Se connecter avec
S'enregistrer | Connectez-vous

pc infecté

Dernière réponse : dans Sécurité
Lassé par la pub ? Créez un compte

voici mon rapport hijackthis je crois que mon pc est pas mal infectéLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:49, on 26/12/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DialMessenger\dialmessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: CJava Object - {43F7497C-7687-4DEA-A057-F21BD81BC896} - C:\Windows\system32\msjava32.dll (file missing)
O2 - BHO: pwn plugin - {4AAC4708-FE47-4B80-92EF-47406444DDD2} - C:\Windows\pwnbho.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb123\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb123\Dealio.dll
O3 - Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - (no file)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] "C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [au] "C:\Program Files\Dealio\DealioAU.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [dmxvo.exe] C:\Windows\system32\dmxvo.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [dmbfe.tmp] C:\Windows\system32\dmbfe.tmp
O4 - HKCU\..\Run: [dmpqg.tmp] C:\Windows\system32\dmpqg.tmp
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{C3BCB2DF-3505-4294-B076-4A68F10C0642}
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Search - ?p=ZNfox000
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\greg\AppData\LocalLow\Dealio\kb123\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb123\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb123\Dealio.dll
O13 - Gopher Prefix:
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C3FB62-79A5-471B-9C49-34EB8FDD1DF5}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0DED953-00FA-4DEE-97D4-42E7AEFF025B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 14844 bytes

voici mon rapport hijackthis je crois que mon pc est pas mal infectéLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:49, on 26/12/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DialMessenger\dialmessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: CJava Object - {43F7497C-7687-4DEA-A057-F21BD81BC896} - C:\Windows\system32\msjava32.dll (file missing)
O2 - BHO: pwn plugin - {4AAC4708-FE47-4B80-92EF-47406444DDD2} - C:\Windows\pwnbho.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb123\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb123\Dealio.dll
O3 - Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - (no file)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] "C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [au] "C:\Program Files\Dealio\DealioAU.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [dmxvo.exe] C:\Windows\system32\dmxvo.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [dmbfe.tmp] C:\Windows\system32\dmbfe.tmp
O4 - HKCU\..\Run: [dmpqg.tmp] C:\Windows\system32\dmpqg.tmp
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{C3BCB2DF-3505-4294-B076-4A68F10C0642}
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Search - ?p=ZNfox000
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\greg\AppData\LocalLow\Dealio\kb123\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb123\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb123\Dealio.dll
O13 - Gopher Prefix:
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C3FB62-79A5-471B-9C49-34EB8FDD1DF5}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0DED953-00FA-4DEE-97D4-42E7AEFF025B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 14844 bytes

salut Angeldark jai donc supprimé Spyware Doctor VOICI LE RAPPORT DE L'ANALYSE BTFix 1.066 (par bibi26) - 27/12/2007 14:37:36 - Analyse
Lancé depuis C:\Users\greg\Contacts\Desktop\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- [Heuristique : Dealio Toolbar] C:\Windows\Installer\12c641.msi
- C:\Windows\Installer\{5BE93F0F-3143-4034-B57F-57848B386CA6}
- C:\Windows\system32\f3PSSavr.scr
- C:\Program Files\MyWebSearch
- C:\Program Files\Dealio
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
- C:\Program Files\Internet Explorer\msimg32.dll
- C:\Program Files\MSN Messenger\RICHED20.dll
- C:\ProgramData\Application Data\GamesBar
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dealio

---> Analyse terminée
:??: 

voici angeldark le RAPPORT comme demandé

BTFix 1.066 (par bibi26) - 27/12/2007 15:39:01 - Nettoyage - Mode sans échec
Lancé depuis C:\Users\greg\Contacts\Desktop\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés

- Fichiers temporaires effacés
- [Heuristique : Dealio Toolbar] C:\Windows\Installer\12c641.msi
- C:\Windows\Installer\{5BE93F0F-3143-4034-B57F-57848B386CA6}
- C:\Windows\system32\f3PSSavr.scr
- C:\Program Files\MyWebSearch
- C:\Program Files\Dealio
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
- C:\Program Files\Internet Explorer\msimg32.dll
- C:\Program Files\MSN Messenger\RICHED20.dll
- C:\ProgramData\Application Data\GamesBar (erreur lors de la suppression)
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dealio

---> Nettoyage terminé maintenant j'eviterai d'installé n'inporte quoi mais bon je viens d'avoir internet depuis peu

voici angeldark le RAPPORT comme demandé

BTFix 1.066 (par bibi26) - 27/12/2007 15:39:01 - Nettoyage - Mode sans échec
Lancé depuis C:\Users\greg\Contacts\Desktop\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés

- Fichiers temporaires effacés
- [Heuristique : Dealio Toolbar] C:\Windows\Installer\12c641.msi
- C:\Windows\Installer\{5BE93F0F-3143-4034-B57F-57848B386CA6}
- C:\Windows\system32\f3PSSavr.scr
- C:\Program Files\MyWebSearch
- C:\Program Files\Dealio
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
- C:\Program Files\Internet Explorer\msimg32.dll
- C:\Program Files\MSN Messenger\RICHED20.dll
- C:\ProgramData\Application Data\GamesBar (erreur lors de la suppression)
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dealio

---> Nettoyage terminé maintenant j'eviterai d'installé n'inporte quoi mais bon je viens d'avoir internet depuis peu

Voici mon log HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:18:48, on 27/12/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DialMessenger\dialmessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: pwn plugin - {4AAC4708-FE47-4B80-92EF-47406444DDD2} - C:\Windows\pwnbho.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - (no file)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] "C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [dmxvo.exe] C:\Windows\system32\dmxvo.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [dmbfe.tmp] C:\Windows\system32\dmbfe.tmp
O4 - HKCU\..\Run: [dmpqg.tmp] C:\Windows\system32\dmpqg.tmp
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{C3BCB2DF-3505-4294-B076-4A68F10C0642}
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C3FB62-79A5-471B-9C49-34EB8FDD1DF5}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0DED953-00FA-4DEE-97D4-42E7AEFF025B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 12543 bytes MERCI DE TON AIDE

Re,

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]

  • Télécharge Combofix.exe ([#ff0000]]sUBs[/#f]) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    • [/b]

    voici rComboFix 07-12-21.4 - greg 2007-12-27 18:33:29.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1032 [GMT 1:00]
    Running from: C:\Users\greg\Contacts\Desktop\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Users\greg\AppData\Local\mhwsba.dat
    C:\Users\greg\AppData\Local\mhwsba_nav.dat
    C:\Users\greg\AppData\Local\mhwsba_navps.dat
    C:\Windows\pack.epk

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-11-27 to 2007-12-27 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-26 23:54 . 1996-08-20 20:37 15,840 --a------ C:\Windows\System32\Machnm1.exe
    2007-12-26 23:54 . 2005-09-25 16:37 5,632 --a------ C:\Windows\System32\Machnm64.sys
    2007-12-26 23:54 . 2007-12-26 23:54 3,120 --a------ C:\Windows\System32\118290.54
    2007-12-26 23:54 . 2007-12-26 23:54 3,120 --a------ C:\Windows\118294.78
    2007-12-26 23:54 . 2003-08-13 00:27 2,304 --a------ C:\Windows\System32\Machnm32.sys
    2007-12-26 19:14 . 2007-12-26 19:14 <REP> d-------- C:\Users\greg\AppData\Roaming\Grisoft
    2007-12-26 19:14 . 2007-12-26 19:14 <REP> d-------- C:\Users\All Users\Grisoft
    2007-12-26 19:14 . 2007-12-26 19:14 <REP> d-------- C:\ProgramData\Grisoft
    2007-12-26 19:14 . 2007-05-30 13:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
    2007-12-26 17:17 . 2007-12-26 19:24 <REP> d-------- C:\Program Files\Panda Security
    2007-12-25 17:39 . 2007-12-25 17:39 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-25 16:58 . 2007-12-26 17:41 <REP> d-------- C:\Program Files\Lavasoft
    2007-12-24 20:26 . 2007-12-24 20:26 <REP> d-------- C:\Users\All Users\Avira
    2007-12-24 20:26 . 2007-12-24 20:26 <REP> d-------- C:\ProgramData\Avira
    2007-12-24 20:26 . 2007-12-24 20:26 <REP> d-------- C:\Program Files\Avira
    2007-12-24 16:54 . 2007-12-24 16:54 0 --ah----- C:\ProgramData.LOG2
    2007-12-24 16:54 . 2007-12-24 16:54 0 --ah----- C:\ProgramData.LOG1
    2007-12-24 00:42 . 2007-12-24 00:42 <REP> d-------- C:\Program Files\Enigma Software Group
    2007-12-23 23:43 . 2007-12-23 23:43 164 --a------ C:\install.dat
    2007-12-23 17:56 . 2007-12-23 17:56 <REP> d-------- C:\Program Files\Ubisoft
    2007-12-22 17:10 . 2007-12-22 17:10 <REP> d-------- C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
    2007-12-15 14:13 . 2007-12-15 18:48 <REP> d-------- C:\Program Files\UltraCover
    2007-12-15 13:08 . 2007-12-15 13:08 <REP> d-------- C:\Program Files\Pochette Express 2
    2007-12-15 12:56 . 2007-12-15 12:56 45 ---h----- C:\Windows\dsez4857.dat
    2007-12-15 12:41 . 2001-08-23 08:00 1,388,544 --a------ C:\Windows\System32\temp.002
    2007-12-15 12:41 . 1997-09-20 11:03 941,840 --a------ C:\Windows\System32\temp.000
    2007-12-15 12:41 . 2000-04-12 00:00 598,288 --a------ C:\Windows\System32\temp.003
    2007-12-15 12:41 . 1997-05-27 10:39 271,632 --a------ C:\Windows\System32\temp.001
    2007-12-15 12:41 . 1998-05-07 00:00 174,352 --a------ C:\Windows\System32\temp.008
    2007-12-15 12:41 . 1999-03-08 00:00 164,112 --a------ C:\Windows\System32\temp.004
    2007-12-15 12:41 . 2002-07-26 17:02 153,088 --a------ C:\Windows\System32\UNWISE.EXE
    2007-12-15 12:41 . 1999-03-08 00:00 147,728 --a------ C:\Windows\System32\temp.005
    2007-12-15 12:41 . 1998-05-31 00:00 22,288 --a------ C:\Windows\System32\temp.007
    2007-12-15 12:41 . 1999-06-03 00:00 17,920 --a------ C:\Windows\System32\temp.006
    2007-12-13 20:49 . 2007-12-13 20:49 <REP> d-------- C:\Program Files\SP38015
    2007-12-13 12:38 . 2007-12-13 12:38 1,327,104 --a------ C:\Windows\System32\quartz.dll
    2007-12-13 12:38 . 2007-12-13 12:38 223,232 --a------ C:\Windows\System32\WMASF.DLL
    2007-12-13 12:38 . 2007-12-13 12:38 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
    2007-12-13 12:38 . 2007-12-13 12:38 2,048 --a------ C:\Windows\System32\asferror.dll
    2007-12-13 12:35 . 2007-12-13 12:35 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe
    2007-12-13 12:35 . 2007-12-13 12:35 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe
    2007-12-13 12:35 . 2007-12-13 12:35 2,048 --a------ C:\Windows\System32\tzres.dll
    2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\Windows\System32\libdivx.dll
    2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\Windows\System32\ssldivx.dll
    2007-12-06 19:00 . 2007-12-06 19:00 <REP> d-------- C:\Program Files\Sierra
    2007-12-05 15:21 . 2007-12-05 15:21 <REP> d-------- C:\Program Files\Play89
    2007-12-01 01:24 . 2007-12-01 01:24 319 --a------ C:\Windows\game.ini
    2007-12-01 00:33 . 2007-12-01 00:33 <REP> d-------- C:\Program Files\DAEMON Tools
    2007-11-30 23:42 . 2007-11-30 23:42 685,816 --a------ C:\Windows\System32\drivers\sptd.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-27 14:40 --------- d-----w C:\Program Files\MSN Messenger
    2007-12-27 13:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-27 13:25 --------- d---a-w C:\ProgramData\TEMP
    2007-12-27 00:01 --------- d-----w C:\Users\greg\AppData\Roaming\Vista Start Menu
    2007-12-26 23:56 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2007-12-26 21:11 27,240 ----a-w C:\Users\greg\AppData\Roaming\nvModes.dat
    2007-12-22 19:26 --------- d-----w C:\Users\greg\AppData\Roaming\LimeWire
    2007-12-22 14:15 --------- d-----w C:\ProgramData\Media Center Programs
    2007-12-22 00:06 --------- d-----w C:\Users\greg\AppData\Roaming\Azureus
    2007-12-13 11:37 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
    2007-12-13 11:37 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
    2007-12-13 11:37 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2007-12-13 11:37 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2007-12-13 11:37 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2007-12-13 11:37 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
    2007-12-13 11:37 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
    2007-12-12 00:21 --------- d-----w C:\Program Files\DivX
    2007-12-08 14:53 --------- d-----w C:\Program Files\Sega
    2007-12-04 19:46 --------- d-----w C:\Users\greg\AppData\Roaming\InstallShield
    2007-12-01 10:28 --------- d-----w C:\Program Files\Activision
    2007-11-26 20:10 --------- d-----w C:\Users\greg\AppData\Roaming\Apple Computer
    2007-11-26 20:09 --------- d-----w C:\Program Files\Bonjour
    2007-11-20 15:06 --------- d-----w C:\ProgramData\GamesBar
    2007-11-19 21:06 --------- d-----w C:\Program Files\DomPlayer
    2007-11-19 07:02 --------- d-----w C:\Program Files\Turbo Torrent
    2007-11-18 12:08 --------- d-----w C:\Program Files\BitLord
    2007-11-18 09:58 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2007-11-17 19:25 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2007-11-16 09:59 --------- d-----w C:\Program Files\BitComet
    2007-11-14 09:23 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2007-11-14 09:23 68,707 ----a-w C:\Windows\System32\dmxvo.exe
    2007-11-14 09:23 68,707 ----a-w C:\Windows\System32\dmekr.exe
    2007-11-14 09:23 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
    2007-11-14 09:23 542,720 ----a-w C:\Windows\System32\sysmain.dll
    2007-11-14 09:23 502,784 ----a-w C:\Windows\System32\wlansvc.dll
    2007-11-14 09:23 47,104 ----a-w C:\Windows\System32\wlanapi.dll
    2007-11-14 09:23 297,984 ----a-w C:\Windows\System32\wlansec.dll
    2007-11-14 09:23 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
    2007-11-14 09:23 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
    2007-11-14 09:23 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
    2007-11-14 09:23 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
    2007-11-14 09:23 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
    2007-11-14 09:23 2,923,520 ----a-w C:\Windows\explorer.exe
    2007-11-14 09:23 2,027,008 ----a-w C:\Windows\System32\win32k.sys
    2007-11-14 09:23 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
    2007-11-14 09:23 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
    2007-11-14 09:21 --------- d-----w C:\Program Files\Windows Mail
    2007-11-13 22:21 --------- d-----w C:\Program Files\Common Files\xing shared
    2007-11-13 22:20 --------- d-----w C:\Program Files\Common Files\Real
    2007-11-10 01:49 --------- d-----w C:\Users\greg\AppData\Roaming\Ahead
    2007-11-10 01:46 --------- d-----w C:\Program Files\Common Files\Ahead
    2007-11-10 01:42 --------- d-----w C:\ProgramData\Nero
    2007-11-10 01:42 --------- d-----w C:\Program Files\Nero
    2007-11-09 20:43 --------- d-----w C:\Program Files\Atari
    2007-11-07 19:04 --------- d-----w C:\Program Files\CDBurnerXP
    2007-11-06 19:02 --------- d-----w C:\Program Files\Ratajik Software
    2007-11-05 19:47 --------- d-----w C:\Program Files\Gamenext
    2007-10-31 10:24 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
    2007-10-29 09:14 --------- d-----w C:\Program Files\Vista Start Menu
    2007-10-17 20:05 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe
    2007-10-17 19:57 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
    2007-10-17 19:44 22,328 ----a-w C:\Users\greg\AppData\Roaming\PnkBstrK.sys
    2007-10-11 12:14 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
    2007-10-11 12:14 7,680 ----a-w C:\Windows\System32\spwmp.dll
    2007-10-11 12:14 4,096 ----a-w C:\Windows\System32\dxmasf.dll
    2007-10-11 12:14 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
    2007-10-11 12:11 84,480 ----a-w C:\Windows\System32\INETRES.dll
    2007-10-11 12:11 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
    2007-10-11 12:11 737,792 ----a-w C:\Windows\System32\inetcomm.dll
    2007-09-13 21:05 0 ----a-w C:\Users\greg\AppData\Roaming\wklnhst.dat
    2007-09-07 17:24 174 --sha-w C:\Program Files\desktop.ini
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4AAC4708-FE47-4B80-92EF-47406444DDD2}]
    C:\Windows\pwnbho.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PowerPoint]
    @={B9CE503D-03F8-4161-A8A6-C912ADFCF2D4}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 13:35]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35]
    "DialMessenger"="C:\Program Files\DialMessenger\dialmessenger.exe" [2007-08-09 17:49]
    "WINSOS VERIFY"="C:\Program Files\WINSOS\WINSOS.exe" []
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" []
    "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2007-10-16 23:26]
    "BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 13:33]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 12:24]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36]
    "dmbfe.tmp"="C:\Windows\system32\dmbfe.tmp" []
    "dmpqg.tmp"="C:\Windows\system32\dmpqg.tmp" []
    "RunSpySweeperScheduleAtStartup"="C:\Windows\system32\msfeedssync.exe" [2006-11-02 10:45]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-06 18:24]
    "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 21:43]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 01:50]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 18:50 C:\Windows\RtHDVCpl.exe]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 15:37]
    "QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-04-23 17:11]
    "QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 10:38]
    "HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 10:54]
    "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 12:18]
    "WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 15:12]
    "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-06-25 22:26]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
    "NvSvc"="RUNDLL32.exe" [2006-11-02 10:45 C:\Windows\System32\rundll32.exe]
    "NvCplDaemon"="RUNDLL32.exe" [2006-11-02 10:45 C:\Windows\System32\rundll32.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2006-11-02 10:45 C:\Windows\System32\rundll32.exe]
    "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" []
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" []
    "dmxvo.exe"="C:\Windows\system32\dmxvo.exe" [2007-11-14 10:23]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-24 20:29]
    "!AVG Anti-Spyware"="C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="%WINDIR%\SMINST\launcher.exe" []

    C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders credssp.dll

    R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 15:46]
    R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-06-21 10:51]
    R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-01 11:27]
    R3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 22:28]
    S2 MyWebSearchService;My Web Search Service;C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe []
    S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 08:30]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2007-09-08 01:49]
    S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46a49f80-9f96-11dc-933e-001b24605954}]
    \shell\AutoRun\command - F:\Autorun.exe

    *Newly Created Service* - CATCHME
    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-10-15 18:37:16 C:\Windows\Tasks\Uniblue SpyEraser.job"
    - C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
    "2007-12-26 21:17:38 C:\Windows\Tasks\User_Feed_Synchronization-{C3BCB2DF-3505-4294-B076-4A68F10C0642}.job"
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 18:36:58
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-27 18:38:05
    .
    2007-12-18 20:52:38 --- E O F ---
    apport :??: 

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\Windows\System32\dmxvo.exe
    C:\Windows\System32\dmekr.exe
    C:\Windows\system32\dmbfe.tmp
    C:\Windows\system32\dmpqg.tmp

    Folder::
    C:\ProgramData\GamesBar

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4AAC4708-FE47-4B80-92EF-47406444DDD2}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "dmbfe.tmp"=-
    "dmpqg.tmp"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "dmxvo.exe"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

    VOICILE LOG COMBOFIXComboFix 07-12-21.4 - greg 2007-12-27 19:51:02.2 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1141 [GMT 1:00]
    Running from: C:\Users\greg\Contacts\Desktop\ComboFix.exe
    Command switches used :: C:\Users\greg\Contacts\Desktop\CFScript.txt..txt
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\ProgramData\GamesBar

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-11-27 to 2007-12-27 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-26 23:54 . 1996-08-20 20:37 15,840 --a------ C:\Windows\System32\Machnm1.exe
    2007-12-26 23:54 . 2005-09-25 16:37 5,632 --a------ C:\Windows\System32\Machnm64.sys
    2007-12-26 23:54 . 2007-12-26 23:54 3,120 --a------ C:\Windows\System32\118290.54
    2007-12-26 23:54 . 2007-12-26 23:54 3,120 --a------ C:\Windows\118294.78
    2007-12-26 23:54 . 2003-08-13 00:27 2,304 --a------ C:\Windows\System32\Machnm32.sys
    2007-12-26 19:14 . 2007-12-26 19:14 <REP> d-------- C:\Users\greg\AppData\Roaming\Grisoft
    2007-12-26 19:14 . 2007-12-26 19:14 <REP> d-------- C:\Users\All Users\Grisoft
    2007-12-26 19:14 . 2007-12-26 19:14 <REP> d-------- C:\ProgramData\Grisoft
    2007-12-26 19:14 . 2007-05-30 13:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
    2007-12-26 17:17 . 2007-12-26 19:24 <REP> d-------- C:\Program Files\Panda Security
    2007-12-25 17:39 . 2007-12-25 17:39 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-25 16:58 . 2007-12-26 17:41 <REP> d-------- C:\Program Files\Lavasoft
    2007-12-24 20:26 . 2007-12-24 20:26 <REP> d-------- C:\Users\All Users\Avira
    2007-12-24 20:26 . 2007-12-24 20:26 <REP> d-------- C:\ProgramData\Avira
    2007-12-24 20:26 . 2007-12-24 20:26 <REP> d-------- C:\Program Files\Avira
    2007-12-24 16:54 . 2007-12-24 16:54 0 --ah----- C:\ProgramData.LOG2
    2007-12-24 16:54 . 2007-12-24 16:54 0 --ah----- C:\ProgramData.LOG1
    2007-12-24 00:42 . 2007-12-24 00:42 <REP> d-------- C:\Program Files\Enigma Software Group
    2007-12-23 23:43 . 2007-12-23 23:43 164 --a------ C:\install.dat
    2007-12-23 17:56 . 2007-12-23 17:56 <REP> d-------- C:\Program Files\Ubisoft
    2007-12-22 17:10 . 2007-12-22 17:10 <REP> d-------- C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
    2007-12-15 14:13 . 2007-12-15 18:48 <REP> d-------- C:\Program Files\UltraCover
    2007-12-15 13:08 . 2007-12-15 13:08 <REP> d-------- C:\Program Files\Pochette Express 2
    2007-12-15 12:56 . 2007-12-15 12:56 45 ---h----- C:\Windows\dsez4857.dat
    2007-12-15 12:41 . 2001-08-23 08:00 1,388,544 --a------ C:\Windows\System32\temp.002
    2007-12-15 12:41 . 1997-09-20 11:03 941,840 --a------ C:\Windows\System32\temp.000
    2007-12-15 12:41 . 2000-04-12 00:00 598,288 --a------ C:\Windows\System32\temp.003
    2007-12-15 12:41 . 1997-05-27 10:39 271,632 --a------ C:\Windows\System32\temp.001
    2007-12-15 12:41 . 1998-05-07 00:00 174,352 --a------ C:\Windows\System32\temp.008
    2007-12-15 12:41 . 1999-03-08 00:00 164,112 --a------ C:\Windows\System32\temp.004
    2007-12-15 12:41 . 2002-07-26 17:02 153,088 --a------ C:\Windows\System32\UNWISE.EXE
    2007-12-15 12:41 . 1999-03-08 00:00 147,728 --a------ C:\Windows\System32\temp.005
    2007-12-15 12:41 . 1998-05-31 00:00 22,288 --a------ C:\Windows\System32\temp.007
    2007-12-15 12:41 . 1999-06-03 00:00 17,920 --a------ C:\Windows\System32\temp.006
    2007-12-13 20:49 . 2007-12-13 20:49 <REP> d-------- C:\Program Files\SP38015
    2007-12-13 12:38 . 2007-12-13 12:38 1,327,104 --a------ C:\Windows\System32\quartz.dll
    2007-12-13 12:38 . 2007-12-13 12:38 223,232 --a------ C:\Windows\System32\WMASF.DLL
    2007-12-13 12:38 . 2007-12-13 12:38 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
    2007-12-13 12:38 . 2007-12-13 12:38 2,048 --a------ C:\Windows\System32\asferror.dll
    2007-12-13 12:35 . 2007-12-13 12:35 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe
    2007-12-13 12:35 . 2007-12-13 12:35 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe
    2007-12-13 12:35 . 2007-12-13 12:35 2,048 --a------ C:\Windows\System32\tzres.dll
    2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\Windows\System32\libdivx.dll
    2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\Windows\System32\ssldivx.dll
    2007-12-06 19:00 . 2007-12-06 19:00 <REP> d-------- C:\Program Files\Sierra
    2007-12-05 15:21 . 2007-12-05 15:21 <REP> d-------- C:\Program Files\Play89
    2007-12-01 01:24 . 2007-12-01 01:24 319 --a------ C:\Windows\game.ini
    2007-12-01 00:33 . 2007-12-01 00:33 <REP> d-------- C:\Program Files\DAEMON Tools
    2007-11-30 23:42 . 2007-11-30 23:42 685,816 --a------ C:\Windows\System32\drivers\sptd.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-27 14:40 --------- d-----w C:\Program Files\MSN Messenger
    2007-12-27 13:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-27 13:25 --------- d---a-w C:\ProgramData\TEMP
    2007-12-27 00:01 --------- d-----w C:\Users\greg\AppData\Roaming\Vista Start Menu
    2007-12-26 23:56 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2007-12-26 21:11 27,240 ----a-w C:\Users\greg\AppData\Roaming\nvModes.dat
    2007-12-22 19:26 --------- d-----w C:\Users\greg\AppData\Roaming\LimeWire
    2007-12-22 14:15 --------- d-----w C:\ProgramData\Media Center Programs
    2007-12-22 00:06 --------- d-----w C:\Users\greg\AppData\Roaming\Azureus
    2007-12-13 11:37 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
    2007-12-13 11:37 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
    2007-12-13 11:37 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2007-12-13 11:37 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2007-12-13 11:37 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2007-12-13 11:37 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
    2007-12-13 11:37 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
    2007-12-12 00:21 --------- d-----w C:\Program Files\DivX
    2007-12-08 14:53 --------- d-----w C:\Program Files\Sega
    2007-12-04 19:46 --------- d-----w C:\Users\greg\AppData\Roaming\InstallShield
    2007-12-01 10:28 --------- d-----w C:\Program Files\Activision
    2007-11-26 20:10 --------- d-----w C:\Users\greg\AppData\Roaming\Apple Computer
    2007-11-26 20:09 --------- d-----w C:\Program Files\Bonjour
    2007-11-19 21:06 --------- d-----w C:\Program Files\DomPlayer
    2007-11-19 07:02 --------- d-----w C:\Program Files\Turbo Torrent
    2007-11-18 12:08 --------- d-----w C:\Program Files\BitLord
    2007-11-18 09:58 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2007-11-17 19:25 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2007-11-16 09:59 --------- d-----w C:\Program Files\BitComet
    2007-11-14 09:23 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2007-11-14 09:23 68,707 ----a-w C:\Windows\System32\dmxvo.exe
    2007-11-14 09:23 68,707 ----a-w C:\Windows\System32\dmekr.exe
    2007-11-14 09:23 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
    2007-11-14 09:23 542,720 ----a-w C:\Windows\System32\sysmain.dll
    2007-11-14 09:23 502,784 ----a-w C:\Windows\System32\wlansvc.dll
    2007-11-14 09:23 47,104 ----a-w C:\Windows\System32\wlanapi.dll
    2007-11-14 09:23 297,984 ----a-w C:\Windows\System32\wlansec.dll
    2007-11-14 09:23 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
    2007-11-14 09:23 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
    2007-11-14 09:23 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
    2007-11-14 09:23 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
    2007-11-14 09:23 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
    2007-11-14 09:23 2,923,520 ----a-w C:\Windows\explorer.exe
    2007-11-14 09:23 2,027,008 ----a-w C:\Windows\System32\win32k.sys
    2007-11-14 09:23 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
    2007-11-14 09:23 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
    2007-11-14 09:21 --------- d-----w C:\Program Files\Windows Mail
    2007-11-13 22:21 --------- d-----w C:\Program Files\Common Files\xing shared
    2007-11-13 22:20 --------- d-----w C:\Program Files\Common Files\Real
    2007-11-10 01:49 --------- d-----w C:\Users\greg\AppData\Roaming\Ahead
    2007-11-10 01:46 --------- d-----w C:\Program Files\Common Files\Ahead
    2007-11-10 01:42 --------- d-----w C:\ProgramData\Nero
    2007-11-10 01:42 --------- d-----w C:\Program Files\Nero
    2007-11-09 20:43 --------- d-----w C:\Program Files\Atari
    2007-11-07 19:04 --------- d-----w C:\Program Files\CDBurnerXP
    2007-11-06 19:02 --------- d-----w C:\Program Files\Ratajik Software
    2007-11-05 19:47 --------- d-----w C:\Program Files\Gamenext
    2007-10-31 10:24 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
    2007-10-29 09:14 --------- d-----w C:\Program Files\Vista Start Menu
    2007-10-17 20:05 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe
    2007-10-17 19:57 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
    2007-10-17 19:44 22,328 ----a-w C:\Users\greg\AppData\Roaming\PnkBstrK.sys
    2007-10-11 12:14 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
    2007-10-11 12:14 7,680 ----a-w C:\Windows\System32\spwmp.dll
    2007-10-11 12:14 4,096 ----a-w C:\Windows\System32\dxmasf.dll
    2007-10-11 12:14 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
    2007-10-11 12:11 84,480 ----a-w C:\Windows\System32\INETRES.dll
    2007-10-11 12:11 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
    2007-10-11 12:11 737,792 ----a-w C:\Windows\System32\inetcomm.dll
    2007-09-13 21:05 0 ----a-w C:\Users\greg\AppData\Roaming\wklnhst.dat
    2007-09-07 17:24 174 --sha-w C:\Program Files\desktop.ini
    .

    ((((((((((((((((((((((((((((( snapshot@2007-12-27_18.37.18,36 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-12-27 16:38:02 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2007-12-27 18:39:42 67,584 --s-a-w C:\Windows\bootstat.dat
    - 2007-11-21 12:10:32 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2007-12-27 17:46:54 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2007-11-21 12:10:32 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2007-12-27 17:46:54 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2007-12-27 16:38:28 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2007-12-27 18:40:57 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2007-11-21 12:10:32 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2007-12-27 17:46:54 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2007-12-27 15:12:06 1,572,864 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2007-12-27 18:43:36 1,572,864 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    - 2007-12-27 17:18:40 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2007-12-27 18:43:49 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2007-12-27 16:39:28 1,572,864 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2007-12-27 18:43:42 1,572,864 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    - 2007-12-27 16:39:55 8,834 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3380605197-3647853943-3645487637-1000_UserData.bin
    + 2007-12-27 18:44:30 9,060 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3380605197-3647853943-3645487637-1000_UserData.bin
    - 2007-12-27 16:39:54 80,588 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2007-12-27 18:44:29 80,840 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2007-12-27 16:39:52 60,690 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2007-12-27 18:44:28 60,762 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PowerPoint]
    @={B9CE503D-03F8-4161-A8A6-C912ADFCF2D4}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 13:35]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35]
    "DialMessenger"="C:\Program Files\DialMessenger\dialmessenger.exe" [2007-08-09 17:49]
    "WINSOS VERIFY"="C:\Program Files\WINSOS\WINSOS.exe" []
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" []
    "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2007-10-16 23:26]
    "BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-09-10 13:33]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 12:24]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36]
    "RunSpySweeperScheduleAtStartup"="C:\Windows\system32\msfeedssync.exe" [2006-11-02 10:45]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-06 18:24]
    "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 21:43]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 01:50]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 18:50 C:\Windows\RtHDVCpl.exe]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 15:37]
    "QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-04-23 17:11]
    "QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 10:38]
    "HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 10:54]
    "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 12:18]
    "WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 15:12]
    "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-06-25 22:26]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
    "NvSvc"="RUNDLL32.exe" [2006-11-02 10:45 C:\Windows\System32\rundll32.exe]
    "NvCplDaemon"="RUNDLL32.exe" [2006-11-02 10:45 C:\Windows\System32\rundll32.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2006-11-02 10:45 C:\Windows\System32\rundll32.exe]
    "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" []
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" []
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-24 20:29]
    "!AVG Anti-Spyware"="C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="%WINDIR%\SMINST\launcher.exe" []

    C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders credssp.dll

    R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 15:46]
    R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-06-21 10:51]
    R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-01 11:27]
    R3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 22:28]
    S2 MyWebSearchService;My Web Search Service;C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe []
    S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 08:30]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2007-09-08 01:49]
    S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46a49f80-9f96-11dc-933e-001b24605954}]
    \shell\AutoRun\command - F:\Autorun.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-10-15 18:37:16 C:\Windows\Tasks\Uniblue SpyEraser.job"
    - C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
    "2007-12-26 21:17:38 C:\Windows\Tasks\User_Feed_Synchronization-{C3BCB2DF-3505-4294-B076-4A68F10C0642}.job"
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 19:54:15
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-27 19:55:36
    C:\ComboFix2.txt ... 2007-12-27 18:38
    .
    2007-12-18 20:52:38 --- E O F ---

    PLUS LOG HIJACKTHISLogfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:01:14, on 27/12/2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\DialMessenger\dialmessenger.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Vista Start Menu\VistaStartMenu.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Windows\system32\conime.exe
    C:\Windows\Explorer.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] "C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
    O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
    O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
    O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{C3BCB2DF-3505-4294-B076-4A68F10C0642}
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{73C3FB62-79A5-471B-9C49-34EB8FDD1DF5}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A0DED953-00FA-4DEE-97D4-42E7AEFF025B}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 12059 bytes
    Lassé par la pub ? Créez un compte

    Créer un nouveau sujet

    Tom's guide dans le monde