Se connecter / S'enregistrer
Votre question

aide svp mon pc rame,infecté???

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Novembre 2008 16:44:32

bonjour voila mon pc rame de plus en plus je pense qu'il est infecté.j'espere trouver de l'aide merci.
voila le rapport:

Logfile of HijackThis v1.99.1
Scan saved at 16:39, on 2008-11-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.exe
D:\WINDOWS\services.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
D:\Program Files\BroadJump\Client Foundation\CFD.exe
D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
D:\Program Files\Sony\HotKey Utility\HKserv.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\Program Files\powerpanel\Program\PcfMgr.exe
D:\Program Files\Club-Internet\Lanceur\lanceur.exe
D:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Sony\HotKey Utility\HKWnd.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\k-der.one\Bureau\worldsat\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe D:\WINDOWS\system32\fservice.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTB06823 - {BA463437-C3DE-47da-8280-87596824388A} - D:\PROGRA~1\GOOGLE~1\TOOLBA~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [UpdateManager] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SigmaTel StacMon] D:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
O4 - HKLM\..\Run: [BJCFD] D:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PhiBtn] %SystemRoot%\System32\drivers\PhiBtn.exe
O4 - HKLM\..\Run: [Traymin900] %SystemRoot%\System32\drivers\Tray900.exe
O4 - HKLM\..\Run: [HKSERV.EXE] D:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] D:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: TribalWeb.lnk = D:\Program Files\TribalWeb\tribalweb.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = D:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: PowerPanel.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download all links using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/services/symantec...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

Logfile of HijackThis v1.99.1
Scan saved at 16:41, on 2008-11-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.exe
D:\WINDOWS\services.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
D:\Program Files\BroadJump\Client Foundation\CFD.exe
D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
D:\Program Files\Sony\HotKey Utility\HKserv.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\Program Files\powerpanel\Program\PcfMgr.exe
D:\Program Files\Club-Internet\Lanceur\lanceur.exe
D:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Sony\HotKey Utility\HKWnd.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe D:\WINDOWS\system32\fservice.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTB06823 - {BA463437-C3DE-47da-8280-87596824388A} - D:\PROGRA~1\GOOGLE~1\TOOLBA~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [UpdateManager] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SigmaTel StacMon] D:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
O4 - HKLM\..\Run: [BJCFD] D:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PhiBtn] %SystemRoot%\System32\drivers\PhiBtn.exe
O4 - HKLM\..\Run: [Traymin900] %SystemRoot%\System32\drivers\Tray900.exe
O4 - HKLM\..\Run: [HKSERV.EXE] D:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] D:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: TribalWeb.lnk = D:\Program Files\TribalWeb\tribalweb.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = D:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: PowerPanel.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download all links using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/services/symantec...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

Autres pages sur : aide svp rame infecte

a b 8 Sécurité
2 Novembre 2008 18:21:28

Bonjour,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    3 Novembre 2008 18:19:29

    voila le rapport:

    ComboFix 08-11-02.05 - k-der.one 2008-11-03 18:05:03.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.131 [GMT 1:00]
    Lancé depuis: d:\documents and settings\k-der.one\Bureau\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    d:\documents and settings\k-der.one\Application Data\inst.exe
    D:\WA6P
    d:\windows\ktd32.atm
    d:\windows\services.exe
    d:\windows\system\sservice.exe
    d:\windows\system32\fservice.exe
    d:\windows\system32\reginv.dll
    d:\windows\system32\winkey.dll
    d:\windows\Temp\scsF.tmp

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-03 au 2008-11-03 ))))))))))))))))))))))))))))))))))))
    .

