Tom's Guide > Forum > Sécurité - Virus > rapport hijack this

rapport hijack this

Forum Sécurité - Virus : rapport hijack this

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
sakicboy   09-07-2008 à 18:55:07

bonjour pourriez vous analyze mon rapport merci beaucoup


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\clém's\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 7679719593
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
XmichouX   09-07-2008 à 20:44:12
- 0 +

Bonjour,

Tu rencontres des dysfonctionnements ?

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
sakicboy   09-07-2008 à 22:17:22
- 0 +

oui jen rencontre : -barre des taches bloquée
-une de mes partitions et mon dd externe ne s'ouvre plus et on me demande un logiciel pour l'ouvrir ( fenetre ouvrir avec )

Répondre à sakicboy
XmichouX   09-07-2008 à 22:31:01
- 0 +

Bizarre...

Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.


Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide : Comment utiliser ComboFix.

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
sakicboy   09-07-2008 à 23:54:48
- 0 +

voila michou en ts cas merci de m'aider cest sympa

Répondre à sakicboy
sakicboy   09-07-2008 à 23:55:02
- 0 +

ComboFix 08-07-09.2 - clém's 2008-07-09 23:42:21.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.500 [GMT 2:00]
Endroit: C:\Documents and Settings\clém's\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\oeminfo.ini
F:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_XPROTECTOR
-------\Service_XPROTECTOR


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-09 to 2008-07-09 ))))))))))))))))))))))))))))))))))))
.

2008-07-09 23:39 . 2008-07-09 23:40 <REP> d-------- C:\327882R2FWJFW
2008-07-09 17:41 . 2008-07-09 17:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-09 17:41 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-07-09 17:35 . 2008-07-09 17:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-09 17:35 . 2008-07-09 17:35 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2008-07-09 14:53 . 2008-07-09 14:54 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-07-09 14:53 . 2001-08-28 13:00 499,200 --a------ C:\WINDOWS\system32\gpedit.dll
2008-07-09 14:53 . 2002-08-29 10:44 284,160 --a------ C:\WINDOWS\system32\appmgr.dll
2008-07-09 14:53 . 2002-08-29 10:44 185,856 --a------ C:\WINDOWS\system32\gptext.dll
2008-07-09 14:53 . 2002-08-29 10:44 165,376 --a------ C:\WINDOWS\system32\appmgmts.dll
2008-07-09 14:53 . 2001-08-28 13:00 119,296 --a------ C:\WINDOWS\system32\fde.dll
2008-07-09 14:53 . 2002-08-29 10:44 70,144 --a------ C:\WINDOWS\system32\fdeploy.dll
2008-07-09 14:53 . 2001-08-28 13:00 34,352 --a------ C:\WINDOWS\system32\gpedit.msc
2008-07-09 14:51 . 2008-07-09 14:52 <REP> d-------- C:\Program Files\WinAce
2008-07-09 02:02 . 2008-07-09 02:02 <REP> d-------- C:\Program Files\Burn4Free Toolbar
2008-07-09 02:02 . 2008-07-09 02:02 232,075 --a------ C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_6468.exe
2008-07-09 01:56 . 2008-07-09 01:56 <REP> d-------- C:\Program Files\Burn4Free
2008-07-08 16:03 . 2008-07-08 16:03 <REP> d-------- C:\Program Files\PowerQuest
2008-07-08 14:49 . 2008-07-08 14:50 <REP> d-------- C:\Program Files\AusLogics Disk Defrag
2008-07-07 23:31 . 2008-07-07 23:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-03 01:05 . 2008-07-03 01:05 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-07-03 00:53 . 2008-07-03 00:53 <REP> d-------- C:\Program Files\MSXML 4.0
2008-07-02 14:09 . 2008-06-14 19:33 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-02 14:05 . 2008-05-08 16:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-07-01 14:48 . 2008-07-01 14:48 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-07-01 14:47 . 2008-04-13 19:34 294,912 --------- C:\WINDOWS\system32\dllcache\dlimport.exe
2008-07-01 14:44 . 2008-04-13 11:23 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2008-07-01 14:43 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\002648_.tmp
2008-07-01 14:40 . 2008-07-01 14:40 <REP> d-------- C:\WINDOWS\EHome
2008-07-01 14:21 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-07-01 14:21 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-07-01 14:21 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-26 17:18 . 2008-07-09 23:33 <REP> d-------- C:\Program Files\Everest Poker
2008-06-23 13:05 . 2008-06-23 13:08 408 --a------ C:\WINDOWS\wininit.ini
2008-06-23 12:35 . 2008-06-23 12:35 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-23 12:35 . 2008-07-07 15:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-22 14:45 . 2008-06-22 14:45 <REP> d-------- C:\WINDOWS\Sun
2008-06-16 21:37 . 2004-08-04 00:54 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-06-16 21:37 . 2008-04-13 11:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-06-16 21:37 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-06-14 16:37 . 2008-06-23 19:48 <REP> d-------- C:\Program Files\OpenOffice.org 2.4

