData\Bureau 
   [02/11/2006|15:02] C:\ProgramData\Desktop 
   [02/11/2006|15:02] C:\ProgramData\Documents 
   [13/07/2008|12:59] C:\ProgramData\eMule
   [14/08/2008|15:38] C:\ProgramData\ESET
   [17/08/2007|12:10] C:\ProgramData\Favoris 
   [02/11/2006|15:02] C:\ProgramData\Favorites 
   [17/08/2007|15:43] C:\ProgramData\Google
   [17/08/2007|12:10] C:\ProgramData\Menu D‚marrer 
   [13/07/2008|20:40] C:\ProgramData\Messenger Plus!
   [16/07/2008|19:32] C:\ProgramData\Microsoft
   [20/08/2008|13:19] C:\ProgramData\Microsoft Help
   [17/08/2007|12:10] C:\ProgramData\ModŠles 
   [14/08/2008|16:57] C:\ProgramData\pskt.ini
   [09/08/2008|10:29] C:\ProgramData\Real
   [08/09/2007|03:38] C:\ProgramData\Skype
   [08/09/2007|03:37] C:\ProgramData\Sonic
   [17/08/2007|15:40] C:\ProgramData\Sony
   [18/07/2008|13:28] C:\ProgramData\Sony Corporation
   [14/08/2008|14:21] C:\ProgramData\Spybot - Search & Destroy
   [02/11/2006|15:02] C:\ProgramData\Start Menu 
   [15/08/2008|21:11] C:\ProgramData\Symantec
   [02/11/2006|15:02] C:\ProgramData\Templates 
   [08/09/2007|03:48] C:\ProgramData\VAIO Media Platform
   [10/07/2008|15:05] C:\ProgramData\WLInstaller

   --------------------\  Listing des dossiers dans C:\Program Files

   [17/08/2007|15:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
   [13/07/2008|14:11] C:\Program Files\Adobe
   [10/07/2008|15:58] C:\Program Files\Apple Software Update
   [08/09/2007|03:33] C:\Program Files\ArcSoft
   [18/07/2008|16:11] C:\Program Files\AviSynth 2.5
   [17/08/2007|15:40] C:\Program Files\BFG
   [10/07/2008|16:00] C:\Program Files\Bonjour
   [14/08/2008|16:59] C:\Program Files\Common Files
   [10/07/2008|12:06] C:\Program Files\CONEXANT
   [14/07/2008|09:49] C:\Program Files\desktop.ini
   [17/08/2007|15:40] C:\Program Files\DivX
   [08/09/2007|03:58] C:\Program Files\Documentation
   [19/08/2008|20:11] C:\Program Files\EA GAMES
   [17/08/2008|12:01] C:\Program Files\eMule
   [14/08/2008|15:38] C:\Program Files\ESET
   [17/08/2007|12:10] C:\Program Files\Fichiers communs [Y:\Program Files\Common Files]
   [17/08/2007|15:43] C:\Program Files\Google
   [17/08/2007|15:42] C:\Program Files\Google BAE
   [15/07/2008|17:25] C:\Program Files\GTA3Mods
   [17/08/2007|14:29] C:\Program Files\IDT
   [13/07/2008|14:17] C:\Program Files\InstallShield Installation Information
   [17/08/2007|15:43] C:\Program Files\Intel
   [16/08/2008|11:56] C:\Program Files\Internet Explorer
   [08/09/2007|04:01] C:\Program Files\InterVideo
   [07/08/2008|13:13] C:\Program Files\iPod
   [07/08/2008|13:13] C:\Program Files\iTunes
   [17/08/2007|15:45] C:\Program Files\Java
   [09/08/2008|10:29] C:\Program Files\K-Lite Codec Pack
   [13/07/2008|14:03] C:\Program Files\Lecteur CANALPLAY
   [13/07/2008|12:53] C:\Program Files\LimeWire
   [10/07/2008|15:35] C:\Program Files\Messenger Plus! Live
   [14/07/2008|03:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [17/08/2008|19:05] C:\Program Files\Microsoft Games
   [17/08/2007|15:42] C:\Program Files\Microsoft Office
   [17/08/2007|15:42] C:\Program Files\Microsoft Works
   [17/08/2007|15:35] C:\Program Files\Microsoft.NET
   [11/08/2008|22:47] C:\Program Files\Mjcore
   [02/11/2006|14:42] C:\Program Files\Movie Maker
   [20/08/2008|13:44] C:\Program Files\Mozilla Firefox
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [02/11/2006|14:37] C:\Program Files\MSN
   [17/08/2007|13:55] C:\Program Files\MSXML 4.0
   [15/08/2008|01:41] C:\Program Files\Neuf
   [14/08/2008|01:18] C:\Program Files\Norton Save and Restore
   [17/08/2007|15:42] C:\Program Files\Picasa2
   [10/07/2008|15:59] C:\Program Files\QuickTime
   [17/08/2007|14:21] C:\Program Files\Realtek
   [18/07/2008|16:10] C:\Program Files\Red Kawa
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [16/07/2008|19:45] C:\Program Files\Rockstar Games
   [08/09/2007|03:36] C:\Program Files\Roxio
   [11/08/2008|22:57] C:\Program Files\Skra
   [08/09/2007|03:38] C:\Program Files\Skype
   [08/09/2007|04:14] C:\Program Files\Sony
   [14/08/2008|14:22] C:\Program Files\Spybot - Search & Destroy
   [17/08/2007|14:41] C:\Program Files\Synaptics
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [11/08/2008|22:52] C:\Program Files\Webtools
   [17/08/2007|14:34] C:\Program Files\WIDCOMM
   [19/07/2008|03:06] C:\Program Files\Windows Calendar
   [02/11/2006|14:42] C:\Program Files\Windows Collaboration
   [17/08/2007|13:58] C:\Program Files\Windows Defender
   [02/11/2006|14:42] C:\Program Files\Windows Journal
   [10/07/2008|15:16] C:\Program Files\Windows Live
   [16/08/2008|11:56] C:\Program Files\Windows Mail
   [14/07/2008|09:43] C:\Program Files\Windows Media Player
   [17/08/2007|12:10] C:\Program Files\Windows NT
   [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
   [14/07/2008|09:42] C:\Program Files\Windows Sidebar
   [19/08/2008|20:51] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [13/07/2008|14:09] C:\Program Files\Common Files\Adobe
   [10/07/2008|15:57] C:\Program Files\Common Files\Apple
   [17/08/2007|15:35] C:\Program Files\Common Files\DESIGNER
   [08/09/2007|03:33] C:\Program Files\Common Files\InstallShield
   [08/09/2007|04:01] C:\Program Files\Common Files\InterVideo
   [17/08/2007|15:45] C:\Program Files\Common Files\Java
   [12/08/2008|02:39] C:\Program Files\Common Files\microsoft shared
   [17/08/2007|15:40] C:\Program Files\Common Files\PX Storage Engine
   [08/09/2007|03:36] C:\Program Files\Common Files\Roxio Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [08/09/2007|03:38] C:\Program Files\Common Files\Skype
   [08/09/2007|03:36] C:\Program Files\Common Files\Sonic Shared
   [08/09/2007|03:48] C:\Program Files\Common Files\Sony Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [15/08/2008|21:11] C:\Program Files\Common Files\Symantec Shared
   [17/08/2007|13:59] C:\Program Files\Common Files\System
   [10/07/2008|14:21] C:\Program Files\Common Files\WindowsLiveInstaller

   --------------------\  Process

   ( 77 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-22 14:42:16
   Windows 6.0.6000  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 14
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\THEFOU~1\AppData\Roaming\Microsoft\Windows\Cookies	he_foufoun&@crackserialkeygen[1].txt
   C:\Users\THEFOU~1\AppData\Roaming\Microsoft\Windows\Recent\357571@cracknocd.lnk


   [F:150][D:16]-> C:\Users\THEFOU~1\AppData\Local\Temp
   [F:281][D:1]-> C:\Users\THEFOU~1\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:3105][D:8]-> C:\Users\THEFOU~1\AppData\Local\MICROS~2\Windows\TEMPOR~1\content.IE5
   [F:99][D:6]-> C:\$Recycle.Bin

   --------------------\  Fin du rapport a 14:43:50
   [ UAC => 1 ]

sKe69 · Answer

Bien ...

J'ai oublier de préciser quelque chose d'important pour la suite :

protocole à suivre pour  Windows Vista :

*Désactiver le contrôle des comptes utilisateurs ou UAC (le réactiver seulement à la fin de la désinfection) :
 
Aller dans "démarrer" puis "panneau de configuration" : 
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs" 
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
Puis redémarrer le PC quand il le vous saura demandé ...

Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517 


* Important :
Pour installer ou pour lancer les outils, que tu utiliseras au court de la désinfection, fait toujours ainsi :
cliques DROIT ( sur le setup d'installe ou l'outil )-> choisis " Exécuter entant qu'administrateur " .
Fais ce-ci systématiquement ! ...

*********************************** 


1- Télécharges : - CCleaner 
https://www.pcastuces.com/logitheque/ccleaner.htm 
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ). 

Un tuto ( aide ): 
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm 

---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage 
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) . 

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )


2- Télécharges MsnCleaner.zip de ElPiedra et décompresses le sur ton bureau. (Clic droit sur le fichier .zip puis Extraire tout). 

--->https://forospyware.com 

Impératif : Redémarres le PC en Mode sans échec.
Comment aller en Mode sans échec :
1) Redémarres ton ordi 
2) Tapotes la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" 
3) Tu verras un écran avec options de démarrage apparaître 
4) Choisis la première option : Sans Échec, et valide avec "Entrée" 
5) Choisis ton compte habituel , et non administrateur (si besoin ... ) 
 
· Cliques droit/"exécuter entant qu'admin..." sur MsnCleaner.exe pour le lancer. 
· Sous Language, cliques sur la petite flèche et choisis French. 
· Cliques sur le bouton Analyse. 
· A la fin du scan un rapport va être créé. 
· Si l'outil trouve une infection, cliques sur le bouton Supprimer. 
· Redémarres ton PC ( mode normal ).

Postes le rapport C:\MsnCleaner\MsnCleaner.txt dans ta prochaine réponse + un nouveau rapport hijackthis ( fais en mode normal ) et attends la suite ....

The Foufoun& · Answer

Post MSNCleaner :

- Rapport MSNCleaner 1.7.0 by www.forospyware.com
- Rapport créé: 22/08/2008 on 15:15:20
- Système d'exploitation: Windows Vista
- Mode de démarrage: Mode sans échec
_________________________________________

Fichiers détectés: 1
Fichiers supprimés: 1
Fichiers non supprimés: 0

C:\Windows\System32\mcrh.Tmp <--- Supprimé

Fichier Hosts restauré

Post Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:38, on 22/08/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skra\Skra.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\The Foufoun&\Documents\Mes fichiers reçus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ol.fr/fr-FR/prehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skra] C:\Program Files\Skra\Skra.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Magic-i Visual Effects.lnk = C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin
pjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin
pjpi160_01.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

sKe69 · Answer

Très bien , on poursuit : 

( au faite ,  nickel ta page d'acceuille  ^^ )


Télécharges MalwareByte's : 
ici ftp://ftp.commentcamarche.com/download/mbam-setup.exe
ou ici : http://www.malwarebytes.org/mbam.php
 
Installes le ( choisis bien "francais" ; ne modifies pas les paramètres d'installe ) et mets le à jour . 

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

Potasses le tuto pour te familiariser avec le prg : https://forum.pcastuces.com/sujet.asp?f=31&s=3 
( cela dis, il est très simple d'utilisation ).

Impératif : redémarres en mode sans échec : 
Comment aller en Mode sans échec 
1) Redémarres ton ordi 
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" 
3) Tu verras un écran avec options de démarrage apparaître 
4) Choisis la première option : Sans Échec, et valide avec "Entrée" 
5) Choisis ton compte habituel, et non Administrateur (si besoin ... ) 
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
 
Lances Malwarebyte's .

Fais un scan dit "complet" ( sélectionnes bien tout tes disks avant le scan )  et supprimes tout ce qu'il peut trouver, c.a.d :
--->une fois le scan terminé , click sur "résultat" : puis vérifies que tous les objets infectés soient validés, puis click sur " suppression " .

Redémarres ton PC ( mode normal ). 

Postes le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) accompagné d'un nouvel hijackthis ( fait en mode normal ) ...

The Foufoun& · Answer

Scan Malwarebytes


Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1077
Windows 6.0.6000 

16:11:19 22/08/2008
mbam-log-08-22-2008 (16-11-19).txt

Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 127352
Temps écoulé: 26 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webtools (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\skra (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Webtools (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\kBin15 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Skra (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Skra\Skra.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Webtools\webtools.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\b152.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\b155.exe.vir (Trojan.BHO) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\ampsevvy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\byXOGXRi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\byXpQKbX.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\fqaytxcv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\meygoc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\opnooPHy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\pajgckqx.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\ppukpfof.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\smfuzg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.


Scan HijackThis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:03, on 22/08/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\System32undll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\The Foufoun&\Documents\Mes fichiers reçus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ol.fr/fr-FR/prehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Magic-i Visual Effects.lnk = C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin
pjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin
pjpi160_01.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

sKe69 · Answer

Malwarebytes a bien bosser ...

Dis moi , tu avais utilise Combofix avant de poster ici ? Si tu as encore le 
rapport ( " C:\Combofix.txt ") , postes moi le stp ...

Ensuite fais ce qui suit :

1- Mets à jours ce qui suit, c'est important ( des version pas à jours = failles de sécurité ) :
* pour la console Java :
aller sur : Démarrer > Panneau de configuration > Icône Java > onglet Mise à jour > "Mettre à jour maintenant" > cocher la case "Automatiser la détection des mises à jour".
( puis désinstalles les versions antérieurs via "paneau de configuration" et "ajout/suppression de prg" ...)

* Adobe Reader :
télécharges et installes la dernière version ici (désinstalles avant l'ancienne version via son propre prg de désinstallation):
http://www.commentcamarche.net/telecharger/telecharger 27 acrobat reader 


2- refais un coup de CCleaner ( registre compris ) .


3- pour voir plus en profondeur : 

Télécharge DiagHelp.zip sur ton bureau :
( note : si ton anti-virus s'affolle lors du téléchargement ou de l'installe, c'est normal , ignore l'alerte ).

-> http://www.malekal.com/download/DiagHelp.zip

!! déconnectes toi et fermes toutes tes applications en cours !!  

Fais un clic droit sur le fichier et extraire tout .

--> Un nouveau dossier va être créé : "DiagHelp"  
Ouvres le et cliques droit/"exécuter entant qu'admin..."  sur go.cmd et pas sur autre chose ! (le .cmd peut ne pas apparaître )
 
--> Une fenêtre va s'ouvrir, choisis l'option 1 
L'analyse va commencer, ce-ci peut durer quelques minutes, laisses faire et appuies sur une touche quand on te le demandera : 
une page IE va s'ouvrir , fermes la . 
Re-appuis sur une touche, le bloc-note s'ouvre : 
Sauvegardes ce rapport de façon à le retrouver et postes tout son contenu dans ta prochaine réponse ...