    2008-11-02 12:30 . 2008-11-02 12:31 <REP> d-------- d:\windows\AU_Temp
    2008-11-02 12:30 . 2008-11-02 12:31 20,712,345 --a------ d:\windows\VPTNFILE.631
    2008-11-02 12:30 . 2008-11-02 12:31 20,712,345 --a------ d:\windows\LPT$VPN.631
    2008-10-28 14:48 . 2008-10-28 14:48 350,764 --a------ d:\windows\system32\lncom.exe
    2008-10-28 14:48 . 2008-10-28 14:48 102,464 --a------ d:\windows\system32\lncom_.jpg
    2008-10-28 14:48 . 2008-10-28 14:48 102,464 --a------ d:\windows\7880060.jpg
    2008-10-28 14:48 . 2008-10-28 14:48 100,003 --a------ d:\windows\7235485.jpg
    2008-10-25 11:23 . 2007-07-09 14:11 584,192 -----c--- d:\windows\system32\dllcache\rpcrt4.dll
    2008-10-25 10:56 . 2008-10-25 11:17 <REP> d-------- d:\windows\system32\CatRoot_bak
    2008-10-17 21:32 . 2008-10-18 00:02 <REP> d-------- d:\program files\NOS
    2008-10-17 21:32 . 2008-10-18 00:02 <REP> d-------- d:\documents and settings\All Users\Application Data\NOS
    2008-10-17 20:25 . 2008-10-17 20:25 <REP> d-------- d:\program files\Microsoft ActiveSync
    2008-10-15 11:26 . 2008-09-15 16:39 1,846,144 -----c--- d:\windows\system32\dllcache\win32k.sys
    2008-10-15 11:25 . 2008-08-14 14:44 2,182,400 -----c--- d:\windows\system32\dllcache\ntoskrnl.exe
    2008-10-15 11:25 . 2008-08-14 14:44 2,138,112 -----c--- d:\windows\system32\dllcache\ntkrnlmp.exe
    2008-10-15 11:25 . 2008-08-14 14:44 2,059,776 -----c--- d:\windows\system32\dllcache\ntkrnlpa.exe
    2008-10-15 11:25 . 2008-08-14 14:44 2,017,792 -----c--- d:\windows\system32\dllcache\ntkrpamp.exe
    2008-10-09 23:47 . 2008-10-09 23:47 <REP> d-------- d:\documents and settings\k-der.one\OngameNetwork
    2008-10-09 22:33 . 2008-10-09 22:33 <REP> d-------- d:\program files\iPod
    2008-10-09 22:33 . 2008-04-17 12:12 107,368 --a------ d:\windows\system32\GEARAspi.dll
    2008-10-09 22:33 . 2008-04-17 12:12 15,464 --a------ d:\windows\system32\drivers\GEARAspiWDM.sys
    2008-10-09 22:32 . 2008-10-09 22:33 <REP> d-------- d:\program files\iTunes
    2008-10-09 22:32 . 2008-10-09 22:32 <REP> d-------- d:\program files\Bonjour
    2008-10-09 22:32 . 2008-10-09 22:33 <REP> d-------- d:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-10-09 22:30 . 2008-10-09 22:31 <REP> d-------- d:\program files\QuickTime
    2008-10-09 19:22 . 2008-10-09 19:22 <REP> d-------- d:\program files\Microsoft CAPICOM 2.1.0.2
    2008-10-09 16:05 . 2008-10-09 16:06 <REP> d-------- d:\program files\Motive
    2008-10-09 14:57 . 2007-03-08 16:37 578,560 --a--c--- d:\windows\system32\dllcache\user32.dll
    2008-10-09 14:29 . 2008-11-03 13:25 <REP> d-------- D:\SDFix
    2008-10-09 11:39 . 2008-10-09 12:01 <REP> d-------- d:\program files\Motive(2)
    2008-10-09 00:10 . 2008-10-19 17:34 <REP> d-------- d:\program files\Everest Poker

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-11-02 11:31 91,744 ----a-w d:\windows\BPMNT.dll
    2008-11-02 11:31 71,749 ----a-w d:\windows\hcextoutput.dll
    2008-11-02 11:31 348,229 ----a-w d:\windows\tsc.exe
    2008-11-02 11:31 1,213,784 ----a-w d:\windows\vsapi32.dll
    2008-10-30 07:07 --------- d-----w d:\program files\eMule
    2008-10-29 12:24 --------- d-----w d:\documents and settings\k-der.one\Application Data\Azureus
    2008-10-17 20:38 --------- d-----w d:\program files\Fichiers communs\Adobe
    2008-10-17 19:23 --------- d--h--w d:\program files\InstallShield Installation Information
    2008-10-15 13:40 --------- d-----w d:\documents and settings\All Users\Application Data\Microsoft Help
    2008-10-14 01:48 --------- d-----w d:\program files\Messenger Plus! Live
    2008-10-09 15:13 --------- d-----w d:\program files\Club-Internet
    2008-10-09 11:05 --------- d-----w d:\program files\QuickTime(2)
    2008-10-09 11:04 --------- d-----w d:\program files\iTunes(2)
    2008-10-09 11:04 --------- d-----w d:\program files\iPod(2)
    2008-10-09 11:04 --------- d-----w d:\program files\Bonjour(2)
    2008-10-09 11:03 --------- d-----w d:\program files\MOVAVI
    2008-10-09 11:03 --------- d-----w d:\program files\ConvertMovie 5.0
    2008-09-29 18:22 --------- d-----w d:\program files\DkZ Studio
    2008-01-25 16:13 47,360 ----a-w d:\documents and settings\k-der.one\Application Data\pcouffin.sys
    2006-12-29 23:35 29,192 ----a-w d:\documents and settings\k-der.one\Application Data\GDIPFONTCACHEV1.DAT
    .