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-09 12:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-09 12:51 --------- d-----w C:\Program Files\eMule
2008-07-08 21:25 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-07-08 14:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-07 13:05 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-07-07 13:02 --------- d-----w C:\Program Files\Yahoo!
2008-07-07 13:02 --------- d-----w C:\Program Files\CCleaner
2008-07-06 17:19 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-06-15 11:47 --------- d-----w C:\Program Files\Opera
2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-07 18:31 359,040 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2008-06-02 19:03 --------- d-----w C:\Program Files\CDBurnerXP
2008-05-24 20:03 --------- d-----w C:\Program Files\Mplayer
2008-05-24 20:02 --------- d-----w C:\Program Files\Quake III Arena
2008-05-24 19:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-05-24 19:45 --------- d-----w C:\Program Files\AVG
2008-05-24 19:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-05-21 17:14 --------- d-----w C:\Program Files\iGnuteel
2008-05-19 19:16 --------- d-----w C:\Program Files\iTunes
2008-05-19 19:16 --------- d-----w C:\Program Files\iPod
2008-05-19 19:15 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-05-19 19:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-19 18:52 64,763 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-05-19 18:52 6,116 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-05-09 21:20 --------- d-----w C:\Program Files\Universal
2008-04-13 17:34 70,656 ----a-w C:\WINDOWS\notepad.exe
2008-04-13 17:34 32,866 ------w C:\WINDOWS\slrundll.exe
2008-04-13 17:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-13 17:34 153,088 ----a-w C:\WINDOWS\regedit.exe
2008-04-13 17:34 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-13 17:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
2008-04-13 17:33 50,688 ----a-w C:\WINDOWS\twain_32.dll
2008-04-13 17:33 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
2008-04-13 17:33 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
2008-04-13 17:33 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
2008-04-13 17:33 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
2008-04-13 17:33 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
2008-04-13 17:33 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
2004-08-05 03:00 60,416 --sha-w C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
2008-07-09 02:02 806912 --a------ C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll" [2008-07-09 02:02 806912]

[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll" [2008-07-09 02:02 806912]

[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-08 23:51 68856]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-13 19:34 172544]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
--a------ 2007-03-26 15:49 69632 C:\Program Files\Softwin\BitDefender10\bdagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
--a------ 2007-04-02 16:48 290816 C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-04-08 23:51 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"SoundMan"=SOUNDMAN.EXE
"nwiz"=nwiz.exe /install

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"C:\\Program Files\\Quake III Arena\\no-cd Patch\\Quake3\\quake3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 13:55]
R1 MUsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\MUsbFltr.sys [2005-12-21 21:32]
R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\UsbFltr.sys [2005-12-21 21:31]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 11:20]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-13 19:34]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 11:45]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-25 16:35]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 15:17]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 15:17]
S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-08 23:25]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 11:45]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71a7547f-0ec2-11dd-80ea-0016eca5851b}]
\Shell\AutoRun\command - F:\jcj00ai.com
\Shell\explore\Command - F:\jcj00ai.com
\Shell\open\Command - F:\jcj00ai.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe83a1be-25d7-11dd-810f-0016eca5851b}]
\Shell\AutoRun\command - K:\jcj00ai.com
\Shell\explore\Command - K:\jcj00ai.com
\Shell\open\Command - K:\jcj00ai.com

*Newly Created Service* - AVGASCLN
.
Contenu du dossier 'Scheduled Tasks/T&#402;ches planifi‚es'
"2008-07-09 21:46:55 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-09 23:47:20
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...


C:\Documents and Settings\clém's\Application Data\Opera\Opera\profile\widgets\lvnfeepvarkyhozkzivpagyzfpiqce\cache\oprE.tmp 20 bytes

Scan termin‚ avec succ&#352;s
Les fichiers cach‚s: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-09 23:51:49 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-09 21:51:25

Pre-Run: 12,471,275,008 octets libres
Post-Run: 12,416,465,920 octets libres

Répondre à sakicboy
XmichouX   10-07-2008 à 00:02:36
- 0 +

Re,

Sélectionne l'intégralité du cadre ci-dessous :

DirLook::
C:\327882R2FWJFW

File::
C:\Documents and Settings\clém's\Application Data\Opera\Opera\profile\widgets\lvnfeepvarkyhozkzivpagyzfpiqce\cache\oprE.tmp
K:\jcj00ai.com
F:\jcj00ai.com
E:\jcj00ai.com
D:\jcj00ai.com
C:\jcj00ai.com


Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71a7547f-0ec2-11dd-80ea-0016eca5851b}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe83a1be-25d7-11dd-810f-0016eca5851b}]



  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

http://i266.photobucket.com/albums/ii277/sUBs_/CFScript.gif

  • Cela va relancer Combofix. Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
sakicboy   10-07-2008 à 01:16:16
- 0 +

omboFix 08-07-09.2 - clém's 2008-07-10 1:08:56.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.573 [GMT 2:00]
Endroit: C:\Documents and Settings\clém's\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
Command switches used :: C:\Documents and Settings\clém's\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
C:\Documents and Settings\clém's\Application Data\Opera\Opera\profile\widgets\lvnfeepvarkyhozkzivpagyzfpiqce\cache\oprE.tmp
C:\jcj00ai.com
D:\jcj00ai.com
E:\jcj00ai.com
F:\jcj00ai.com
K:\jcj00ai.com
.

((((((((((((((((((((((((((((( Fichiers créés 2008-06-09 to 2008-07-09 ))))))))))))))))))))))))))))))))))))
.

2008-07-10 01:07 . 2008-07-10 01:07 <REP> d-------- C:\Documents and Settings\cl‚m's
2008-07-09 23:52 . 2008-07-09 23:52 <REP> d-------- C:\Documents and Settings\clÚm's
2008-07-09 23:39 . 2008-07-10 01:08 <REP> d-------- C:\327882R2FWJFW
2008-07-09 17:41 . 2008-07-09 17:41 <REP> d-------- C:\Documents and Settings\clém's\Application Data\Grisoft
2008-07-09 17:41 . 2008-07-09 17:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-09 17:41 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-07-09 17:35 . 2008-07-09 17:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-09 14:53 . 2008-07-09 14:54 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-07-09 14:53 . 2001-08-28 13:00 499,200 --a------ C:\WINDOWS\system32\gpedit.dll
2008-07-09 14:53 . 2002-08-29 10:44 284,160 --a------ C:\WINDOWS\system32\appmgr.dll
2008-07-09 14:53 . 2002-08-29 10:44 185,856 --a------ C:\WINDOWS\system32\gptext.dll
2008-07-09 14:53 . 2002-08-29 10:44 165,376 --a------ C:\WINDOWS\system32\appmgmts.dll
2008-07-09 14:53 . 2001-08-28 13:00 119,296 --a------ C:\WINDOWS\system32\fde.dll
2008-07-09 14:53 . 2002-08-29 10:44 70,144 --a------ C:\WINDOWS\system32\fdeploy.dll
2008-07-09 14:53 . 2001-08-28 13:00 34,352 --a------ C:\WINDOWS\system32\gpedit.msc
2008-07-09 14:51 . 2008-07-09 14:52 <REP> d-------- C:\Program Files\WinAce
2008-07-09 02:02 . 2008-07-09 02:02 <REP> d-------- C:\Program Files\Burn4Free Toolbar
2008-07-09 02:02 . 2008-07-09 02:02 232,075 --a------ C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_6468.exe
2008-07-09 01:56 . 2008-07-09 01:56 <REP> d-------- C:\Program Files\Burn4Free
2008-07-08 16:03 . 2008-07-08 16:03 <REP> d-------- C:\Program Files\PowerQuest
2008-07-08 14:49 . 2008-07-08 14:50 <REP> d-------- C:\Program Files\AusLogics Disk Defrag
2008-07-07 23:31 . 2008-07-07 23:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-06 19:10 . 2008-07-07 12:01 <REP> d-------- C:\Documents and Settings\clém's\Application Data\AdobeUM
2008-07-03 01:05 . 2008-07-03 01:05 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-07-03 00:53 . 2008-07-03 00:53 <REP> d-------- C:\Program Files\MSXML 4.0
2008-07-02 14:09 . 2008-06-14 19:33 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-02 14:05 . 2008-05-08 16:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-07-01 14:48 . 2008-07-01 14:48 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-07-01 14:47 . 2008-04-13 19:34 294,912 --------- C:\WINDOWS\system32\dllcache\dlimport.exe
2008-07-01 14:44 . 2008-04-13 11:23 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2008-07-01 14:43 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\002648_.tmp
2008-07-01 14:40 . 2008-07-01 14:40 <REP> d-------- C:\WINDOWS\EHome
2008-07-01 14:21 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-07-01 14:21 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-07-01 14:21 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-26 17:18 . 2008-07-10 00:13 <REP> d-------- C:\Program Files\Everest Poker
2008-06-23 13:05 . 2008-06-23 13:08 408 --a------ C:\WINDOWS\wininit.ini
2008-06-23 12:35 . 2008-06-23 12:35 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-23 12:35 . 2008-07-07 15:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-22 14:45 . 2008-06-22 14:45 <REP> d-------- C:\WINDOWS\Sun
2008-06-16 21:37 . 2004-08-04 00:54 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-06-16 21:37 . 2008-04-13 11:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-06-16 21:37 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-06-14 16:42 . 2008-06-27 19:02 <REP> d-------- C:\Documents and Settings\clém's\Application Data\OpenOffice.org2
2008-06-14 16:37 . 2008-06-23 19:48 <REP> d-------- C:\Program Files\OpenOffice.org 2.4

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-09 23:07 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-07-09 12:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-09 12:51 --------- d-----w C:\Program Files\eMule
2008-07-08 21:25 355,584 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-07-08 21:25 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-07-08 14:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-07 13:05 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-07-07 13:02 --------- d-----w C:\Program Files\Yahoo!
2008-07-07 13:02 --------- d-----w C:\Program Files\CCleaner
2008-07-06 17:19 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-06-15 11:47 --------- d-----w C:\Program Files\Opera
2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-07 18:31 359,040 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2008-06-02 19:03 --------- d-----w C:\Program Files\CDBurnerXP
2008-06-02 19:03 --------- d-----w C:\Documents and Settings\clém's\Application Data\CDBurnerXP_Soft
2008-05-29 07:28 28,416 ----a-w C:\WINDOWS\system32\uxtuneup.dll
2008-05-24 20:03 --------- d-----w C:\Program Files\Mplayer
2008-05-24 20:02 --------- d-----w C:\Program Files\Quake III Arena
2008-05-24 19:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-05-24 19:45 --------- d-----w C:\Program Files\AVG
2008-05-24 19:45 --------- d-----w C:\Documents and Settings\clém's\Application Data\AVGTOOLBAR
2008-05-24 19:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-05-21 17:14 --------- d-----w C:\Program Files\iGnuteel
2008-05-19 19:16 --------- d-----w C:\Program Files\iTunes
2008-05-19 19:16 --------- d-----w C:\Program Files\iPod
2008-05-19 19:15 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-05-19 19:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-19 18:52 64,763 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-05-19 18:52 6,116 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-05-09 21:20 --------- d-----w C:\Program Files\Universal
2008-05-07 05:11 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:11 1,294,336 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-21 06:43 670,208 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-21 06:43 670,208 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2008-04-21 06:43 3,087,872 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-13 17:50 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-13 17:37 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-13 17:33 98,816 ----a-w C:\WINDOWS\system32\psbase.dll
2008-04-13 17:32 86,073 ----a-w C:\WINDOWS\system32\dllcache\voicesub.dll
2008-04-13 17:32 764,416 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-13 17:32 76,288 ----a-w C:\WINDOWS\system32\uniime.dll
2008-04-13 17:32 76,288 ----a-w C:\WINDOWS\system32\dllcache\uniime.dll
2008-04-13 17:32 67,584 ----a-w C:\WINDOWS\system32\dllcache\pmigrate.dll
2008-04-13 17:32 61,471 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-13 17:32 53,760 ----a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll
2008-04-13 17:32 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-13 17:32 426,041 ----a-w C:\WINDOWS\system32\dllcache\voicepad.dll
2008-04-13 17:32 175,104 ----a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll
2008-04-13 17:32 15,872 ----a-w C:\WINDOWS\system32\dllcache\padrs404.dll
2008-04-13 17:32 15,360 ----a-w C:\WINDOWS\system32\dllcache\padrs804.dll
2008-04-13 17:32 10,240 ----a-w C:\WINDOWS\system32\dllcache\tmigrate.dll
2008-04-13 17:07 2,147,328 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 17:07 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 17:06 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-13 17:04 93,184 ----a-w C:\WINDOWS\system32\msxml6r.dll
2008-04-13 17:04 93,184 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-04-13 17:03 81,920 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-13 17:02 50,688 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-13 17:02 2,985,984 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-04-13 17:02 2,985,984 ----a-w C:\WINDOWS\system32\dllcache\wmploc.dll
2008-04-13 17:01 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-13 16:59 200,704 ----a-w C:\WINDOWS\system32\wmerror.dll
2008-04-13 16:59 200,704 ----a-w C:\WINDOWS\system32\dllcache\wmerror.dll
2008-04-13 16:59 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-13 16:58 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 16:58 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-13 16:57 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-13 16:56 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-13 16:55 8,704 ----a-w C:\WINDOWS\system32\dllcache\asferror.dll
2008-04-13 16:55 8,704 ----a-w C:\WINDOWS\system32\asferror.dll
2008-04-13 16:54 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-13 09:45 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 09:40 445,440 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 09:36 2,986,496 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 09:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
2008-04-13 09:35 197,632 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 09:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 09:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 08:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 08:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 08:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 08:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 08:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 07:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-13 07:43 70,144 ----a-w C:\WINDOWS\system32\dllcache\pintlphr.exe
2008-04-13 07:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-13 06:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
2004-08-05 03:00 60,416 --sha-w C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\327882R2FWJFW ----