The Foufoun& · Answer

ComboFix 08-08-13.05 - The Foufoun& 2008-08-14 16:57:46.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1145 [GMT 2:00] Endroit: C:\Users\The Foufoun&\Downloads\ComboFix.exe * Création d'un nouveau point de restauration * Resident AV is active . Error: Cfiles.dat (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files hc529j0e3et C:\Users\The Foufoun&\AppData\Local\Microsoft\Windows\Temporary Internet Files\bestwiner.stt C:\Users\The Foufoun&\AppData\Roaming hc529j0e3et C:\Users\The Foufoun&\AppData\Roaming\SpeedRunner C:\Users\The Foufoun&\AppData\Roaming\SpeedRunner\config.cfg C:\Windows\b152.exe C:\Windows\b155.exe C:\Windows\system32\ampsevvy.dll C:\Windows\system32\blphc129j0e3et.scr C:\Windows\system32\byXOGXRi.dll C:\Windows\system32\byXpQKbX.dll C:\Windows\system32\dapoixse.ini C:\Windows\System32\evsiraqi.ini C:\Windows\system32\fhsppiim.dll C:\Windows\system32\fqaytxcv.dll C:\Windows\system32\gilefmgo.ini C:\Windows\system32\gwchhbyt.ini C:\Windows\System32\iRXGOXyb.ini C:\Windows\System32\iRXGOXyb.ini2 C:\Windows\system32\meygoc.dll C:\Windows\system32\mlsdnd.dll C:\Windows\system32\mxguohlr.dll C:\Windows\system32 nyjcmxp.ini C:\Windows\system32\opnooPHy.dll C:\Windows\system32\oxpptasn.dll C:\Windows\system32\pajgckqx.dll C:\Windows\system32\ppukpfof.dll C:\Windows\system32\qvyiutps.dll C:\Windows\system32\smfuzg.dll C:\Windows\system32\ucnawrww.dll C:\Windows\system32\vwwakycc.dll C:\Windows\System32\XbKQpXyb.ini C:\Windows\System32\XbKQpXyb.ini2 C:\Windows\system32\xsunoxvr.dll C:\Windows\System32\yHPoonpo.ini C:\Windows\System32\yHPoonpo.ini2 . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-14 to 2008-08-14 )))))))))))))))))))))))))))))))))))) . 2008-08-14 16:48 . 2008-08-14 16:48 24,576 --a------ C:\Windows\System32\VundoFixSVC.exe 2008-08-14 16:35 . 2008-08-14 16:47 d-------- C:\VundoFix Backups 2008-08-14 15:38 . 2008-08-14 15:38 d-------- C:\ProgramData\ESET 2008-08-14 01:03 . 2008-08-14 01:03 d-------- C:\Update 2008-08-13 19:50 . 2008-08-14 01:51 155 --a------ C:\Windows\wininit.ini 2008-08-13 19:26 . 2008-08-14 14:21 d-------- C:\ProgramData\Spybot - Search & Destroy 2008-08-13 19:26 . 2008-08-14 14:22 d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-13 00:33 . 2008-08-13 00:33 0 --a------ C:\Windows sreg.dat 2008-08-13 00:28 . 2008-08-13 00:28 d-------- C:\Users\The Foufoun&\AppData\Roaming\Symantec 2008-08-12 10:40 . 2008-08-12 14:11 143 --a------ C:\Windows\System32\mcrh.tmp 2008-08-11 22:57 . 2008-08-11 22:57 d-------- C:\Program Files\Skra 2008-08-11 22:52 . 2008-08-11 22:52 d-------- C:\Program Files\Webtools 2008-08-11 22:49 . 2008-08-13 19:23 345 --ahs---- C:\Windows\System32\ihOVFfhk.ini 2008-08-11 22:47 . 2008-08-11 22:47 d-------- C:\Program Files\Mjcore 2008-08-11 22:43 . 2008-08-14 16:08 d-------- C:\Windows\System32\kBin15 2008-08-11 22:43 . 2008-08-11 22:43 d-------- C:\Temp\epr1 2008-08-11 22:43 . 2008-08-11 22:43 d-------- C:\Temp 2008-08-11 00:46 . 2008-08-11 00:46 d-------- C:\Program Files\QuickZip4 2008-08-10 16:52 . 2008-08-10 16:52 268 --ah----- C:\sqmdata00.sqm 2008-08-10 16:52 . 2008-08-10 16:52 244 --ah----- C:\sqmnoopt00.sqm 2008-08-09 10:35 . 2008-08-09 10:35 d-------- C:\Users\The Foufoun&\AppData\Roaming\Media Player Classic 2008-08-09 10:30 . 2007-09-04 18:56 164,352 --a------ C:\Windows\System32\unrar.dll 2008-08-09 10:29 . 2008-08-09 10:29 d-------- C:\Program Files\K-Lite Codec Pack 2008-08-09 10:29 . 2008-07-04 08:34 860,160 --a------ C:\Windows\System32\lameACM.acm 2008-08-09 10:29 . 2008-01-10 14:15 755,027 --a------ C:\Windows\System32\xvidcore.dll 2008-08-09 10:29 . 2004-01-25 18:18 217,088 --a------ C:\Windows\System32\yv12vfw.dll 2008-08-09 10:29 . 2008-01-10 14:16 159,839 --a------ C:\Windows\System32\xvidvfw.dll 2008-08-09 10:29 . 2007-09-21 02:52 118,784 --a------ C:\Windows\System32\ac3acm.acm 2008-08-09 10:29 . 2008-06-12 20:36 7,680 --a------ C:\Windows\System32\ff_vfw.dll 2008-08-09 10:29 . 2007-07-10 18:10 547 --a------ C:\Windows\System32\ff_vfw.dll.manifest 2008-08-09 10:29 . 2007-10-03 17:03 414 --a------ C:\Windows\System32\lame_acm.xml 2008-08-07 13:13 . 2008-08-07 13:13 d-------- C:\Program Files\iPod 2008-08-06 23:52 . 2008-08-07 13:13 d-------- C:\Program Files\iTunes 2008-07-28 12:52 . 2008-06-26 02:33 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll 2008-07-28 12:52 . 2008-06-26 05:22 9,845,248 --a------ C:\Windows\System32\NlsData000a.dll 2008-07-28 12:52 . 2008-06-26 05:22 4,874,240 --a------ C:\Windows\System32\NlsData0009.dll 2008-07-28 12:52 . 2008-06-26 02:33 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll 2008-07-28 12:52 . 2008-06-26 05:22 2,641,408 --a------ C:\Windows\System32\NlsData000c.dll 2008-07-28 12:52 . 2008-06-26 05:22 2,340,864 --a------ C:\Windows\System32\NlsData000d.dll 2008-07-28 12:52 . 2008-06-26 05:22 797,696 --a------ C:\Windows\System32\NaturalLanguage6.dll 2008-07-28 12:50 . 2008-06-26 02:33 11,722,752 --a------ C:\Windows\System32\NlsLexicons0001.dll 2008-07-18 16:11 . 2008-07-18 16:11 d-------- C:\Program Files\AviSynth 2.5 2008-07-18 16:10 . 2008-07-18 16:10 d-------- C:\Program Files\Red Kawa 2008-07-18 12:57 . 2007-06-29 04:21 694,784 --a------ C:\Windows\System32\localspl.dll 2008-07-16 19:45 . 2008-07-16 19:45 d-------- C:\Users\The Foufoun&\AppData\Roaming\InstallShield Installation Information 2008-07-15 17:25 . 2008-07-15 17:25 d-------- C:\Program Files\GTA3Mods 2008-07-14 19:00 . 2008-07-16 19:45 d-------- C:\Program Files\Rockstar Games 2008-07-14 03:24 . 2008-07-14 03:24 2,923,520 --a------ C:\Windows\explorer.exe 2008-07-14 03:23 . 2008-07-14 03:23 194,560 --a------ C:\Windows\System32\WebClnt.dll 2008-07-14 03:23 . 2008-07-14 03:23 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys 2008-07-14 03:20 . 2008-07-14 03:20 1,060,920 --a------ C:\Windows\System32\drivers tfs.sys 2008-07-14 03:20 . 2008-07-14 03:20 41,984 --a------ C:\Windows\System32\drivers\monitor.sys 2008-07-14 03:19 . 2008-07-14 03:19 8,147,968 --a------ C:\Windows\System32\wmploc.DLL 2008-07-14 03:19 . 2008-07-14 03:19 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll 2008-07-14 03:19 . 2008-07-14 03:19 7,680 --a------ C:\Windows\System32\spwmp.dll 2008-07-14 03:19 . 2008-07-14 03:19 4,096 --a------ C:\Windows\System32\msdxm.ocx 2008-07-14 03:19 . 2008-07-14 03:19 4,096 --a------ C:\Windows\System32\dxmasf.dll 2008-07-14 03:18 . 2008-07-14 03:18 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-07-14 03:17 . 2008-07-14 03:17 3,504,696 --a------ C:\Windows\System32 tkrnlpa.exe 2008-07-14 03:17 . 2008-07-14 03:17 3,470,392 --a------ C:\Windows\System32 toskrnl.exe 2008-07-14 03:17 . 2008-07-14 03:17 1,191,936 --a------ C:\Windows\System32\msxml3.dll 2008-07-14 03:17 . 2008-07-14 03:17 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys 2008-07-14 03:17 . 2008-07-14 03:17 154,624 --a------ C:\Windows\System32\drivers wifi.sys 2008-07-14 03:17 . 2008-07-14 03:17 109,624 --a------ C:\Windows\System32\drivers\ataport.sys 2008-07-14 03:17 . 2008-07-14 03:17 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys 2008-07-14 03:17 . 2008-07-14 03:17 21,560 --a------ C:\Windows\System32\drivers\atapi.sys 2008-07-14 03:17 . 2008-07-14 03:17 17,464 --a------ C:\Windows\System32\drivers\intelide.sys 2008-07-14 03:17 . 2008-07-14 03:17 2,048 --a------ C:\Windows\System32\msxml3r.dll 2008-07-14 03:16 . 2008-07-14 03:16 803,328 --a------ C:\Windows\System32\drivers cpip.sys 2008-07-14 03:16 . 2008-07-14 03:16 216,632 --a------ C:\Windows\System32\drivers etio.sys 2008-07-14 03:16 . 2008-07-14 03:16 167,424 --a------ C:\Windows\System32 cpipcfg.dll 2008-07-14 03:16 . 2008-07-14 03:16 24,064 --a------ C:\Windows\System32 etcfg.exe 2008-07-14 03:16 . 2008-07-14 03:16 22,016 --a------ C:\Windows\System32 etiougc.exe 2008-07-14 03:15 . 2008-07-14 03:15 1,585,664 --a------ C:\Windows\System32\setupapi.dll 2008-07-14 03:13 . 2008-07-14 03:13 2,027,008 --a------ C:\Windows\System32\win32k.sys 2008-07-14 03:12 . 2008-07-14 03:12 1,335,296 --a------ C:\Windows\System32\msxml6.dll 2008-07-14 03:12 . 2008-07-14 03:12 296,448 --a------ C:\Windows\System32\gdi32.dll 2008-07-14 03:12 . 2008-07-14 03:12 223,232 --a------ C:\Windows\System32\WMASF.DLL 2008-07-14 03:12 . 2008-07-14 03:12 9,728 --a------ C:\Windows\System32\LAPRXY.DLL 2008-07-14 03:12 . 2008-07-14 03:12 2,048 --a------ C:\Windows\System32\msxml6r.dll 2008-07-14 03:12 . 2008-07-14 03:12 2,048 --a------ C:\Windows\System32\asferror.dll 2008-07-14 03:11 . 2008-07-14 03:11 269,824 --a------ C:\Windows\System32\schannel.dll 2008-07-14 03:11 . 2008-07-14 03:11 220,160 --a------ C:\Windows\System32 tprint.dll 2008-07-14 03:11 . 2008-07-14 03:11 61,440 --a------ C:\Windows\System32 tprint.exe 2008-07-14 03:09 . 2008-07-14 03:09 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll 2008-07-14 03:09 . 2008-07-14 03:09 1,686,528 --a------ C:\Windows\System32\gameux.dll 2008-07-14 03:09 . 2008-07-14 03:09 11,776 --a------ C:\Windows\System32\sbunattend.exe 2008-07-14 03:08 . 2008-07-14 03:08 83,968 --a------ C:\Windows\System32\dnsrslvr.dll 2008-07-14 03:08 . 2008-07-14 03:08 24,576 --a------ C:\Windows\System32\dnscacheugc.exe 2008-07-14 03:07 . 2008-07-14 03:07 788,992 --a------ C:\Windows\System32 pcrt4.dll 2008-07-14 03:07 . 2008-07-14 03:07 148,992 --a------ C:\Windows\System32\drivers\ks.sys 2008-07-14 03:07 . 2008-07-14 03:07 130,048 --a------ C:\Windows\System32\drivers\srv2.sys 2008-07-14 03:07 . 2008-07-14 03:07 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys 2008-07-14 03:07 . 2008-07-14 03:07 84,992 --a------ C:\Windows\System32\drivers\srvnet.sys 2008-07-14 03:07 . 2008-07-14 03:07 58,368 --a------ C:\Windows\System32\drivers\mrxsmb20.sys 2008-07-14 03:06 . 2008-07-14 03:06 1,327,104 --a------ C:\Windows\System32\quartz.dll 2008-07-14 03:06 . 2008-07-14 03:06 1,244,672 --a------ C:\Windows\System32\mcmde.dll 2008-07-14 03:06 . 2008-07-14 03:06 428,032 --a------ C:\Windows\System32\EncDec.dll 2008-07-14 03:06 . 2008-07-14 03:06 292,352 --a------ C:\Windows\System32\psisdecd.dll 2008-07-14 03:06 . 2008-07-14 03:06 218,624 --a------ C:\Windows\System32\psisrndr.ax 2008-07-14 03:06 . 2008-07-14 03:06 80,896 --a------ C:\Windows\System32\MSNP.ax 2008-07-14 03:06 . 2008-07-14 03:06 68,608 --a------ C:\Windows\System32\Mpeg2Data.ax 2008-07-14 03:06 . 2008-07-14 03:06 57,856 --a------ C:\Windows\System32\MSDvbNP.ax 2008-07-14 03:02 . 2008-07-14 03:02 2,048 --a------ C:\Windows\System32 zres.