    ------- Sigcheck -------

    2004-08-20 00:10 112640 fc21787f32e3793a4c7c02d2bfaa5ae0 d:\windows\ServicePackFiles\i386\wuauclt.exe
    2008-04-14 03:34 112640 7e3defe771cb451b0ff630bfa435417e d:\windows\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\wuauclt.exe
    2008-04-14 03:34 112640 7e3defe771cb451b0ff630bfa435417e d:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\wuauclt.exe
    2004-08-20 00:10 112640 fc21787f32e3793a4c7c02d2bfaa5ae0 d:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wuauclt.exe
    2008-07-18 21:10 53448 d316e28958873859b88d72cf47ad1ea5 d:\windows\system32\wuauclt.exe
    2008-07-18 21:10 53448 d316e28958873859b88d72cf47ad1ea5 d:\windows\system32\dllcache\wuauclt.exe
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="d:\windows\system32\ctfmon.exe" [2004-08-20 15360]
    "MsnMsgr"="d:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "H/PC Connection Agent"="d:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "UpdateManager"="d:\program files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
    "SigmaTel StacMon"="d:\program files\SigmaTel\C-Major Audio\stacmon.exe" [2003-07-27 49209]
    "BJCFD"="d:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
    "SunJavaUpdateSched"="d:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "HKSERV.EXE"="d:\program files\Sony\HotKey Utility\HKserv.exe" [2003-06-26 90112]
    "NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2004-04-13 3309568]
    "NBKeyScan"="d:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
    "AppleSyncNotifier"="d:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
    "QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
    "iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
    "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "BluetoothAuthenticationAgent"="irprops.cpl" [2004-08-20 d:\windows\system32\irprops.cpl]
    "SoundMan"="SOUNDMAN.EXE" [2003-06-10 d:\windows\SOUNDMAN.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2004-08-20 15360]

    d:\documents and settings\k-der.one\Menu D‚marrer\Programmes\D‚marrage\
    Club Internet.lnk - d:\program files\Club-Internet\Lanceur\lanceur.exe [2007-12-26 5484544]
    TribalWeb.lnk - d:\program files\TribalWeb\tribalweb.exe [2008-02-28 1077248]

    d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    LE COMPAGNON CLUB.lnk - d:\program files\Club-Internet\Le Compagnon Club\bin\matcli.exe [2008-10-09 217088]
    PowerPanel.lnk - d:\program files\powerpanel\Program\PcfMgr.exe [2007-02-25 872448]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.SP54"= SP5X_32.DLL
    "VIDC.SP55"= SP5X_32.DLL
    "VIDC.SP56"= SP5X_32.DLL
    "VIDC.SP57"= SP5X_32.DLL
    "VIDC.SP58"= SP5X_32.DLL
    "VIDC.dvsd"= d:\progra~1\FICHIE~1\SONYSH~1\dvlib\sonydv.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntivirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "c:\\Azureus\\Azureus.exe"=
    "d:\\Program Files\\eMule\\emule.exe"=
    "d:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
    "d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "d:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "d:\\Program Files\\TribalWeb\\tribalweb.exe"=
    "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "d:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "d:\\Program Files\\TVAnts\\Tvants.exe"=
    "d:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "d:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "d:\\Program Files\\iTunes\\iTunes.exe"=
    "d:\program files\Microsoft ActiveSync\rapimgr.exe"= d:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "d:\program files\Microsoft ActiveSync\wcescomm.exe"= d:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "d:\program files\Microsoft ActiveSync\WCESMgr.exe"= d:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R3 HSFHWSIS;HSFHWSIS;d:\windows\system32\DRIVERS\HSFHWSIS.sys [2003-08-04 156288]
    R3 softctrl;Software Flow Control Driver;d:\windows\system32\DRIVERS\softctrl.sys [2005-12-12 9760]
    R3 SPI;Périphérique de contrôle d'E/S programmable Sony;d:\windows\system32\DRIVERS\SonyPI.sys [2001-08-17 37040]
    S2 Ca536av;FashionCam Video Camera Device;d:\windows\system32\Drivers\Ca536av.sys [2003-09-05 514859]
    S3 camvid40;Philips SPC 900NC PC Camera;d:\windows\system32\DRIVERS\camdrv41.sys [2005-08-25 1240576]
    S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;d:\windows\system32\DRIVERS\WlanUZXP.sys [2005-05-12 260608]
    S3 USBCamera;FashionCam Digital Still Camera Device;d:\windows\system32\Drivers\Bulk536.sys [2003-05-14 11048]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8eada3a9-8f05-11dc-81a3-080046b3117a}]
    \Shell\AutoRun\command - RavMon.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2008-10-31 d:\windows\Tasks\AppleSoftwareUpdate.job
    - d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2008-11-02 d:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - d:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-Sonic RecordNow! Deluxe - (no file)
    HKLM-Run-PhiBtn - d:\windows\System32\drivers\PhiBtn.exe
    HKLM-Run-Traymin900 - d:\windows\System32\drivers\Tray900.exe
    HKLM-Run-Motive SmartBridge - d:\progra~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    HKLM-Run-StandardInstall - (no file)
    HKLM-Explorer_Run-DirectX For Microsoft® Windows - d:\windows\system32\fservice.exe


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - d:\documents and settings\k-der.one\Application Data\Mozilla\Firefox\Profiles\8mu0aar8.default\
    FF -: plugin - d:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
    FF -: plugin - d:\program files\iTunes\Mozilla Plugins\npitunes.dll
    FF -: plugin - d:\program files\ma-config.com\nphardwaredetection.dll
    FF -: plugin - d:\program files\Mozilla Firefox\plugins\np_gp.dll
    FF -: plugin - d:\program files\Mozilla Firefox\plugins\npmozax.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-03 18:09:45
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    d:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    d:\program files\Bonjour\mDNSResponder.exe
    d:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    d:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
    d:\windows\system32\nvsvc32.exe
    d:\progra~1\MI3AA1~1\rapimgr.exe
    d:\program files\iPod\bin\iPodService.exe
    d:\program files\sony\HotKey Utility\HKWnd.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-11-03 18:17:00 - La machine a redémarré [k-der.one]
    ComboFix-quarantined-files.txt 2008-11-03 17:16:53

    Avant-CF: 7,716,515,840 octets libres
    Après-CF: 7,807,479,808 octets libres

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect

    208 --- E O F --- 2008-10-25 18:00:57
    Contenus similaires
    4 Novembre 2008 04:01:08

    que dois je faire maintenant?merci
    a b 8 Sécurité
    4 Novembre 2008 12:38:13

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    4 Novembre 2008 18:44:31

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 759

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 126905
    Temps écoulé: 2 hour(s), 52 minute(s), 35 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a b 8 Sécurité
    5 Novembre 2008 13:02:08

    Reposte un rapport Hijackthis.
    5 Novembre 2008 14:32:49

    voila le dernier rapport:

    Logfile of HijackThis v1.99.1
    Scan saved at 14:32:10, on 05/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    D:\WINDOWS\System32\nvsvc32.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\rundll32.exe
    D:\WINDOWS\SOUNDMAN.EXE
    D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
    D:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
    D:\Program Files\BroadJump\Client Foundation\CFD.exe
    D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    D:\Program Files\Sony\HotKey Utility\HKserv.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    D:\Program Files\Microsoft ActiveSync\wcescomm.exe
    D:\Program Files\powerpanel\Program\PcfMgr.exe
    D:\Program Files\Club-Internet\Lanceur\lanceur.exe
    D:\PROGRA~1\MI3AA1~1\rapimgr.exe
    D:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Sony\HotKey Utility\HKWnd.exe
    D:\Program Files\iPod\bin\iPodService.exe
    D:\Program Files\Windows Live\Messenger\usnsvc.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Documents and Settings\k-der.one\Bureau\worldsat\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [UpdateManager] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SigmaTel StacMon] D:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
    O4 - HKLM\..\Run: [BJCFD] D:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [HKSERV.EXE] D:\Program Files\Sony\HotKey Utility\HKserv.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe
    O4 - Startup: TribalWeb.lnk = D:\Program Files\TribalWeb\tribalweb.exe
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = D:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O4 - Global Startup: PowerPanel.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Download all links using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/services/symantec...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

    a b 8 Sécurité
    5 Novembre 2008 17:44:07

    Encore des soucis ?
    8 Novembre 2008 15:09:37

    ça à l'air de tourner correctement...merci et puis si j'ai 1 souci je ferai signe!lol
    a b 8 Sécurité
    8 Novembre 2008 18:16:24

    Bon surf ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS