Mon wifi internet déconne
Fermé
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
-
26 nov. 2008 à 14:15
Thekickboxer Messages postés 211 Date d'inscription vendredi 24 octobre 2008 Statut Membre Dernière intervention 29 juin 2009 - 29 nov. 2008 à 15:46
Thekickboxer Messages postés 211 Date d'inscription vendredi 24 octobre 2008 Statut Membre Dernière intervention 29 juin 2009 - 29 nov. 2008 à 15:46
A voir également:
- Mon wifi internet déconne
- Gps sans internet - Guide
- Mon adresse ip wifi - Guide
- Voir mot de passe wifi android - Guide
- Adresse mac wifi - Guide
- Pourquoi mon ordinateur rame quand je vais sur internet - Guide
21 réponses
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
26 nov. 2008 à 14:16
26 nov. 2008 à 14:16
telecharger hijackthis et colle moi le rapport
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
26 nov. 2008 à 15:10
26 nov. 2008 à 15:10
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:10:11, on 26/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Windows\explorer.exe
C:\Users\fred\Documents\Mes téléchargements\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp-consumer.my.aol.qc.ca/?icid=notebook
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Accélérateur\PBHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accélérateur\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Network Driver Interface - Unknown owner - C:\Users\fred\AppData\Local\Temp\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3C61.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 15:10:11, on 26/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Windows\explorer.exe
C:\Users\fred\Documents\Mes téléchargements\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp-consumer.my.aol.qc.ca/?icid=notebook
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Accélérateur\PBHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accélérateur\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Network Driver Interface - Unknown owner - C:\Users\fred\AppData\Local\Temp\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3C61.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
26 nov. 2008 à 15:14
26 nov. 2008 à 15:14
merci tchaning
autre phénoméne récent je ne peux plus enlever ce que je souhaite dans le démarrage du pc
autre phénoméne récent je ne peux plus enlever ce que je souhaite dans le démarrage du pc
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
26 nov. 2008 à 15:15
26 nov. 2008 à 15:15
coche et fixe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
telecharge CCleaner et fais moi un scan et supprime les cookies
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
telecharge CCleaner et fais moi un scan et supprime les cookies
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
26 nov. 2008 à 15:19
26 nov. 2008 à 15:19
pour les enlever du demarrage , soit tu les indice sous ccleaner, oubien tu vas sur ==> demarrer ==> executer ==> tu tape msconfig valide par OK , ensuite onglet demarrage . jt'ai tout dis
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
26 nov. 2008 à 16:30
26 nov. 2008 à 16:30
re scna avec hijakcthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:46, on 26/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Users\fred\Documents\Mes téléchargements\HiJackThis.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Accélérateur\PBHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accélérateur\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Network Driver Interface - Unknown owner - C:\Users\fred\AppData\Local\Temp\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3C61.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:46, on 26/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Users\fred\Documents\Mes téléchargements\HiJackThis.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Accélérateur\PBHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accélérateur\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Network Driver Interface - Unknown owner - C:\Users\fred\AppData\Local\Temp\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3C61.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
26 nov. 2008 à 16:41
26 nov. 2008 à 16:41
okok
fixe les lignes suivante :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O23 - Service: Network Driver Interface - Unknown owner - C:\Users\fred\AppData\Local\Temp\svchost.exe (file missing)
ensuite rescan et va sur config ==> misctools ==> delete files on reboot ==> selectionne le fichier svchost.exe dans
C:\Users\fred\AppData\Local\Temp\svchost.exe
ne redemarre pas l'ordi .
telecharger combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
installe le . il va scanner tout seul . envoi le rapport . ( il se trouve dans c:\combofix\
redemarre le pc
et relance hijackthis avec scan et colle le ossi
fixe les lignes suivante :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O23 - Service: Network Driver Interface - Unknown owner - C:\Users\fred\AppData\Local\Temp\svchost.exe (file missing)
ensuite rescan et va sur config ==> misctools ==> delete files on reboot ==> selectionne le fichier svchost.exe dans
C:\Users\fred\AppData\Local\Temp\svchost.exe
ne redemarre pas l'ordi .
telecharger combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
installe le . il va scanner tout seul . envoi le rapport . ( il se trouve dans c:\combofix\
redemarre le pc
et relance hijackthis avec scan et colle le ossi
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
26 nov. 2008 à 17:34
26 nov. 2008 à 17:34
j'ai pas pu electionne le fichier svchost.exe dans C:\Users\fred\AppData\Local\Temp\svchost.exe car introuvable
voici le rapport de combofix
ComboFix 08-11-26.03 - fred 2008-11-26 17:19:39.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.2.1036.18.871 [GMT 1:00]
Lancé depuis: c:\users\fred\Documents\Mes téléchargements\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Network Driver Interface
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-26 au 2008-11-26 ))))))))))))))))))))))))))))))))))))
.
2008-11-23 22:44 . 2008-11-23 22:44 203,933,258 --a------ c:\windows\MEMORY.DMP
2008-11-17 09:16 . 2008-11-17 09:16 <REP> d-------- c:\program files\MSXML 4.0
2008-11-13 09:22 . 2008-09-10 04:25 1,341,440 --a------ c:\windows\System32\msxml6.dll
2008-11-13 09:22 . 2008-09-05 05:48 1,194,496 --a------ c:\windows\System32\msxml3.dll
2008-11-13 09:22 . 2008-08-26 02:11 211,456 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-13 09:22 . 2008-09-10 04:21 2,048 --a------ c:\windows\System32\msxml6r.dll
2008-11-13 09:22 . 2008-09-05 05:45 2,048 --a------ c:\windows\System32\msxml3r.dll
2008-10-29 09:12 . 2008-08-12 04:29 441,856 --a------ c:\windows\System32\win32spl.dll
2008-10-29 09:12 . 2008-08-12 04:29 37,376 --a------ c:\windows\System32\printcom.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-26 15:22 --------- d-----w c:\programdata\WLInstaller
2008-11-26 13:38 --------- d-----w c:\programdata\Google Updater
2008-11-17 08:21 --------- d-----w c:\programdata\Microsoft Help
2008-11-13 13:27 --------- d-----w c:\programdata\FLEXnet
2008-11-12 15:19 --------- d-----w c:\programdata\CanonIJPLM
2008-10-28 09:14 --------- d-----w c:\program files\DivX
2008-10-22 17:13 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-21 07:18 --------- d-----w c:\program files\RegCleaner
2008-10-20 06:55 --------- d-----w c:\program files\Windows Mail
2008-10-19 18:56 48,398 ----a-w c:\windows\UninstVeetleTVPlayer.exe
2008-10-19 18:56 --------- d-----w c:\program files\Veetle
2008-10-19 18:41 --------- d-----w c:\program files\Hp
2008-10-19 18:40 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-05 12:44 --------- d-----w c:\program files\Canon
2008-10-02 16:12 --------- d-----w c:\users\fred\AppData\Roaming\dvdcss
2008-10-02 03:49 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-10-01 08:13 --------- d-----w c:\program files\Picasa2
2008-07-08 13:54 174 --sha-w c:\program files\desktop.ini
2008-01-05 08:07 12,978 ----a-w c:\users\fred\AppData\Roaming\nvModes.dat
2007-07-17 15:17 0 ----a-w c:\users\fred\AppData\Roaming\wklnhst.dat
2002-08-09 04:40 153,088 ----a-w c:\program files\UNWISE.EXE
2008-01-31 14:18 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-31 14:18 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-31 14:18 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"MSConfig"="c:\windows\system32\msconfig.exe" [2006-11-02 222208]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-04-15 67128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-01-11 18:54 623992 c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy]
"DisableStatefulPPTP"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B8069D14-1D75-44A5-8F8F-A28489FF006E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{AD81B155-7909-4287-82AE-F47D42414E39}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D5D9FECE-D6FF-4E41-AAAE-0663AB615D68}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{46E12840-F971-4C19-ACFF-AA8AA432D015}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{33FF3282-BA13-49B7-B523-3FA3828F3DEC}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CFACA10A-6D1F-40A9-94C2-E438528FDB98}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{5DDA6795-D7D3-43B8-8838-3BD38D5930B1}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{E12AF48B-9D2D-440D-945A-5C1C3DD0449A}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{EFCA5EBD-CE4C-40B2-9C1D-4175989515D0}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{B45F4915-9AE3-4C7C-8DF2-6E25297ACCF3}"= UDP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{700EC1E9-BEE4-4134-A24B-EC861941006A}"= TCP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{AB8A1CB3-25DD-4DA9-8DFA-F5B955F89913}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{33D03D07-0CC9-4716-9AFD-4D84038FDF44}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"TCP Query User{9056960D-C3BC-4944-875F-C183823B1789}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{951E24AF-7D05-405D-A987-3199C9F3358B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{321BF2C4-31FB-4FFF-9AC7-D820F1B3F05F}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{0EF51445-437B-43E1-A595-DB911DFD4082}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{73F8A2CF-28E6-49FD-8D09-A9E6AC4DDEAD}c:\\program files\\tvu\\uuseeplayer.exe"= UDP:c:\program files\tvu\uuseeplayer.exe:UUPlayer
"UDP Query User{0FA02CF3-9958-409C-9E50-A7D1FD4BAA42}c:\\program files\\tvu\\uuseeplayer.exe"= TCP:c:\program files\tvu\uuseeplayer.exe:UUPlayer
"TCP Query User{020D3CF3-8F5D-40C5-B95A-6A9E8B678AF3}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{A7BE7ED2-D4B5-4165-84C4-FD9B07B78020}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{2C3A337A-01DD-414E-9C78-6D580BE99C34}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{9AE4FB86-6170-4450-80BB-5C8CB1FB05DE}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{DB3B751A-B21C-47AC-8165-E485FE1F021E}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{DD005773-916E-43BA-AA96-58EF4858E16A}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{F2FB7826-57E6-4D35-ADD0-655E8DE2B5FC}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVU Player Component
"UDP Query User{2CB84897-1CC9-40CD-8A7A-CFED4322805F}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVU Player Component
"TCP Query User{002EE921-07A0-4FA8-8397-010A35BBA79C}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{DD5A45B9-3AED-4889-864F-5FFE1660D5C4}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{5CA11760-5D97-4F82-99C0-B4C96925D8BA}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{CFCE09D2-62AD-46B3-AC78-1966AC5AAAE7}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{45DC15D2-3888-4410-ADE4-B8C7AA2D436D}c:\\users\\fred\\desktop\\tvants.exe"= UDP:c:\users\fred\desktop\tvants.exe:tvants.exe
"UDP Query User{EB3AFE4D-ED88-4DFD-9198-66CC394F3D0E}c:\\users\\fred\\desktop\\tvants.exe"= TCP:c:\users\fred\desktop\tvants.exe:tvants.exe
"TCP Query User{AA3B74CB-DC06-4B39-9A3E-261B852E666B}c:\\program files\\streamerone\\streamerone.exe"= UDP:c:\program files\streamerone\streamerone.exe:StreamerOne
"UDP Query User{8E8AF4DC-EFA5-47E0-A571-1BE5A6CDD7F8}c:\\program files\\streamerone\\streamerone.exe"= TCP:c:\program files\streamerone\streamerone.exe:StreamerOne
"TCP Query User{07027118-B5C6-458A-A2A8-4ED40576917D}c:\\program files\\21cn\\vgo\\clt.exe"= UDP:c:\program files\21cn\vgo\clt.exe:21CN VGO ?????
"UDP Query User{6E03F4C7-6280-460B-A0F6-69BCBA3B1159}c:\\program files\\21cn\\vgo\\clt.exe"= TCP:c:\program files\21cn\vgo\clt.exe:21CN VGO ?????
"TCP Query User{60291CE9-0267-4A3C-B999-EA180FA07F26}c:\\program files\\ppstream\\ppstream.exe"= UDP:c:\program files\ppstream\ppstream.exe:PPS????
"UDP Query User{0126A327-D0FE-45F7-A75C-B916F3500020}c:\\program files\\ppstream\\ppstream.exe"= TCP:c:\program files\ppstream\ppstream.exe:PPS????
"TCP Query User{3DB9167D-DBAB-4EDC-9527-9FF2632E6D2B}c:\\program files\\21cn\\vgo\\vgodl.exe"= UDP:c:\program files\21cn\vgo\vgodl.exe:vgodl
"UDP Query User{2E654D19-1726-446E-A7E9-4CC10987CD70}c:\\program files\\21cn\\vgo\\vgodl.exe"= TCP:c:\program files\21cn\vgo\vgodl.exe:vgodl
"TCP Query User{52508727-6D0A-48B9-B3A8-C3C1144053E6}c:\\program files\\ppstreamita\\ppstreamita.exe"= UDP:c:\program files\ppstreamita\ppstreamita.exe:PPstreamITA
"UDP Query User{33FC84B1-DAE1-4204-8B00-9720CFD3AF62}c:\\program files\\ppstreamita\\ppstreamita.exe"= TCP:c:\program files\ppstreamita\ppstreamita.exe:PPstreamITA
"{CBEA6630-BD16-4107-B339-EAC5A557DBB0}"= UDP:c:\program files\PPLive\PPLive.exe:PPLive
"{48FC3F28-ADB9-4791-90D6-3B46651DC0AA}"= TCP:c:\program files\PPLive\PPLive.exe:PPLive
"TCP Query User{0C3050B0-714E-4BFB-8C6F-5CFC7F092A21}c:\\program files\\viper tv player (v 7.1.1)\\viper tv player (v 7.1.1).exe"= UDP:c:\program files\viper tv player (v 7.1.1)\viper tv player (v 7.1.1).exe:VIPER TV PLAYER (v 7.1.1)
"UDP Query User{235F522E-6722-4283-8216-512761CF9E2D}c:\\program files\\viper tv player (v 7.1.1)\\viper tv player (v 7.1.1).exe"= TCP:c:\program files\viper tv player (v 7.1.1)\viper tv player (v 7.1.1).exe:VIPER TV PLAYER (v 7.1.1)
"TCP Query User{8DF18A50-01EC-4415-9D62-6689DDAF2EDB}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{82E83396-A837-4843-A06D-E641EE728514}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{5C7B22BF-C6E3-4357-ADC0-D0E8E8BE7E6B}c:\\users\\fred\\desktop\\liens tv\\tvants.exe"= UDP:c:\users\fred\desktop\liens tv\tvants.exe:tvants.exe
"UDP Query User{35A35721-2223-43D1-B8D0-788C290A2695}c:\\users\\fred\\desktop\\liens tv\\tvants.exe"= TCP:c:\users\fred\desktop\liens tv\tvants.exe:tvants.exe
"TCP Query User{4972489D-64D9-4888-9913-0AAF67947373}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{7A12DAA1-CA39-432A-9609-30774F01B441}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{E64815A1-3BB5-4D9C-963D-D6539B256035}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{B7E5C13A-D6D5-4595-834B-D17A6524EAD5}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{288AC2BD-80A3-43C6-A6B2-08BBBFB7E339}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{3B0C5E40-1FA7-4F92-8D6E-CF6A70AB023B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{DF7E2D30-184A-48C1-8887-6792A0271E01}c:\\program files\\media player classic\\mplayerc.exe"= UDP:c:\program files\media player classic\mplayerc.exe:Media Player Classic
"UDP Query User{E0B637D3-12A7-4008-814D-805CEF80B747}c:\\program files\\media player classic\\mplayerc.exe"= TCP:c:\program files\media player classic\mplayerc.exe:Media Player Classic
"{9A1BA432-7032-4C74-9F30-44CB6CE87C89}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A0EC2B1B-4A66-4C05-A0BF-88D8CFAA6D0E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{294F26A3-0A09-4486-B0F3-7295EEAEF957}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{9E5B28DB-9DA7-496F-B4DE-B1ED768E67C7}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{97FEAABD-AFDC-40F4-A7AD-E6F578B4F009}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{8CB39711-1AB9-429B-9368-092BE5C4E165}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{03571EA9-12F6-4151-8A1F-7DE25E41050A}c:\\program files\\joost\\xulrunner\\tvprunner.exe"= UDP:c:\program files\joost\xulrunner\tvprunner.exe:tvprunner
"UDP Query User{6AE9D5F9-30C0-4AC2-AD4F-E306CFC241D8}c:\\program files\\joost\\xulrunner\\tvprunner.exe"= TCP:c:\program files\joost\xulrunner\tvprunner.exe:tvprunner
"TCP Query User{6962F78D-E843-4858-AC48-95807989AA92}c:\\comptabilité simple\\cs.exe"= UDP:c:\comptabilité simple\cs.exe:CS
"UDP Query User{F0F1C26E-86ED-45E1-9E7B-ADE669B204FF}c:\\comptabilité simple\\cs.exe"= TCP:c:\comptabilité simple\cs.exe:CS
"TCP Query User{B66A5E11-B3BE-4FA6-9AF0-BF843A7D4655}c:\\program files\\soulseek\\slsk.exe"= UDP:c:\program files\soulseek\slsk.exe:SoulSeek
"UDP Query User{5E181EE4-C301-4ACC-8A24-4948FDD40241}c:\\program files\\soulseek\\slsk.exe"= TCP:c:\program files\soulseek\slsk.exe:SoulSeek
"{96A6F0C7-7963-4B39-BFFD-F218AA7C6060}"= UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{703B7638-B03D-48A1-A71E-A5FBC630E493}"= TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{EE55CC04-B76C-49FD-A3E5-EC4B6A32AA01}"= UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{2EAD96CA-339E-433B-8594-A3EA4FF6F4A5}"= TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{2BC51360-37BB-4E57-9A43-85865429CACA}"= UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{FE91A21A-5696-4B3B-9BC9-DBF89B055458}"= TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{36DB0819-C857-41D5-929D-3673EF2EBBAD}"= UDP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2M0D9FHG\incredimail_install[1].exe:IncrediMail Installer
"{9067D681-F10C-4CD5-8143-8707F5038901}"= TCP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2M0D9FHG\incredimail_install[1].exe:IncrediMail Installer
"{635E77C1-CFA9-47AD-BC7E-0F8CCB289491}"= UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:ImpCnt.exe
"{A0259CAA-1565-4711-A1D9-E51CDAB9F576}"= TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:ImpCnt.exe
"{B5ED33E1-DFB8-4581-A9CC-D5C63A26DAE5}"= Disabled:UDP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQZB0W2R\incredimail_install[1].exe:IncrediMail Installer
"{F31C1482-5DB9-4712-8B9B-C2783B7ACE03}"= Disabled:TCP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQZB0W2R\incredimail_install[1].exe:IncrediMail Installer
"{3B8D1D51-2E5A-4AC8-A239-C9C4440EE549}"= Disabled:UDP:c:\users\fred\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{EC94D596-8D90-4788-9823-6ED94CCCF371}"= Disabled:TCP:c:\users\fred\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{4FC34C3D-0BDA-4115-891E-4ED1A415584C}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{294F5B84-42B6-404F-BF7E-9F9AF7AFF0E2}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{714A9463-20B5-4D7E-80A8-0339F4F829FB}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{884DCCC3-357E-42C3-B294-959817DFC474}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{3286065E-E1C6-4EE7-A878-CBC38CE4993C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{52FA386D-C322-4206-B6D0-6BE7082D011E}c:\\program files\\microsoft office\\office12\\outlook.exe"= UDP:c:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"UDP Query User{896CFCDC-8FDD-4ADF-B5D7-436EA0617177}c:\\program files\\microsoft office\\office12\\outlook.exe"= TCP:c:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{6ADDD4EC-FA98-446F-AF66-907125A32BB1}c:\\users\\fred\\appdata\\local\\temp\\7zs17c4.tmp\\winvnc.exe"= UDP:c:\users\fred\appdata\local\temp\7zs17c4.tmp\winvnc.exe:winvnc.exe
"UDP Query User{9F3CE786-4C4F-4E6B-97BA-C3C68E25B940}c:\\users\\fred\\appdata\\local\\temp\\7zs17c4.tmp\\winvnc.exe"= TCP:c:\users\fred\appdata\local\temp\7zs17c4.tmp\winvnc.exe:winvnc.exe
"TCP Query User{C958F0DF-5B8A-4E20-90BA-314D624A7203}c:\\users\\fred\\appdata\\local\\temp\\7zsf78d.tmp\\winvnc.exe"= UDP:c:\users\fred\appdata\local\temp\7zsf78d.tmp\winvnc.exe:winvnc.exe
"UDP Query User{560711C6-1027-4665-B40F-546D5E8B97A2}c:\\users\\fred\\appdata\\local\\temp\\7zsf78d.tmp\\winvnc.exe"= TCP:c:\users\fred\appdata\local\temp\7zsf78d.tmp\winvnc.exe:winvnc.exe
"TCP Query User{DE32FA87-13D9-45BB-9140-6757DE430340}c:\\users\\fred\\appdata\\local\\temp\\7zs52e6.tmp\\winvnc.exe"= UDP:c:\users\fred\appdata\local\temp\7zs52e6.tmp\winvnc.exe:winvnc.exe
"UDP Query User{8167BA9E-6569-4C58-8861-F6517CAF9069}c:\\users\\fred\\appdata\\local\\temp\\7zs52e6.tmp\\winvnc.exe"= TCP:c:\users\fred\appdata\local\temp\7zs52e6.tmp\winvnc.exe:winvnc.exe
"{841D2265-884B-4137-998F-F61EBBB6B1BA}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{6FD180FE-C768-480E-9D1C-997B1B7D1A09}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{51B509B5-E59A-4ACA-8CBD-C5D26383E08E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{C9668655-67BF-4F8C-A1EA-63B622E4E79F}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{4DB849B3-01DE-4332-B745-599FD6AE1B51}c:\\program files\\21cn\\vgopps\\vgopps.exe"= UDP:c:\program files\21cn\vgopps\vgopps.exe:Vgo??(P2P????)-beta?
"UDP Query User{44E5C89A-EA55-48AA-8648-18406585C7D5}c:\\program files\\21cn\\vgopps\\vgopps.exe"= TCP:c:\program files\21cn\vgopps\vgopps.exe:Vgo??(P2P????)-beta?
"{4FAB3611-1C00-4AD7-8F53-C826B20E3746}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{8FFC38D6-3C24-4FA3-A94F-8C01ADEE63B9}c:\\program files\\homeplayer\\homeplayer.exe"= UDP:c:\program files\homeplayer\homeplayer.exe:HomePlayer
"UDP Query User{8D7CE021-2E59-43DD-8E78-061658D26DC8}c:\\program files\\homeplayer\\homeplayer.exe"= TCP:c:\program files\homeplayer\homeplayer.exe:HomePlayer
"{AC6E18D3-D690-4251-B9B4-CB325081C954}"= UDP:c:\program files\sina\SAP\SAPlatform.exe:SAPlatform.exe
"{9C1687EE-F35A-4372-BD08-90361351E20B}"= TCP:c:\program files\sina\SAP\SAPlatform.exe:SAPlatform.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\tvu\\UUSeePlayer.exe"= c:\program files\tvu\UUSeePlayer.exe:*:Enabled:UUSEE
"c:\\Program Files\\PPStream\\PPStream.exe"= c:\program files\PPStream\PPStream.exe:*:Enabled:PPStream
"c:\\Program Files\\PPMate\\ppmate.exe"= c:\program files\PPMate\ppmate.exe:*:Enabled:PPMate
R0 AFS;AFS;c:\windows\system32\drivers\AFS.sys [2007-08-06 77004]
R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-03-03 43816]
R2 fsssvc;Windows Live OneCare Contrôle parental;"c:\program files\Windows Live\Contrôle parental\fsssvc.exe" [2007-12-17 523816]
R2 IJPLMSVC;PIXMA Extended Survey Program;c:\program files\Canon\IJPLM\IJPLMSVC.EXE [2008-09-15 99936]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-25 600912]
R2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;c:\windows\Installer\MSI3C61.tmp [2008-09-04 189688]
R2 UxTuneUp;TuneUp Extension de thème;c:\windows\System32\svchost.exe -k netsvcs [2006-11-02 22016]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16ee781a-496f-11dc-bc7c-001b24574c9c}]
\shell\AutoRun\command - F:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29cd74ef-769a-11dd-9821-001b24574c9c}]
\shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f0989ed-0baa-11dd-a2c6-001b24574c9c}]
\shell\AutoRun\command - G:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{636e3093-4fd1-11dc-8fec-001b24574c9c}]
\shell\AutoRun\command - ouali.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7425dcc3-89fd-11dd-8fc5-001b24574c9c}]
\shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d31dfcd4-0530-11dd-b881-001b24574c9c}]
\shell\AutoRun\command - G:\InstallTomTomHOME.exe
.
Contenu du dossier 'Tâches planifiées'
2008-11-21 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-03 00:18]
2008-11-26 c:\windows\Tasks\User_Feed_Synchronization-{B0D41B4E-F467-4BA6-A72F-433B50B3CB81}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 10:45]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\users\fred\AppData\Roaming\Mozilla\Firefox\Profiles\t8fl39cc.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.free.fr
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-26 17:26:34
Windows 6.0.6000 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hp\QuickPlay\Kernel\TV\CLSched.exe
c:\windows\System32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Heure de fin: 2008-11-26 17:32:44 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-26 16:32:28
Avant-CF: 50 538 033 152 octets libres
Après-CF: 50,289,487,872 octets libres
262 --- E O F --- 2008-11-25 12:34:33
voici le rapport de combofix
ComboFix 08-11-26.03 - fred 2008-11-26 17:19:39.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.2.1036.18.871 [GMT 1:00]
Lancé depuis: c:\users\fred\Documents\Mes téléchargements\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Network Driver Interface
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-26 au 2008-11-26 ))))))))))))))))))))))))))))))))))))
.
2008-11-23 22:44 . 2008-11-23 22:44 203,933,258 --a------ c:\windows\MEMORY.DMP
2008-11-17 09:16 . 2008-11-17 09:16 <REP> d-------- c:\program files\MSXML 4.0
2008-11-13 09:22 . 2008-09-10 04:25 1,341,440 --a------ c:\windows\System32\msxml6.dll
2008-11-13 09:22 . 2008-09-05 05:48 1,194,496 --a------ c:\windows\System32\msxml3.dll
2008-11-13 09:22 . 2008-08-26 02:11 211,456 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-13 09:22 . 2008-09-10 04:21 2,048 --a------ c:\windows\System32\msxml6r.dll
2008-11-13 09:22 . 2008-09-05 05:45 2,048 --a------ c:\windows\System32\msxml3r.dll
2008-10-29 09:12 . 2008-08-12 04:29 441,856 --a------ c:\windows\System32\win32spl.dll
2008-10-29 09:12 . 2008-08-12 04:29 37,376 --a------ c:\windows\System32\printcom.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-26 15:22 --------- d-----w c:\programdata\WLInstaller
2008-11-26 13:38 --------- d-----w c:\programdata\Google Updater
2008-11-17 08:21 --------- d-----w c:\programdata\Microsoft Help
2008-11-13 13:27 --------- d-----w c:\programdata\FLEXnet
2008-11-12 15:19 --------- d-----w c:\programdata\CanonIJPLM
2008-10-28 09:14 --------- d-----w c:\program files\DivX
2008-10-22 17:13 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-21 07:18 --------- d-----w c:\program files\RegCleaner
2008-10-20 06:55 --------- d-----w c:\program files\Windows Mail
2008-10-19 18:56 48,398 ----a-w c:\windows\UninstVeetleTVPlayer.exe
2008-10-19 18:56 --------- d-----w c:\program files\Veetle
2008-10-19 18:41 --------- d-----w c:\program files\Hp
2008-10-19 18:40 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-05 12:44 --------- d-----w c:\program files\Canon
2008-10-02 16:12 --------- d-----w c:\users\fred\AppData\Roaming\dvdcss
2008-10-02 03:49 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-10-01 08:13 --------- d-----w c:\program files\Picasa2
2008-07-08 13:54 174 --sha-w c:\program files\desktop.ini
2008-01-05 08:07 12,978 ----a-w c:\users\fred\AppData\Roaming\nvModes.dat
2007-07-17 15:17 0 ----a-w c:\users\fred\AppData\Roaming\wklnhst.dat
2002-08-09 04:40 153,088 ----a-w c:\program files\UNWISE.EXE
2008-01-31 14:18 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-31 14:18 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-31 14:18 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"MSConfig"="c:\windows\system32\msconfig.exe" [2006-11-02 222208]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-04-15 67128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-01-11 18:54 623992 c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy]
"DisableStatefulPPTP"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B8069D14-1D75-44A5-8F8F-A28489FF006E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{AD81B155-7909-4287-82AE-F47D42414E39}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D5D9FECE-D6FF-4E41-AAAE-0663AB615D68}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{46E12840-F971-4C19-ACFF-AA8AA432D015}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{33FF3282-BA13-49B7-B523-3FA3828F3DEC}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CFACA10A-6D1F-40A9-94C2-E438528FDB98}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{5DDA6795-D7D3-43B8-8838-3BD38D5930B1}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{E12AF48B-9D2D-440D-945A-5C1C3DD0449A}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{EFCA5EBD-CE4C-40B2-9C1D-4175989515D0}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{B45F4915-9AE3-4C7C-8DF2-6E25297ACCF3}"= UDP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{700EC1E9-BEE4-4134-A24B-EC861941006A}"= TCP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{AB8A1CB3-25DD-4DA9-8DFA-F5B955F89913}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{33D03D07-0CC9-4716-9AFD-4D84038FDF44}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"TCP Query User{9056960D-C3BC-4944-875F-C183823B1789}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{951E24AF-7D05-405D-A987-3199C9F3358B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{321BF2C4-31FB-4FFF-9AC7-D820F1B3F05F}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{0EF51445-437B-43E1-A595-DB911DFD4082}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{73F8A2CF-28E6-49FD-8D09-A9E6AC4DDEAD}c:\\program files\\tvu\\uuseeplayer.exe"= UDP:c:\program files\tvu\uuseeplayer.exe:UUPlayer
"UDP Query User{0FA02CF3-9958-409C-9E50-A7D1FD4BAA42}c:\\program files\\tvu\\uuseeplayer.exe"= TCP:c:\program files\tvu\uuseeplayer.exe:UUPlayer
"TCP Query User{020D3CF3-8F5D-40C5-B95A-6A9E8B678AF3}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{A7BE7ED2-D4B5-4165-84C4-FD9B07B78020}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{2C3A337A-01DD-414E-9C78-6D580BE99C34}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{9AE4FB86-6170-4450-80BB-5C8CB1FB05DE}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{DB3B751A-B21C-47AC-8165-E485FE1F021E}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{DD005773-916E-43BA-AA96-58EF4858E16A}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{F2FB7826-57E6-4D35-ADD0-655E8DE2B5FC}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVU Player Component
"UDP Query User{2CB84897-1CC9-40CD-8A7A-CFED4322805F}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVU Player Component
"TCP Query User{002EE921-07A0-4FA8-8397-010A35BBA79C}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{DD5A45B9-3AED-4889-864F-5FFE1660D5C4}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{5CA11760-5D97-4F82-99C0-B4C96925D8BA}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{CFCE09D2-62AD-46B3-AC78-1966AC5AAAE7}c:\\users\\fred\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\fred\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{45DC15D2-3888-4410-ADE4-B8C7AA2D436D}c:\\users\\fred\\desktop\\tvants.exe"= UDP:c:\users\fred\desktop\tvants.exe:tvants.exe
"UDP Query User{EB3AFE4D-ED88-4DFD-9198-66CC394F3D0E}c:\\users\\fred\\desktop\\tvants.exe"= TCP:c:\users\fred\desktop\tvants.exe:tvants.exe
"TCP Query User{AA3B74CB-DC06-4B39-9A3E-261B852E666B}c:\\program files\\streamerone\\streamerone.exe"= UDP:c:\program files\streamerone\streamerone.exe:StreamerOne
"UDP Query User{8E8AF4DC-EFA5-47E0-A571-1BE5A6CDD7F8}c:\\program files\\streamerone\\streamerone.exe"= TCP:c:\program files\streamerone\streamerone.exe:StreamerOne
"TCP Query User{07027118-B5C6-458A-A2A8-4ED40576917D}c:\\program files\\21cn\\vgo\\clt.exe"= UDP:c:\program files\21cn\vgo\clt.exe:21CN VGO ?????
"UDP Query User{6E03F4C7-6280-460B-A0F6-69BCBA3B1159}c:\\program files\\21cn\\vgo\\clt.exe"= TCP:c:\program files\21cn\vgo\clt.exe:21CN VGO ?????
"TCP Query User{60291CE9-0267-4A3C-B999-EA180FA07F26}c:\\program files\\ppstream\\ppstream.exe"= UDP:c:\program files\ppstream\ppstream.exe:PPS????
"UDP Query User{0126A327-D0FE-45F7-A75C-B916F3500020}c:\\program files\\ppstream\\ppstream.exe"= TCP:c:\program files\ppstream\ppstream.exe:PPS????
"TCP Query User{3DB9167D-DBAB-4EDC-9527-9FF2632E6D2B}c:\\program files\\21cn\\vgo\\vgodl.exe"= UDP:c:\program files\21cn\vgo\vgodl.exe:vgodl
"UDP Query User{2E654D19-1726-446E-A7E9-4CC10987CD70}c:\\program files\\21cn\\vgo\\vgodl.exe"= TCP:c:\program files\21cn\vgo\vgodl.exe:vgodl
"TCP Query User{52508727-6D0A-48B9-B3A8-C3C1144053E6}c:\\program files\\ppstreamita\\ppstreamita.exe"= UDP:c:\program files\ppstreamita\ppstreamita.exe:PPstreamITA
"UDP Query User{33FC84B1-DAE1-4204-8B00-9720CFD3AF62}c:\\program files\\ppstreamita\\ppstreamita.exe"= TCP:c:\program files\ppstreamita\ppstreamita.exe:PPstreamITA
"{CBEA6630-BD16-4107-B339-EAC5A557DBB0}"= UDP:c:\program files\PPLive\PPLive.exe:PPLive
"{48FC3F28-ADB9-4791-90D6-3B46651DC0AA}"= TCP:c:\program files\PPLive\PPLive.exe:PPLive
"TCP Query User{0C3050B0-714E-4BFB-8C6F-5CFC7F092A21}c:\\program files\\viper tv player (v 7.1.1)\\viper tv player (v 7.1.1).exe"= UDP:c:\program files\viper tv player (v 7.1.1)\viper tv player (v 7.1.1).exe:VIPER TV PLAYER (v 7.1.1)
"UDP Query User{235F522E-6722-4283-8216-512761CF9E2D}c:\\program files\\viper tv player (v 7.1.1)\\viper tv player (v 7.1.1).exe"= TCP:c:\program files\viper tv player (v 7.1.1)\viper tv player (v 7.1.1).exe:VIPER TV PLAYER (v 7.1.1)
"TCP Query User{8DF18A50-01EC-4415-9D62-6689DDAF2EDB}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{82E83396-A837-4843-A06D-E641EE728514}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{5C7B22BF-C6E3-4357-ADC0-D0E8E8BE7E6B}c:\\users\\fred\\desktop\\liens tv\\tvants.exe"= UDP:c:\users\fred\desktop\liens tv\tvants.exe:tvants.exe
"UDP Query User{35A35721-2223-43D1-B8D0-788C290A2695}c:\\users\\fred\\desktop\\liens tv\\tvants.exe"= TCP:c:\users\fred\desktop\liens tv\tvants.exe:tvants.exe
"TCP Query User{4972489D-64D9-4888-9913-0AAF67947373}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{7A12DAA1-CA39-432A-9609-30774F01B441}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{E64815A1-3BB5-4D9C-963D-D6539B256035}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{B7E5C13A-D6D5-4595-834B-D17A6524EAD5}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{288AC2BD-80A3-43C6-A6B2-08BBBFB7E339}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{3B0C5E40-1FA7-4F92-8D6E-CF6A70AB023B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{DF7E2D30-184A-48C1-8887-6792A0271E01}c:\\program files\\media player classic\\mplayerc.exe"= UDP:c:\program files\media player classic\mplayerc.exe:Media Player Classic
"UDP Query User{E0B637D3-12A7-4008-814D-805CEF80B747}c:\\program files\\media player classic\\mplayerc.exe"= TCP:c:\program files\media player classic\mplayerc.exe:Media Player Classic
"{9A1BA432-7032-4C74-9F30-44CB6CE87C89}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A0EC2B1B-4A66-4C05-A0BF-88D8CFAA6D0E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{294F26A3-0A09-4486-B0F3-7295EEAEF957}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{9E5B28DB-9DA7-496F-B4DE-B1ED768E67C7}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{97FEAABD-AFDC-40F4-A7AD-E6F578B4F009}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{8CB39711-1AB9-429B-9368-092BE5C4E165}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{03571EA9-12F6-4151-8A1F-7DE25E41050A}c:\\program files\\joost\\xulrunner\\tvprunner.exe"= UDP:c:\program files\joost\xulrunner\tvprunner.exe:tvprunner
"UDP Query User{6AE9D5F9-30C0-4AC2-AD4F-E306CFC241D8}c:\\program files\\joost\\xulrunner\\tvprunner.exe"= TCP:c:\program files\joost\xulrunner\tvprunner.exe:tvprunner
"TCP Query User{6962F78D-E843-4858-AC48-95807989AA92}c:\\comptabilité simple\\cs.exe"= UDP:c:\comptabilité simple\cs.exe:CS
"UDP Query User{F0F1C26E-86ED-45E1-9E7B-ADE669B204FF}c:\\comptabilité simple\\cs.exe"= TCP:c:\comptabilité simple\cs.exe:CS
"TCP Query User{B66A5E11-B3BE-4FA6-9AF0-BF843A7D4655}c:\\program files\\soulseek\\slsk.exe"= UDP:c:\program files\soulseek\slsk.exe:SoulSeek
"UDP Query User{5E181EE4-C301-4ACC-8A24-4948FDD40241}c:\\program files\\soulseek\\slsk.exe"= TCP:c:\program files\soulseek\slsk.exe:SoulSeek
"{96A6F0C7-7963-4B39-BFFD-F218AA7C6060}"= UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{703B7638-B03D-48A1-A71E-A5FBC630E493}"= TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{EE55CC04-B76C-49FD-A3E5-EC4B6A32AA01}"= UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{2EAD96CA-339E-433B-8594-A3EA4FF6F4A5}"= TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{2BC51360-37BB-4E57-9A43-85865429CACA}"= UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{FE91A21A-5696-4B3B-9BC9-DBF89B055458}"= TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{36DB0819-C857-41D5-929D-3673EF2EBBAD}"= UDP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2M0D9FHG\incredimail_install[1].exe:IncrediMail Installer
"{9067D681-F10C-4CD5-8143-8707F5038901}"= TCP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2M0D9FHG\incredimail_install[1].exe:IncrediMail Installer
"{635E77C1-CFA9-47AD-BC7E-0F8CCB289491}"= UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:ImpCnt.exe
"{A0259CAA-1565-4711-A1D9-E51CDAB9F576}"= TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:ImpCnt.exe
"{B5ED33E1-DFB8-4581-A9CC-D5C63A26DAE5}"= Disabled:UDP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQZB0W2R\incredimail_install[1].exe:IncrediMail Installer
"{F31C1482-5DB9-4712-8B9B-C2783B7ACE03}"= Disabled:TCP:c:\users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQZB0W2R\incredimail_install[1].exe:IncrediMail Installer
"{3B8D1D51-2E5A-4AC8-A239-C9C4440EE549}"= Disabled:UDP:c:\users\fred\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{EC94D596-8D90-4788-9823-6ED94CCCF371}"= Disabled:TCP:c:\users\fred\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{4FC34C3D-0BDA-4115-891E-4ED1A415584C}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{294F5B84-42B6-404F-BF7E-9F9AF7AFF0E2}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{714A9463-20B5-4D7E-80A8-0339F4F829FB}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{884DCCC3-357E-42C3-B294-959817DFC474}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{3286065E-E1C6-4EE7-A878-CBC38CE4993C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{52FA386D-C322-4206-B6D0-6BE7082D011E}c:\\program files\\microsoft office\\office12\\outlook.exe"= UDP:c:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"UDP Query User{896CFCDC-8FDD-4ADF-B5D7-436EA0617177}c:\\program files\\microsoft office\\office12\\outlook.exe"= TCP:c:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{6ADDD4EC-FA98-446F-AF66-907125A32BB1}c:\\users\\fred\\appdata\\local\\temp\\7zs17c4.tmp\\winvnc.exe"= UDP:c:\users\fred\appdata\local\temp\7zs17c4.tmp\winvnc.exe:winvnc.exe
"UDP Query User{9F3CE786-4C4F-4E6B-97BA-C3C68E25B940}c:\\users\\fred\\appdata\\local\\temp\\7zs17c4.tmp\\winvnc.exe"= TCP:c:\users\fred\appdata\local\temp\7zs17c4.tmp\winvnc.exe:winvnc.exe
"TCP Query User{C958F0DF-5B8A-4E20-90BA-314D624A7203}c:\\users\\fred\\appdata\\local\\temp\\7zsf78d.tmp\\winvnc.exe"= UDP:c:\users\fred\appdata\local\temp\7zsf78d.tmp\winvnc.exe:winvnc.exe
"UDP Query User{560711C6-1027-4665-B40F-546D5E8B97A2}c:\\users\\fred\\appdata\\local\\temp\\7zsf78d.tmp\\winvnc.exe"= TCP:c:\users\fred\appdata\local\temp\7zsf78d.tmp\winvnc.exe:winvnc.exe
"TCP Query User{DE32FA87-13D9-45BB-9140-6757DE430340}c:\\users\\fred\\appdata\\local\\temp\\7zs52e6.tmp\\winvnc.exe"= UDP:c:\users\fred\appdata\local\temp\7zs52e6.tmp\winvnc.exe:winvnc.exe
"UDP Query User{8167BA9E-6569-4C58-8861-F6517CAF9069}c:\\users\\fred\\appdata\\local\\temp\\7zs52e6.tmp\\winvnc.exe"= TCP:c:\users\fred\appdata\local\temp\7zs52e6.tmp\winvnc.exe:winvnc.exe
"{841D2265-884B-4137-998F-F61EBBB6B1BA}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{6FD180FE-C768-480E-9D1C-997B1B7D1A09}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{51B509B5-E59A-4ACA-8CBD-C5D26383E08E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{C9668655-67BF-4F8C-A1EA-63B622E4E79F}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{4DB849B3-01DE-4332-B745-599FD6AE1B51}c:\\program files\\21cn\\vgopps\\vgopps.exe"= UDP:c:\program files\21cn\vgopps\vgopps.exe:Vgo??(P2P????)-beta?
"UDP Query User{44E5C89A-EA55-48AA-8648-18406585C7D5}c:\\program files\\21cn\\vgopps\\vgopps.exe"= TCP:c:\program files\21cn\vgopps\vgopps.exe:Vgo??(P2P????)-beta?
"{4FAB3611-1C00-4AD7-8F53-C826B20E3746}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{8FFC38D6-3C24-4FA3-A94F-8C01ADEE63B9}c:\\program files\\homeplayer\\homeplayer.exe"= UDP:c:\program files\homeplayer\homeplayer.exe:HomePlayer
"UDP Query User{8D7CE021-2E59-43DD-8E78-061658D26DC8}c:\\program files\\homeplayer\\homeplayer.exe"= TCP:c:\program files\homeplayer\homeplayer.exe:HomePlayer
"{AC6E18D3-D690-4251-B9B4-CB325081C954}"= UDP:c:\program files\sina\SAP\SAPlatform.exe:SAPlatform.exe
"{9C1687EE-F35A-4372-BD08-90361351E20B}"= TCP:c:\program files\sina\SAP\SAPlatform.exe:SAPlatform.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\tvu\\UUSeePlayer.exe"= c:\program files\tvu\UUSeePlayer.exe:*:Enabled:UUSEE
"c:\\Program Files\\PPStream\\PPStream.exe"= c:\program files\PPStream\PPStream.exe:*:Enabled:PPStream
"c:\\Program Files\\PPMate\\ppmate.exe"= c:\program files\PPMate\ppmate.exe:*:Enabled:PPMate
R0 AFS;AFS;c:\windows\system32\drivers\AFS.sys [2007-08-06 77004]
R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-03-03 43816]
R2 fsssvc;Windows Live OneCare Contrôle parental;"c:\program files\Windows Live\Contrôle parental\fsssvc.exe" [2007-12-17 523816]
R2 IJPLMSVC;PIXMA Extended Survey Program;c:\program files\Canon\IJPLM\IJPLMSVC.EXE [2008-09-15 99936]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-25 600912]
R2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;c:\windows\Installer\MSI3C61.tmp [2008-09-04 189688]
R2 UxTuneUp;TuneUp Extension de thème;c:\windows\System32\svchost.exe -k netsvcs [2006-11-02 22016]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16ee781a-496f-11dc-bc7c-001b24574c9c}]
\shell\AutoRun\command - F:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29cd74ef-769a-11dd-9821-001b24574c9c}]
\shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f0989ed-0baa-11dd-a2c6-001b24574c9c}]
\shell\AutoRun\command - G:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{636e3093-4fd1-11dc-8fec-001b24574c9c}]
\shell\AutoRun\command - ouali.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7425dcc3-89fd-11dd-8fc5-001b24574c9c}]
\shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d31dfcd4-0530-11dd-b881-001b24574c9c}]
\shell\AutoRun\command - G:\InstallTomTomHOME.exe
.
Contenu du dossier 'Tâches planifiées'
2008-11-21 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-03 00:18]
2008-11-26 c:\windows\Tasks\User_Feed_Synchronization-{B0D41B4E-F467-4BA6-A72F-433B50B3CB81}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 10:45]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\users\fred\AppData\Roaming\Mozilla\Firefox\Profiles\t8fl39cc.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.free.fr
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-26 17:26:34
Windows 6.0.6000 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hp\QuickPlay\Kernel\TV\CLSched.exe
c:\windows\System32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Heure de fin: 2008-11-26 17:32:44 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-26 16:32:28
Avant-CF: 50 538 033 152 octets libres
Après-CF: 50,289,487,872 octets libres
262 --- E O F --- 2008-11-25 12:34:33
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
26 nov. 2008 à 17:36
26 nov. 2008 à 17:36
voici hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:22, on 26/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Users\fred\Documents\Mes téléchargements\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Accélérateur\PBHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accélérateur\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3C61.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:22, on 26/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Users\fred\Documents\Mes téléchargements\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Accélérateur\PBHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accélérateur\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3C61.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
26 nov. 2008 à 17:47
26 nov. 2008 à 17:47
sous hijackthis , fixed
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
ensuite telecharger CCLEANER ET LANCE UN SCAN , NETTOIE TOUT , LE REGISTRE AUSSI ( SAUVEGARDER 1 FOIS et scanner plusieur fois le REGISTRE ) , desinstalle les logiciels inutiles. desactive aussi les programmes qui demarre automatiquement au demarrage de windows.
pour finir , lance un scan sur https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
met a jour ton pc ( MISE A JOUR WINDOWS , MAJ ANTIVIRUS (antivirus ou avast gratuit les deux ))
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: VGOIEHelper Class - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - (no file)
ensuite telecharger CCLEANER ET LANCE UN SCAN , NETTOIE TOUT , LE REGISTRE AUSSI ( SAUVEGARDER 1 FOIS et scanner plusieur fois le REGISTRE ) , desinstalle les logiciels inutiles. desactive aussi les programmes qui demarre automatiquement au demarrage de windows.
pour finir , lance un scan sur https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
met a jour ton pc ( MISE A JOUR WINDOWS , MAJ ANTIVIRUS (antivirus ou avast gratuit les deux ))
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
26 nov. 2008 à 17:57
26 nov. 2008 à 17:57
kapershy est en cours de développement sous vista
le reste est fait, y a t il un moyen de savoir si mon problème est réglé autre qu'attendre un évrntuel prochain decrochage?
je quitte pour ce soir
merci, je te reviens demain
encore merci pour le temps que tu viens de me consacrer
fred
le reste est fait, y a t il un moyen de savoir si mon problème est réglé autre qu'attendre un évrntuel prochain decrochage?
je quitte pour ce soir
merci, je te reviens demain
encore merci pour le temps que tu viens de me consacrer
fred
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
26 nov. 2008 à 18:00
26 nov. 2008 à 18:00
enfaite je me suis plus basé sur la sécurité de ton pc k pour ton wifi dsl. mais c'est la suite sera pour ton principal problem
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
26 nov. 2008 à 18:00
26 nov. 2008 à 18:00
enfaite je me suis plus basé sur la sécurité de ton pc k pour ton wifi dsl. mais c'est la suite sera pour ton principal problem
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
27 nov. 2008 à 10:23
27 nov. 2008 à 10:23
bonjour
j'ai pas trés bien compris ce que tu veux dire
tu veux dire que nous avons sécurisé mon pc par les manips que tu m'as faites faire?
et pour mon souci de wifi?
ce matin ça a l'air de fonctionner
j'ai pas trés bien compris ce que tu veux dire
tu veux dire que nous avons sécurisé mon pc par les manips que tu m'as faites faire?
et pour mon souci de wifi?
ce matin ça a l'air de fonctionner
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
27 nov. 2008 à 16:02
27 nov. 2008 à 16:02
salut
malheureusement, ça se déconnecte encore
malheureusement, ça se déconnecte encore
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
29 nov. 2008 à 12:34
29 nov. 2008 à 12:34
bon toujours le même probléme,
je sais plus quoi faire
je sais plus quoi faire
Thekickboxer
Messages postés
211
Date d'inscription
vendredi 24 octobre 2008
Statut
Membre
Dernière intervention
29 juin 2009
21
29 nov. 2008 à 12:48
29 nov. 2008 à 12:48
Bonjour,
Je vous invite à tester de surfer sur le net en étant à proximité de votre routeur (1 ou 2 m max) car la distance séparant le routeur du pc portable peut poser problème.
Sinon, essayez de voir dans le Gestionnaire de périphérique (Démarrer > Panneau de configuration > Affichage classique en haut à gauche > Système > Gestionnaire de périphérique en haut à gauche) si votre carte wifi est configuré pour ce mettre en veille ou pas.
Cordialement
Je vous invite à tester de surfer sur le net en étant à proximité de votre routeur (1 ou 2 m max) car la distance séparant le routeur du pc portable peut poser problème.
Sinon, essayez de voir dans le Gestionnaire de périphérique (Démarrer > Panneau de configuration > Affichage classique en haut à gauche > Système > Gestionnaire de périphérique en haut à gauche) si votre carte wifi est configuré pour ce mettre en veille ou pas.
Cordialement
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
29 nov. 2008 à 13:36
29 nov. 2008 à 13:36
bonjour theki
merci de ton aide
je suis allé sur le gestion. de priph mais je ne vois nulle part ou décider ou pas de la mise en veille
mon pc est a un mètre du routeur, un autre pc portable fonctionne lui correctement, le mien fonctionnait également correctement sauf depuis quelques semaines
merci de ton aide
je suis allé sur le gestion. de priph mais je ne vois nulle part ou décider ou pas de la mise en veille
mon pc est a un mètre du routeur, un autre pc portable fonctionne lui correctement, le mien fonctionnait également correctement sauf depuis quelques semaines
Thekickboxer
Messages postés
211
Date d'inscription
vendredi 24 octobre 2008
Statut
Membre
Dernière intervention
29 juin 2009
21
29 nov. 2008 à 14:19
29 nov. 2008 à 14:19
Dans le gestionnaire de périphérique, il y a plusieurs catégories dont Carte réseau. Dans cette catégorie, vous avez votre carte wifi integré qui doit aparaitre. Je vous invite à faire un clique droit dessus et de choisir Proprièté. Dans la fenêtre qui va s'aficher, vous aller pouvoir voir les paramètres avancés de votre carte wifi intégré.
ivry
Messages postés
119
Date d'inscription
samedi 23 juillet 2005
Statut
Membre
Dernière intervention
31 juillet 2012
19
29 nov. 2008 à 15:10
29 nov. 2008 à 15:10
je sais y aller dans propriété des composants du gesti de periph masi je ne vois nmulle part la possibilitéde mettre en veille
mais je ne voispas le probléme venir de là, car parfois ça marche parfois non, c'est assez irrégulier........je viens de faire tourner un anti virus, tien de toruvé
je sais plus quoi faire
mais je ne voispas le probléme venir de là, car parfois ça marche parfois non, c'est assez irrégulier........je viens de faire tourner un anti virus, tien de toruvé
je sais plus quoi faire