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-14 13:38 --------- d-----w C:\Program Files\ESET 2008-08-14 12:45 49,632 ----a-w C:\Users\The Foufoun&\AppData\Roaming vModes.dat 2008-08-13 23:55 --------- d-----w C:\Users\The Foufoun&\AppData\Roaming\LimeWire 2008-08-13 23:18 --------- d-----w C:\ProgramData\Symantec 2008-08-13 23:18 --------- d-----w C:\Program Files\Norton Save and Restore 2008-08-13 23:18 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-08-13 23:03 --------- d-----w C:\Users\The Foufoun&\AppData\Roaming\Sony Corporation 2008-08-12 00:43 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-06 21:36 --------- d-----w C:\Users\The Foufoun&\AppData\Roaming\Apple Computer 2008-07-19 01:06 --------- d-----w C:\Program Files\Windows Calendar 2008-07-18 11:28 --------- d-----w C:\ProgramData\Sony Corporation 2008-07-18 04:15 --------- d-----w C:\Users\The Foufoun&\AppData\Roaming\DivX 2008-07-14 07:49 174 --sha-w C:\Program Files\desktop.ini 2008-07-14 07:42 --------- d-----w C:\Program Files\Windows Sidebar 2008-07-14 07:42 --------- d-----w C:\Program Files\Windows Mail 2008-07-14 01:24 28,344 ----a-w C:\Windows\system32\drivers\battc.sys 2008-07-14 01:24 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys 2008-07-14 01:24 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys 2008-07-14 01:24 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys 2008-07-14 01:14 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys 2008-07-14 01:14 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys 2008-07-14 01:14 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys 2008-07-14 01:14 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys 2008-07-14 01:14 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys 2008-07-14 01:14 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys 2008-07-14 01:14 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys 2008-07-14 01:10 113,664 ----a-w C:\Windows\system32\drivers mcast.sys 2008-07-14 01:09 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-07-14 01:09 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-07-14 01:09 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll 2008-07-14 01:09 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-07-14 01:09 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-07-14 01:03 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-07-13 18:40 --------- d-----w C:\ProgramData\Messenger Plus! 2008-07-13 12:24 --------- d-----w C:\Users\The Foufoun&\AppData\Roaming\ArcSoft 2008-07-13 12:17 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-13 12:14 --------- d-----w C:\Users\Administrateur\AppData\Roaming\Sony Corporation 2008-07-13 12:09 --------- d-----w C:\Program Files\Common Files\Adobe 2008-07-13 12:03 --------- d-----w C:\Program Files\Lecteur CANALPLAY 2008-07-13 10:59 --------- d-----w C:\ProgramData\eMule 2008-07-13 10:58 --------- d-----w C:\Program Files\eMule 2008-07-13 10:53 --------- d-----w C:\Program Files\LimeWire 2008-07-10 14:01 --------- d-----w C:\ProgramData\Apple Computer 2008-07-10 14:00 --------- d-----w C:\Program Files\Bonjour 2008-07-10 13:59 --------- d-----w C:\Program Files\QuickTime 2008-07-10 13:58 --------- d-----w C:\Program Files\Apple Software Update 2008-07-10 13:57 --------- d-----w C:\ProgramData\Apple 2008-07-10 13:57 --------- d-----w C:\Program Files\Common Files\Apple 2008-07-10 13:35 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-07-10 13:16 --------- d-----w C:\Program Files\Windows Live 2008-07-10 13:05 --------- d-----w C:\ProgramData\WLInstaller 2008-07-10 12:48 --------- d-----w C:\Users\The Foufoun&\AppData\Roaming\Skype 2008-07-10 12:21 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller 2008-07-10 11:18 0 ---ha-r C:\Windows\system32\drivers\Sony_VGN-AR58J.mrk 2008-07-10 10:06 --------- d-----w C:\Program Files\CONEXANT 2008-07-03 00:12 32,000 ----a-w C:\Windows\system32\drivers\usbaapl.sys 2008-07-01 07:04 34,312 ----a-w C:\Windows\system32\drivers\epfwtdir.sys 2008-07-01 06:57 53,256 ----a-w C:\Windows\system32\drivers\easdrv.sys 2008-07-01 06:56 39,944 ----a-w C:\Windows\system32\drivers\eamon.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-07-14 03:09 1232896] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728] "Skra"="C:\Program Files\Skra\Skra.exe" [2008-08-11 22:57 33280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="C:\Windows\system32 vsvc.dll" [2007-08-01 02:18 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-01 02:17 8429568] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-01 02:17 81920] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 03:58 835584] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048] "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-06-11 18:27 317560] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-17 15:42 1831424] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 13:37 174872] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43 83608] "AppMon Utility"="C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" [2007-07-12 15:39 534392] "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-03 02:23 116040] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 09:01 1447168] "RtHDVCpl"="RtHDVCpl.exe" [2007-06-26 02:39 4489216 C:\Windows\RtHDVCpl.exe] "Skytel"="Skytel.exe" [2007-06-26 02:39 1826816 C:\Windows\SkyTel.exe] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-07-03 10:31:46 739880] Magic-i Visual Effects.lnk - C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe [2008-07-13 14:17:41 330496] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon otify\VESWinlogon] 2007-07-24 19:26 98304 C:\Windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.yv12"= yv12vfw.dll "VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1370881334-2716005212-3457183412-1000] "EnableNotificationsRef"=dword:00000002 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{701BCD01-FDE0-4149-BBB5-B5E090A574FA}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{571EA047-575B-49C9-A2D0-77774AD34244}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{9D1354B2-32AA-492B-9BA3-C193E984C6F5}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{83634136-311B-4F8E-A26B-E8DAAE890EDF}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{AEDCFB64-1116-43F0-BC50-19DBC4EAEFAB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{29D54D4F-BE74-4553-9E6E-9EAC12DAD5B1}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{8F0A90F8-CA70-4BC8-A0DC-2550B0333F0E}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{C34002FF-9B86-4833-B953-DECFFFA1C693}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{C70E0AC0-9980-44B7-B776-A018C2700264}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{18F6C587-5043-4C6B-A777-F5121F0C88B7}"= UDP:C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe:Lecteur CANALPLAY "{DDAC9FCF-DF13-49A0-9D16-28C366718325}"= TCP:C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe:Lecteur CANALPLAY "TCP Query User{F3076DAE-542C-4E5A-9E97-ADB4D4FCC5B1}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{8DB916C9-228A-4330-A05D-6EBBEB8FA7D2}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "{EB8056C6-6469-4D89-ABEC-7BED22D7B54A}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{B01E5798-F177-4704-BF53-61FFB40172EB}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{901D3EF2-0E2C-48B3-B69B-4E660566F0B3}"= Disabled:UDP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server "{800251BC-2565-4F32-AEFA-86A3A18AB2C1}"= Disabled:TCP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server "{2942D2BB-FB0F-4236-9758-ABD0B5B7413A}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{3A5B3351-BDFE-4EA2-BA56-190148CA033F}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{EE9C12F5-286D-429B-A70B-3349EC4F3FF3}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{8925516D-A95F-4CEE-90BF-4A905019BE4E}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R1 epfwtdir;epfwtdir;C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-07-01 09:04] R2 regi;regi;C:\Windows\system32\drivers egi.sys [2007-04-17 20:09] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-05-30 19:14] R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2007-04-20 02:00] R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2007-04-20 02:00] R3 ti21sony;ti21sony;C:\Windows\system32\drivers i21sony.sys [2007-06-06 02:00] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-07-13 08:15] S3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-07-24 02:56] S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-07-24 02:56] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-07-24 02:55] S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-24 02:56] S3 Service CANALPLAY;Service CANALPLAY;C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 18:28] S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 16:51] S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 15:34] S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 15:34] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-07-05 19:12] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-07-05 17:43] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \shell\AutoRun\command - wd_windows_tools\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] \shell\AutoRun\command - H:\Autorun\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d44ce81-4e80-11dd-b1d4-001a80234b01}] \shell\AutoRun\command - wd_windows_tools\setup.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' 2008-08-13 C:\Windows\Tasks\User_Feed_Synchronization-{F13707C0-F9E2-4D5A-9B33-6063F69A6BFF}.job - C:\Windows\system32\msfeedssync.exe [2006-11-02 11:45] . - - - - ORPHANS REMOVED - - - - BHO-{0B11C257-7FD3-451C-8F2F-E82DFD8EDDFC} - C:\Windows\system32\khfFVOhi.dll HKLM-Run-MSServer - C:\Windows\system32\xxyvutQk.dll HKLM-Run-78e190be - C:\Windows\system32\esxiopad.dll HKLM-Run-BM7bd2a322 - C:\Windows\system32\ucnawrww.dll ShellExecuteHooks-{57DF73C0-833C-48B7-9146-1E18930D57FF} - C:\Windows\system32\xxyvutQk.dll . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\The Foufoun&\AppData\Roaming\Mozilla\Firefox\Profiles\kdgp62g7.default\ FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins pitunes.dll FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins ppl3260.dll FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins prpjplug.dll ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-14 17:05:00 Windows 6.0.6000 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\System32\stacsv.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\System32\drivers\XAudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\System32\conime.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\System32 undll32.exe C:\Windows\System32 undll32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\wbem\WMIADAP.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-14 17:08:46 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-14 15:08:41 Pre-Run: 64,485,654,528 octets libres Post-Run: 64,011,964,416 octets libres 373 --- E O F --- 2008-08-12 00:43:40 Et je ne trouve pas icone java

sKe69 · Answer

Pour Java , vas dans paneau de Configuration : sur la gauche de la fenêtre , cliques sur " affichage classique " ...
Tu devrais le trouver plus facilement ...

noctambule28 · Answer

Slut les gars le diaghelp est resté coicé , je le poste à la place de the foufoun ************************************* Voila : ( je n'ai pas fait clique droit executez en tamp qu'administrateur sa ne marchait pas jai fait double clique et ça marchait ) DiagHelp version v1.4 - http://www.malekal.com excute le 22/08/2008 à 17:01:24,77 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\Windows\prefetch\CHCP.COM-61043047.pf -->22/08/2008 17:01:20 C:\Windows\prefetch\CMD.EXE-4A81B364.pf -->22/08/2008 17:01:06 C:\Windows\prefetch\DLLHOST.EXE-5E46FA0D.pf -->22/08/2008 16:59:57 C:\Windows\prefetch\WINRAR.EXE-94E7D80C.pf -->22/08/2008 16:59:50 C:\Windows\prefetch\VERCLSID.EXE-7C52E31C.pf -->22/08/2008 16:59:47 C:\Windows\prefetch\WERFAULT.EXE-E69F695A.pf -->22/08/2008 16:59:44 C:\Windows\prefetch\RUNDLL32.EXE-AAB1BBB5.pf -->22/08/2008 16:58:25 C:\Windows\prefetch\CCLEANER.EXE-D4D76A60.pf -->22/08/2008 16:56:38 C:\Windows\prefetch\MSIEXEC.EXE-A2D55CB6.pf -->22/08/2008 16:54:58 C:\Windows\prefetch\SVCHOST.EXE-7CFEDEA3.pf -->22/08/2008 16:52:05 C:\Windows\System32\drivers\mbamswissarmy.sys -->17/08/2008 15:01:18 C:\Windows\System32\drivers\mbam.sys -->17/08/2008 15:01:14 C:\Windows\System32\drivers\compbatt.sys -->14/07/2008 03:24:34 C:\Windows\System32\drivers\acpi.sys -->14/07/2008 03:24:34 C:\Windows\System32\drivers\CmBatt.sys -->14/07/2008 03:24:33 C:\Windows\System32\drivers\battc.sys -->14/07/2008 03:24:33 C:\Windows\System32\drivers\mrxdav.sys -->14/07/2008 03:23:51 C:\Windows\System32\jupdate-1.6.0_07-b06.log -->22/08/2008 16:51:33 C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -->22/08/2008 16:12:41 C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -->22/08/2008 16:12:41 C:\Windows\System32\PerfStringBackup.INI -->19/08/2008 08:09:32 C:\Windows\System32\perfh00C.dat -->19/08/2008 08:09:32 C:\Windows\System32\perfh009.dat -->19/08/2008 08:09:32 C:\Windows\System32\perfc00C.dat -->19/08/2008 08:09:32 C:\Windows\System32\perfc009.dat -->19/08/2008 08:09:32 C:\Windows\System32\FNTCACHE.DAT -->18/08/2008 12:12:05 C:\Windows\System32\VundoFixSVC.exe -->14/08/2008 16:48:23 C:\Windows\System32\ihOVFfhk.ini -->13/08/2008 19:23:49 C:\Windows\System32\73c254c0-.txt -->13/08/2008 14:10:32 C:\Windows\System32\imon1.dat -->12/08/2008 03:06:17 C:\Windows\System32\mrt.exe -->05/08/2008 20:11:02 C:\Windows\System32 moc3260.dll -->28/07/2008 05:00:00 C:\Windows\System32\pndx5032.dll -->28/07/2008 05:00:00 C:\Windows\System32\pndx5016.dll -->28/07/2008 05:00:00 C:\Windows\System32\pncrt.dll -->28/07/2008 05:00:00 C:\Windows\System32\advpack.dll -->16/07/2008 06:09:38 C:\Windows\System32 zres.dll -->16/07/2008 01:48:18 C:\Windows\System32\PhotoScreensaver.scr -->14/07/2008 03:24:41 C:\Windows\System32\wtsapi32.dll -->14/07/2008 03:24:35 C:\Windows\System32\sysmain.dll -->14/07/2008 03:24:30 C:\Windows\System32\wlan.tmf -->14/07/2008 03:24:29 C:\Windows\System32 imedate.cpl -->14/07/2008 03:24:29 C:\Windows\bootstat.dat -->22/08/2008 16:12:31 C:\Windows\WindowsUpdate.log -->22/08/2008 15:41:55 C:\Windows\bthservsdp.dat -->22/08/2008 15:41:55 C:\Windows\avisplitter.INI -->19/08/2008 16:19:28 C:\Windows\win.ini -->15/08/2008 19:14:16 C:\Windows\PSEXESVC.EXE -->14/08/2008 17:08:48 C:\Windows\system.ini -->14/08/2008 17:04:57 C:\Windows\wininit.ini -->14/08/2008 01:51:45 C:\Windows sreg.dat -->13/08/2008 00:33:56 C:\Windows\ODBCINST.INI -->08/08/2008 18:38:07 C:\Windows\WindowsShell.Manifest -->14/07/2008 09:49:25 C:\Windows\explorer.exe -->14/07/2008 03:24:31 C:\Windows\VAIOUpdt.INI -->08/09/2007 03:57:11 C:\Windows\ocsetup_install_OEMHelpCustomization.etl -->17/08/2007 15:47:53 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf -->17/08/2007 15:47:52 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 3020 Command line: C:\Windows\Explorer.EXE Base Size Version Path 0x003c0000 0x2cd000 6.00.6000.16549 C:\Windows\Explorer.EXE 0x77160000 0x11e000 6.00.6000.16386 C:\Windows\system32 tdll.dll 0x76110000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll 0x75c20000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll 0x75aa0000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll 0x77020000 0x4b000 6.00.6000.16643 C:\Windows\system32\GDI32.dll 0x770c0000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll 0x75ce0000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll 0x75e20000 0x55000 6.00.6000.16386 C:\Windows\system32\SHLWAPI.dll 0x76320000 0xace000 6.00.6000.16680 C:\Windows\system32\SHELL32.dll 0x75ec0000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll 0x75d90000 0x8c000 6.00.6000.16609 C:\Windows\system32\OLEAUT32.dll 0x70040000 0x107000 6.00.6000.16386 C:\Windows\system32\SHDOCVW.dll 0x74a00000 0x3f000 6.00.6000.16386 C:\Windows\system32\UxTheme.dll 0x74da0000 0x1a000 6.00.6000.16386 C:\Windows\system32\POWRPROF.dll 0x71580000 0xc000 6.00.6000.20530 C:\Windows\system32\dwmapi.dll 0x74110000 0x1aa000 5.02.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll 0x75300000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll 0x73fb0000 0xb7000 6.00.6000.16386 C:\Windows\system32\PROPSYS.dll 0x6fef0000 0x145000 6.00.6000.16386 C:\Windows\system32\BROWSEUI.dll 0x76df0000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.dll 0x76010000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll 0x749d0000 0x30000 6.00.6000.16386 C:\Windows\system32\DUser.dll 0x75eb0000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL 0x76fa0000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll 0x747f0000 0x194000 6.10.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll 0x738a0000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll 0x70340000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll 0x758b0000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll 0x75b90000 0x84000 2001.12.6930.16386 C:\Windows\system32\CLBCatQ.DLL 0x74e40000 0x38000 6.00.6000.16386 C:\Windows\system32 saenh.dll 0x6f9a0000 0xb2000 6.00.6000.16549 C:\Windows\system32 imedate.cpl 0x740b0000 0x14000 3.05.2284.0000 C:\Windows\system32\ATL.DLL 0x75720000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll 0x75980000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL 0x740d0000 0x38000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll 0x72af0000 0x53000 6.00.6000.16386 C:\Windows\system32\actxprxy.dll 0x758d0000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll 0x70370000 0x2b000 6.00.6000.16386 C:\Windows\system32\msutb.dll 0x74f00000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll 0x754d0000 0x11000 6.00.6000.16386 C:\Windows\System32\SAMLIB.dll 0x75850000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll 0x6fdd0000 0x3c000 6.00.6000.16404 C:\Windows\System32\msshsq.dll 0x6f7d0000 0xc5000 6.00.6000.16710 C:\Windows\System32\NaturalLanguage6.dll 0x75340000 0xf1000 6.00.6000.16425 C:\Windows\System32\CRYPT32.dll 0x754b0000 0x12000 6.00.6000.16386 C:\Windows\System32\MSASN1.dll 0x74470000 0x1e7000 6.00.6000.16513 C:\Windows\system32\authui.dll 0x74cc0000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll 0x6fe40000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll 0x6fe20000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll 0x75120000 0x8000 6.00.6000.16386 C:\Windows\system32\VERSION.dll 0x6fa60000 0x204000 4.00.6000.16386 C:\Windows\system32\msi.dll 0x74dc0000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL 0x77070000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll 0x760e0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll 0x75b70000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll 0x761f0000 0x127000 7.00.6000.16711 C:\Windows\system32\urlmon.dll 0x77350000 0x45000 7.00.6000.16386 C:\Windows\system32\iertutil.dll 0x6ece0000 0x5cd000 7.00.6000.16711 C:\Windows\system32\ieframe.dll 0x742d0000 0x33000 6.00.6000.16386 C:\Windows\system32\WINMM.dll 0x6f780000 0x4a000 6.00.6000.16386 C:\Windows\system32 tshrui.dll 0x73f80000 0x30000 6.00.6000.16386 C:\Windows\system32\wdmaud.drv 0x742c0000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll 0x74cb0000 0x7000 6.00.6000.16386 C:\Windows\system32\AVRT.dll 0x74b00000 0x27000 6.00.6000.20511 C:\Windows\system32\MMDevAPI.DLL 0x6fe10000 0xa000 6.00.6000.16386 C:\Windows\system32\cscapi.dll 0x76e10000 0x189000 6.00.6000.16609 C:\Windows\system32\SETUPAPI.dll 0x74bf0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WINTRUST.dll 0x75e80000 0x29000 6.00.6000.16470 C:\Windows\system32\imagehlp.dll 0x73f20000 0x21000 6.00.6000.16386 C:\Windows\System32\audioses.dll 0x73e20000 0x66000 6.00.6000.16386 C:\Windows\System32\audioeng.dll 0x6fdc0000 0x9000 6.00.6000.16386 C:\Windows\system32\ExplorerFrame.dll 0x77280000 0xd0000 7.00.6000.16711 C:\Windows\system32\WININET.dll 0x75b80000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll 0x73d80000 0x9000 6.00.6000.16386 C:\Windows\system32\msacm32.drv 0x737d0000 0x15000 6.00.6000.16386 C:\Windows\system32\MSACM32.dll 0x73660000 0x7000 6.00.6000.16386 C:\Windows\system32\midimap.dll 0x6f8a0000 0x30000 6.00.6000.16386 C:\Windows\system32\MLANG.dll 0x6e000000 0x92000 6.00.6000.16386 C:\Windows\system32\stobject.dll 0x6df40000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll 0x74d90000 0x9000 6.00.6000.16553 C:\Windows\system32\WTSAPI32.dll 0x74a60000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll 0x73960000 0x46000 2001.12.6930.16677 C:\Windows\system32\es.dll 0x6e190000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll 0x6e110000 0x21000 6.00.6000.16386 C:\Windows\ehome\ehSSO.dll 0x73f70000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL 0x6dc30000 0x30b000 6.00.6000.16386 C:\Windows\System32 etshell.dll 0x752a0000 0x19000 6.00.6000.16386 C:\Windows\System32\IPHLPAPI.DLL 0x75260000 0x35000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc.DLL 0x754f0000 0x2b000 6.00.6000.16615 C:\Windows\System32\DNSAPI.dll 0x75470000 0x7000 6.00.6000.16386 C:\Windows\System32\WINNSI.DLL 0x75240000 0x20000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc6.DLL 0x74990000 0xf000 6.00.6000.16386 C:\Windows\System32 laapi.dll 0x6da70000 0x1bf000 6.00.6000.16386 C:\Windows\system32\pnidui.dll 0x70fb0000 0x17000 6.00.6000.16386 C:\Windows\system32\QUtil.dll 0x752c0000 0x3e000 6.00.6000.16386 C:\Windows\system32\wevtapi.dll 0x735e0000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll 0x74cd0000 0x63000 6.00.6000.16501 C:\Windows\system32\FirewallAPI.dll 0x71590000 0x8000 6.00.6000.16386 C:\Windows\System32 pmproxy.dll 0x6fe30000 0xe000 6.00.6000.16551 C:\Windows\system32\Wlanapi.dll 0x73750000 0x2d000 6.00.6000.16386 C:\Windows\system32\OneX.DLL 0x73650000 0xd000 6.00.6000.16386 C:\Windows\system32\eappprxy.dll 0x73620000 0x28000 6.00.6000.16386 C:\Windows\system32\eappcfg.dll 0x751b0000 0x44000 6.00.6000.16386 C:\Windows\system32\bcrypt.dll 0x75790000 0x5f000 6.00.6000.16386 C:\Windows\system32\SXS.DLL 0x6f720000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll 0x6da40000 0x23000 6.00.6000.16386 C:\Windows\system32\wpdshserviceobj.dll 0x72ea0000 0x5f000 6.00.6000.16386 C:\Windows\system32\WINHTTP.dll 0x6c440000 0x40000 6.00.6000.16386 C:\Windows\System32\srchadmin.dll 0x10000000 0x2e000 6.01.0000.1205 C:\Windows\system32\btncopy.dll 0x6c400000 0x3c000 7.00.6000.16386 C:\Windows\system32\webcheck.dll 0x6f2b0000 0xb000 6.00.6000.16386 C:\Windows\system32\mssprxy.dll 0x6bfc0000 0x21c000 6.00.6000.16386 C:\Windows\System32\SyncCenter.dll 0x6c340000 0x51000 6.00.6000.16386 C:\Windows\system32\imapi2.dll 0x6c480000 0x39000 6.00.6000.16386 C:\Windows\system32\wscntfy.dll 0x749a0000 0xb000 6.00.6000.16386 C:\Windows\system32\WSCAPI.dll 0x707e0000 0x2b000 6.00.6000.16386 C:\Windows\system32\PortableDeviceTypes.dll 0x71a60000 0x46000 6.00.6000.16386 C:\Windows\system32\PortableDeviceApi.dll 0x6f970000 0x2c000 6.00.6000.16386 C:\Windows\System32\QAgent.dll 0x72db0000 0x8a000 6.00.6000.16386 C:\Windows\System32\fwpuclnt.dll 0x6e350000 0xf9000 6.00.6000.16386 C:\Windows\system32\bthprops.cpl 0x726b0000 0x27000 6.00.6000.16386 C:\Windows\system32\FunDisc.dll 0x6e6b0000 0x9000 6.00.6000.16386 C:\Windows\system32\fdproxy.dll 0x75480000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll 0x01980000 0x35000 6.01.0000.1205 C:\Windows\system32\btmmhook.dll 0x75200000 0x32000 6.00.6000.16386 C:\Windows\system32 crypt.dll 0x74e20000 0x15000 6.00.6000.16386 C:\Windows\system32\GPAPI.dll 0x6f6f0000 0x19000 6.00.6000.16386 C:\Windows\system32\cryptnet.dll 0x70260000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll 0x74bd0000 0x14000 6.00.6000.16386 C:\Windows\system32\Cabinet.dll 0x715a0000 0x6000 6.00.6000.16386 C:\Windows\system32\dciman32.dll 0x74370000 0x47000 6.00.6000.16386 C:\Windows\system32\RASAPI32.dll 0x74350000 0x14000 6.00.6000.16386 C:\Windows\system32 asman.dll 0x74310000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll 0x74af0000 0xc000 6.00.6000.16386 C:\Windows\system32 tutils.dll 0x75440000 0x7000 6.00.6000.16386 C:\Windows\system32\credssp.dll 0x74eb0000 0x45000 6.00.6000.16508 C:\Windows\system32\schannel.dll 0x01d90000 0x21000 C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll 0x6b850000 0x16000 6.00.6000.16386 C:\Windows\System32\shacct.dll 0x6c590000 0x28c000 6.00.6000.16710 C:\Windows\System32\NLSData000c.dll 0x6b990000 0x5f4000 6.00.6000.16710 C:\Windows\System32\NLSLexicons000c.dll 0x016c0000 0x2e000 C:\Program Files\WinRAR arext.dll 0x017c0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 0x22000000 0x2e000 3.00.0669.0000 C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll 0x71cd0000 0x2e000 6.00.6000.16386 C:\Windows\system32\syncui.dll 0x74670000 0x15000 6.00.6000.16386 C:\Windows\system32\SYNCENG.dll 0x6e0b0000 0x60000 6.00.6000.16386 C:\Program Files\Common Files\microsoft shared\ink iptsf.dll 0x74440000 0x22000 1.01.1002.0000 C:\Windows\system32\xmllite.dll 0x71cb0000 0x12000 6.00.6000.16386 C:\Windows\system32 humbcache.dll 0x6a0b0000 0x223000 6.00.6000.16386 C:\Windows\system32\NetworkExplorer.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1056 Command line: winlogon.exe Base Size Version Path 0x00c40000 0x4e000 6.00.6000.16386 C:\Windows\system32\winlogon.exe 0x77160000 0x11e000 6.00.6000.16386 C:\Windows\system32 tdll.dll 0x76110000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll 0x75c20000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll 0x75aa0000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll 0x770c0000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll 0x77020000 0x4b000 6.00.6000.16643 C:\Windows\system32\GDI32.dll 0x75ce0000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll 0x758b0000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll 0x74a60000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll 0x75980000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL 0x758d0000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll 0x76df0000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.DLL 0x76010000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll 0x75eb0000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL 0x76fa0000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll 0x75850000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll 0x74dc0000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL 0x77070000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll 0x760e0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll 0x75b70000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll 0x754d0000 0x11000 6.00.6000.16386 C:\Windows\system32\SAMLIB.dll 0x75ec0000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll 0x739b0000 0x3e000 6.00.6000.16386 C:\Windows\system32\SHSVCS.dll 0x74a00000 0x3f000 6.00.6000.16386 C:\Windows\system32\uxtheme.dll 0x74e40000 0x38000 6.00.6000.16386 C:\Windows\system32 saenh.dll 0x738a0000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll 0x75720000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll 0x75300000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll 0x75480000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78E1-9011 Répertoire de C:\Windows\system32 02/11/2006 11:45 7 680 csrss.exe 1 fichier(s) 7 680 octets 0 Rép(s) 50 239 463 424 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78E1-9011 Répertoire de C:\Windows\Downloaded Program Files 02/11/2006 13:18 . 02/11/2006 13:18 .. 18/09/2006 23:26 65 desktop.ini 1 fichier(s) 65 octets Total des fichiers listés : 1 fichier(s) 65 octets 2 Rép(s) 50 239 463 424 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 Export de la clef SharedTaskScheduler [SharedTaskScheduler] exports des policies REGEDIT4 [System] "ConsentPromptBehaviorAdmin"=dword:00000002 "ConsentPromptBehaviorUser"=dword:00000001 "EnableInstallerDetection"=dword:00000001 "EnableLUA"=dword:00000000 "EnableSecureUIAPaths"=dword:00000001 "EnableVirtualization"=dword:00000001 "PromptOnSecureDesktop"=dword:00000001 "ValidateAdminCodeSignatures"=dword:00000000 "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "scforceoption"=dword:00000000 "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "FilterAdministratorToken"=dword:00000001 "HideLegacyLogonScripts"=dword:00000000 "HideLogoffScripts"=dword:00000000 "RunLogonScriptSync"=dword:00000001 "RunStartupScriptSync"=dword:00000000 "HideStartupScripts"=dword:00000000 [System\UIPI] [System\UIPI\Clipboard] [System\UIPI\Clipboard\ExceptionFormats] "CF_TEXT"=dword:00000001 "CF_BITMAP"=dword:00000002 "CF_OEMTEXT"=dword:00000007 "CF_DIB"=dword:00000008 "CF_PALETTE"=dword:00000009 "CF_UNICODETEXT"=dword:0000000d "CF_DIBV5"=dword:00000011 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-22 17:01:44 Windows 6.0.6000 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0019c1ea150f] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0019c1ea150f] scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Sorry, this version supports only Win2K/XP KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Sorry, this version supports only Win2K/XP Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78E1-9011 Répertoire de C:\Program Files 22/08/2008 16:52 . 22/08/2008 16:52 .. 17/08/2007 15:37 Activation Assistant for the 2007 Microsoft Office suites 22/08/2008 16:53 Adobe 10/07/2008 15:58 Apple Software Update 08/09/2007 03:33 ArcSoft 18/07/2008 16:11 AviSynth 2.5 17/08/2007 15:40 BFG 10/07/2008 16:00 Bonjour 22/08/2008 15:01 CCleaner 14/08/2008 16:59 Common Files 10/07/2008 12:06 CONEXANT 17/08/2007 15:40 DivX 08/09/2007 03:58 Documentation 19/08/2008 20:11 EA GAMES 17/08/2008 12:01 eMule 14/08/2008 15:38 ESET 17/08/2007 15:43 Google 17/08/2007 15:42 Google BAE 15/07/2008 17:25 GTA3Mods 17/08/2007 14:29 IDT 17/08/2007 15:43 Intel 16/08/2008 11:56 Internet Explorer 08/09/2007 04:01 InterVideo 07/08/2008 13:13 iPod 07/08/2008 13:13 iTunes 22/08/2008 16:51 Java 09/08/2008 10:29 K-Lite Codec Pack 13/07/2008 14:03 Lecteur CANALPLAY 13/07/2008 12:53 LimeWire 22/08/2008 15:39 Malwarebytes' Anti-Malware 10/07/2008 15:35 Messenger Plus! Live 14/07/2008 03:18 Microsoft CAPICOM 2.1.0.2 17/08/2008 19:05 Microsoft Games 17/08/2007 15:42 Microsoft Office 17/08/2007 15:42 Microsoft Works 17/08/2007 15:35 Microsoft.NET 02/11/2006 14:42 Movie Maker 20/08/2008 13:44 Mozilla Firefox 02/11/2006 14:37 MSBuild 02/11/2006 14:37 MSN 17/08/2007 13:55 MSXML 4.0 15/08/2008 01:41 Neuf 14/08/2008 01:18 Norton Save and Restore 17/08/2007 15:42 Picasa2 10/07/2008 15:59 QuickTime 17/08/2007 14:21 Realtek 18/07/2008 16:10 Red Kawa 02/11/2006 14:37 Reference Assemblies 16/07/2008 19:45 Rockstar Games 08/09/2007 03:36 Roxio 08/09/2007 03:38 Skype 08/09/2007 04:14 Sony 14/08/2008 14:22 Spybot - Search & Destroy 22/08/2008 16:52 Sun 17/08/2007 14:41 Synaptics 17/08/2007 14:34 WIDCOMM 19/07/2008 03:06 Windows Calendar 02/11/2006 14:42 Windows Collaboration 17/08/2007 13:58 Windows Defender 02/11/2006 14:42 Windows Journal 10/07/2008 15:16 Windows Live 16/08/2008 11:56 Windows Mail 14/07/2008 09:43 Windows Media Player 17/08/2007 12:10 Windows NT 02/11/2006 14:42 Windows Photo Gallery 14/07/2008 09:42 Windows Sidebar 19/08/2008 20:51 WinRAR 0 fichier(s) 0 octets 68 Rép(s) 50 225 905 664 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78E1-9011 Répertoire de C:\Program Files\fichiers communs Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78E1-9011 Répertoire de C:\Program Files\common files 14/08/2008 16:59 . 14/08/2008 16:59 .. 22/08/2008 16:54 Adobe 10/07/2008 15:57 Apple 17/08/2007 15:35 DESIGNER 08/09/2007 03:33 InstallShield 08/09/2007 04:01 InterVideo 17/08/2007 15:45 Java 12/08/2008 02:39 microsoft shared 17/08/2007 15:40 PX Storage Engine 08/09/2007 03:36 Roxio Shared 02/11/2006 13:18 Services 08/09/2007 03:38 Skype 08/09/2007 03:36 Sonic Shared 08/09/2007 03:48 Sony Shared 02/11/2006 13:18 SpeechEngines 15/08/2008 21:11 Symantec Shared 17/08/2007 13:59 System 0 fichier(s) 0 octets 18 Rép(s) 50 225 905 664 octets libres c:\Users\The Foufoun&\Documents\GTA Vice City User Files\gta-vc (2).exe c:\Users\The Foufoun&\Documents\GTA Vice City User Files\gta-vc.exe c:\Users\The Foufoun&\Documents\Mes fichiers reçus\ccsetup210.exe c:\Users\The Foufoun&\Documents\Mes fichiers reçus\HiJackThis.exe c:\Users\The Foufoun&\Documents\Mes fichiers reçus\LopSD.exe ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_Pc-Gilles.tar.gz a l'adresse http://upload.malekal.com

sKe69 · Answer

Ok ...

Merci Noc  ;)


Poursuivons :

1- Télécharges OTMoveIt (de Old_Timer) sur ton Bureau. 
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
ou http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

Déconnectes toi et fermes toute tes applications en cours .
 
cliques double sur OTMoveIt.exe pour le lancer. 
copies ce qui se trouve en citation ci-dessous,
 
C:\Windows\System32\ihOVFfhk.ini 
C:\Windows\System32\73c254c0-.txt 
C:\VundoFix Backups 

et colles le dans le cadre de gauche de OTMoveIt2 : 
Paste standard List of Files/Folders to be moved.
 
cliques sur MoveIt! pour lancer la suppression. 
le résultat apparaîtra dans le cadre Results.
 
cliques sur Exit pour fermer. 
--->postes le rapport situé dans " C:\OTMoveIt\MovedFiles." 

Note : il te sera peut-être demandé de redémarrer le pc pour achever la suppression. 
si c'est le cas acceptes par "Yes".


2- refais un coup de CCleaner ( registre compris ) .


3- refais un scan hijackthis et postes moi le nouveau rapport obtenu pour contrôle ...

Dis moi aussi comment va le PC , du mieux ?

The Foufoun& · Answer

Pour l'instant J'ai plus de pub donc je ne fais rien merci pour tout
Je reécris si sa reviens
Merci beaucoup a toi


alllez l'ol

The Foufoun& · Answer

Je n'arive pas a coller C:\Windows\System32\ihOVFfhk.ini 
C:\Windows\System32\73c254c0-.txt 
C:\VundoFix Backups

The Foufoun& · Answer

Sa ne marche pas on peut pas coller dans le logciel

The Foufoun& · Answer

Rapport MoveIt :

The Foufoun& · Answer

Rapport Moveit :

To:C:\Windows\System32\ihOVFfhk.ini;From:C:\_OTMoveIt\MovedFiles\08242008_201716\Windows\System32\ihOVFfhk.ini
To:C:\Windows\System32\73c254c0-.txt;From:C:\_OTMoveIt\MovedFiles\08242008_201716\Windows\System32\73c254c0-.txt
To:C:\VundoFix Backups;From:C:\_OTMoveIt\MovedFiles\08242008_201716\VundoFix Backups


Maintenant je vais vaire un coup de ccclenar et je poste et je poste un rapoort hijack dans qquelque minutes

The Foufoun& · Answer

Rapport Moveit :

To:C:\Windows\System32\ihOVFfhk.ini;From:C:\_OTMoveIt\MovedFiles\08242008_201716\Windows\System32\ihOVFfhk.ini
To:C:\Windows\System32\73c254c0-.txt;From:C:\_OTMoveIt\MovedFiles\08242008_201716\Windows\System32\73c254c0-.txt
To:C:\VundoFix Backups;From:C:\_OTMoveIt\MovedFiles\08242008_201716\VundoFix Backups


Rapport Hjackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:25:47, on 24/08/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32undll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32undll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\The Foufoun&\Documents\Mes fichiers reçus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ol.fr/fr-FR/prehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Magic-i Visual Effects.lnk = C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

The Foufoun& · Answer

Ok sa march

Je dois ouvrir le raport ac le bloc not ?

sKe69 · Answer

bien ...

1- Fermes toutes tes applications et déconnectes toi .

Relances Hijackthis mais click sur " Do a scan only " 
Tu vois donc apparaitre le résultat du scan : une multitudes de lignes ,chacunes précédées d'un carré vide . 
Tu vas cliquer sur les carrés des lignes suivantes : 

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" 

Tu cliques en bas sur le bouton FIX CHECKED et valides .

2- refais un coup de CCleaner ( registre compris ) et dis moi comment va le PC ... encore des soucis ?

The Foufoun& · Answer

C'est fait CClenear a rien trouver comme ereur dans le registre 

Et pour mes pub je vais de suite sur internet et je te repond se soir ou demain matin

Problème Pub Imtempestive

24 réponses

Discussions similaires

Newsletters