2008-04-13 19:34 29184 -ra------ C:\327882R2FWJFW\findstr.cfexe
2000-08-31 08:00 28672 -ra------ C:\327882R2FWJFW\NirCmd.cfexe
2000-08-31 08:00 212480 -ra------ C:\327882R2FWJFW\swxcacls.cfexe
2000-08-31 08:00 161792 -ra------ C:\327882R2FWJFW\swreg.cfexe


((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
2008-07-09 02:02 806912 --a------ C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll" [2008-07-09 02:02 806912]

[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll" [2008-07-09 02:02 806912]

[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-13 19:34 172544]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
--a------ 2007-03-26 15:49 69632 C:\Program Files\Softwin\BitDefender10\bdagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
--a------ 2007-04-02 16:48 290816 C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-04-08 23:51 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"SoundMan"=SOUNDMAN.EXE
"nwiz"=nwiz.exe /install

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"C:\\Program Files\\Quake III Arena\\no-cd Patch\\Quake3\\quake3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 13:55]
R1 MUsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\MUsbFltr.sys [2005-12-21 21:32]
R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\UsbFltr.sys [2005-12-21 21:31]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 11:20]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-13 19:34]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 11:45]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-25 16:35]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 15:17]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 15:17]
S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-08 23:25]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 11:45]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - AVGASCLN
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-07-09 23:00:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-10 01:11:51
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-10 1:13:41
ComboFix-quarantined-files.txt 2008-07-09 23:13:14
ComboFix2.txt 2008-07-09 21:51:52

Pre-Run: 12,430,347,776 octets libres
Post-Run: 12,418,117,632 octets libres

255 --- E O F --- 2008-07-04 00:05:04

Répondre à sakicboy
XmichouX   10-07-2008 à 02:30:57
- 0 +

Poste un nouveau rapport Hijackthis.
Toujours les mêmes problèmes ?

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
sakicboy   10-07-2008 à 15:23:36
- 0 +

slt michou , voila mon log hijack et pr te repondre je n'ai plus le probleme de partition ms j'ai toujours mon probleme de barre des taches qui se bloque ms les intervalles de temps on été allongé entre les bloquages sachant que pour debloquer je passe par le gestionnaires des taches voila merci
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Documents and Settings\clém's\Bureau\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 7679719593
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Répondre à sakicboy
XmichouX   10-07-2008 à 15:29:28
- 0 +

Re,

Essaie ça ..

Télécharge ZebRestore

Dézippe-le. Ouvre le dossier, lance le en double cliquant sur l’exe.

Coche :
- RegEdit
- Clés RUN
- Bouton Arrêter
- Windows Update
- Gestionnaire des tâches
- Panneau de configuration
- Ajout/Suppression de programmes
- Policies
- Bureau
- Réparation IE
- Extension des fichiers
- Sites de confiance et sensibles
- Préfixes et Protocoles Internet
- Réinitialiser Fichier Hosts
Clique sur Restaurer. Ferme le programme.

Est-ce que c'est mieux ?

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > rapport hijack this
Aller à :

Il y a 1233 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,271 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens