Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

PC qui ram de plus en plus

 

SECURITE : g3n-h@ckm@n, ElliotNess, 1 utilisateur anonyme et 109 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
 Mot :  Pseudo :  
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

PC qui ram de plus en plus

Prévenir les modérateurs en cas d'abus 
supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 26/12/2009 à 05:45:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjours a tous je vient ici pour vous demander votre aide car depuit un moment mon pc ram de plus en plus et la sa devient assez catastrophique.
 Alors je m en remai a vous et vous remercie d avance dans l espoire d une aide si presieuse.

nasonex
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/12/2009 à 06:11:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
l'Os ?
 lancez en 1er le gestionnaire de tâches et regardez le nombre d'applis qui tournent.
 Installez CCleaner, lancez l'analyse et enlevez le surplus...
 méthode ultime: sauvegardez vos données, formatez et réinstallez l'OS.

(Publicité)
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 26/12/2009 à 12:43:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Il y a surement autre chose à faire, dans un 1er temps ...

 Fais un scan HijackThis et poste le rapport.

supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 26/12/2009 à 12:49:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 merci pour ton aide kmisol voici le raport demander :

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 11:47:42, on 26/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\SOUNDMAN.EXE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Logitech\Logitech Vid\vid.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Skype\Phone\Skype.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 C:\Program Files\SFR\Media Center\MediaCenter.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
 C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
 C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\AskBarDis\bar\bin\AskSer​vice.exe
 C:\Program Files\AskBarDis\bar\bin\ASKUpg​rade.exe
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\Skype\Plugin Manager\skypePM.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\WINDOWS\system32\wscntfy.ex​e
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\WINDOWS\system32\drivers\sv​chost.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll
 O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e​39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b8​8305f98} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\sv​chost.exe
 O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers [...] 0_4_13.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskSer​vice.exe
 O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpg​rade.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 --
 End of file - 10713 bytes

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 26/12/2009 à 13:52:54  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Tu as toutes les toolbars qu' il ne faut pas !

 Dealio, Seach Settings, Askbar.

 ---
 Télécharge Toolbar S&D (Team IDN) sur ton Bureau.

 Lance l'installation du programme en exécutant le fichier téléchargé.
 Double-clique maintenant sur le raccourci de Toolbar-S&D.
 Sélectionne la langue de ton choix puis, valide avec la touche Entrée.
 Ensuite, choisis l'option 1 (Recherche).
 Patiente jusqu'à la fin de la recherche.
 Le contenu du rapport est situé dans : C:\TB.txt

 Ne poste pas le rapport et referme le programme ...

 ---
 Relance Toolbar-S&D en double-cliquant sur le raccourci.
 Fais le choix 2, puis valide en appuyant sur Entrée.

 Ne ferme pas la fenêtre lors de la suppression !

 Un rapport est généré. Poste-le dans ta prochaine réponse.

 PS : si ton bureau ne réapparaît pas, appuie simultanément sur
 Ctrl/Alt/Suppr pour ouvrir le Gestionnaire de tâches.
 Rends-toi sur l’ onglet "Processus" ; clique en haut, à gauche sur
 "Fichier" et choisis "Exécuter..."
 Tape explorer, puis valide.

 Les toolbars fauduleuses :

 Elles provoquent des ralentissements et peuvent diffuser à ton insu
 des informations personnelles.
 N’ installe pas ces "toolbars" souvent proposées avec des logiciels "gratuits".

 http://forum.malekal.com/les-t [...] t6173.html

 ---
 Ensuite, ...

 Ouvre le bloc-notes et fais un copier coller de ce qui est en gras,
 ci-dessous (copie tout d'un trait) :

 REGEDIT4

 [Hkey_Local_Machine\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SearchSettings"=-
 [Hkey_Current_User\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "SVCHOST.EXE"=-

 

 Puis "fichier"/"enregistrer sous" :
 dans : sur le bureau
 Nom du fichier : fix.reg
 Type de fichier : "tous les fichiers"
 clique sur "enregistrer"

 L'icône de fix.reg doit ressembler à cela http://www.hiboox.com/images/4​905/avnoztv.jpg

 (si ce n’ est déjà fait) Télécharge CCleaner  …
 ("Download Latest Version", sur la droite) et laisse-toi guider.
 A un moment, il te sera demandé de cocher :
 "Ajouter la barre d' outils Yahoo". Refuse et …
 Laisse-le s’ installer tel que …

 Redémarre le PC en  mode sans échec  …
 -> méthode F8 (ou F5/F11 sur certains PC) de préférence
 
 ------------------------------​--------------
 Tu n' auras pas accès à Internet pendant le "mode sans échec".
 Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
 sur le "bureau" pour l' avoir à ta disposition.
 ------------------------------​--------------

 Affiche les fichiers et dossiers cachés
 Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
 Ensuite, clique sur > Outils > Options des dossiers ...  
 clique sur l' onglet « Affichage » et ...
 coche --> Afficher les fichiers et dossiers cachés
 décoche > Masquer les extensions des fichiers dont le type est connu
 décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
 « Appliquer » et « OK ».

 Ferme toutes les fenêtres et applications.
 Relance HijackThis et clique sur > Do a system scan only puis, coche
 les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :

 R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll  
 O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e​39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll
 O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b8​8305f98} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll  
 O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
 O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\sv​chost.exe

 Ensuite, clique sur > Fix checked et valide par "Yes".
 Referme HijackThis.

 Via > Démarrer > Panneau de config. > Ajout/suppres… de prog.  

 Supprime, si tu le(s) trouves :

 Search Settings
 Dealio Toolbar
 AskBarDis

 Puis, via > Démarrer > Poste de travail > C:\

 et supprime le(s) programme(s)/ fichier(s) en gras, ci-dessous, si tu le(s) trouves.

 C:\Program Files\Search Settings
 C:\Program Files\Dealio Toolbar
 C:\Program Files\AskBarDis
 C:\WINDOWS\system32\drivers\svchost.exe

 Double clique sur fix2.reg => tu dois obligatoirement avoir un message
 "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
 Si c'est le cas, clique sur "oui"

 Remet les fichiers et dossiers cachés comme tu les as trouvés !

 Lance CCleaner ...
 Clique sur > Analyser > Nettoyer, puis sur OK dans la fenêtre qui s' affiche.  
 (re)Lance le nettoyage et (re)confirme par OK.

 Redémarre le PC en mode normal ...

 Relance un scan HijackThis et poste le rapport.

(Publicité)
supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 26/12/2009 à 14:23:07  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok alors voici deja le raport toolbar

-----------\\  ToolBar S&D 1.2.9   XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) 4 CPU 3.40GHz )

BIOS : Award Modular BIOS v6.00PG

USER : supermagichaze ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:232 Go (Free:46 Go)

D:\ (CD or DVD)

E:\ (USB)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (USB)

J:\ (USB) - FAT32 - Total:7649 Mo (Free:7 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [2] ( 26/12/2009|13:16 )

-----------\\ SUPPRESSION

Supprime! - [Service] ASKService

Supprime! - [Service] ASKUpgrade

Supprime! - C:\Program Files\AskBarDis\bar

Supprime! - C:\Program Files\AskBarDis\unins000.dat

Supprime! - C:\Program Files\AskBarDis\unins000.exe

Supprime! - C:\DOCUME~1\SUPERM~1\APPLIC~1\​Dealio\res

Supprime! - C:\DOCUME~1\SUPERM~1\APPLIC~1\​Dealio\temp

Supprime! - C:\Program Files\Mozilla Firefox\extensions\search@sear​chsettings.com

Supprime! - C:\DOCUME~1\SUPERM~1\APPLIC~1\​Search Settings\kb128

Supprime! - C:\Program Files\Search Settings\kb128

Supprime! - C:\Program Files\Search Settings\SearchSettings.exe

Supprime! - C:\Program Files\AskBarDis

Supprime! - C:\DOCUME~1\SUPERM~1\APPLIC~1\​Dealio

Supprime! - C:\DOCUME~1\SUPERM~1\APPLIC~1\​Search Settings

Supprime! - C:\Program Files\Search Settings

-----------\\  Recherche de Fichiers / Dossiers ...

-----------\\  Extensions

(supermagichaze) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

(supermagichaze) - {62760FD6-B943-48C9-AB09-F99C6​FE96088} => ebaycompanion

-----------\\  [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Mic​rosoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\​blank.htm"

"Start Page"="http://www.sfr.fr/kit/a​dsl/"

"Search Page"="http://home.microsoft.c​om/access/allinone.asp"

"Search Bar"="http://g.msn.fr/0SEFRFR/​SAOS02"

[HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.​microsoft.com/fwlink/?LinkId=6​9157"

"Default_Search_URL"="http://w​ww.microsoft.com/isapi/redir.d​ll?prd=ie&ar=iesearch"

"Search Page"="http://go.microsoft.com​/fwlink/?LinkId=54896"

"Local Page"="C:\\WINDOWS\\system32\\​blank.htm"

"Start Page"="http://www.msn.com/"

--------------------\\  Recherche d'autres infections

--------------------\\  Cracks & Keygens ..

C:\DOCUME~1\SUPERM~1\Bureau\te​lechargement\Nouveau dossier\Grind.v2.0.1.iP_one.i_​od.To_ch.retail\rufull.ru.crac​k.Grind.v2.0.1.iPhone.iPod.Tou​ch.retail

C:\DOCUME~1\SUPERM~1\Bureau\te​lechargement\Nouveau dossier\Grind.v2.0.1.iP_one.i_​od.To_ch.retail\rufull.ru.crac​k.Grind.v2.0.1.iPhone.iPod.Tou​ch.retail\ALL FREE X.GEAR DL.url.!ut

C:\DOCUME~1\SUPERM~1\Bureau\te​lechargement\Worms2\Crack.rar

1 - "C:\ToolBar SD\TB_1.txt" - 26/12/2009|13:15 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 26/12/2009|13:18 - Option : [2]

-----------\\  Fin du rapport a 13:18:52,50

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 26/12/2009 à 14:59:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 A propos de ...
 



--------------------\\ Cracks & Keygens ..

 C:\DOCUME~1\SUPERM~1\Bureau\te​lechargement\Nouveau dossier\Grind.v2.0.1.iP_one.i_​od.To_ch.retail\rufull.ru.crack.Grind.v2.0.1.i​Phone.iPod.Touch.retail
 C:\DOCUME~1\SUPERM~1\Bureau\te​lechargement\Nouveau dossier\Grind.v2.0.1.iP_one.i_​od.To_ch.retail\rufull.ru.crack.Grind.v2.0.1.i​Phone.iPod.Touch.retail\ALL FREE X.GEAR DL.url.!ut
 C:\DOCUME~1\SUPERM~1\Bureau\te​lechargement\Worms2\Crack.rar
 



 http://forum.malekal.com/dange [...] -t893.html

supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 26/12/2009 à 15:08:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Encore merci pour ton aide et voici le log hijackthis
 par contre je n ai pas reussi a suprimer Search Settings et
 Dealio Toolbar sa me mettai : imposible d accéder au service windows instaleur.
 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 14:05:09, on 26/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\SOUNDMAN.EXE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Logitech\Logitech Vid\vid.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\uTorrent\uTorrent.exe
 C:\Program Files\Skype\Phone\Skype.exe
 C:\Program Files\SFR\Media Center\MediaCenter.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
 C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
 C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\Skype\Plugin Manager\skypePM.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers [...] 0_4_13.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 --
 End of file - 9315 bytes

(Publicité)
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 26/12/2009 à 15:25:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Clique droit sur ComboFix (par sUBs).

 Choisis "Enregistrer sous" (dans IE c'est "Enregistrer la cible/le lien sous.." ) et sauvegarde-le (Enregistrer dans) sur le Bureau (et pas ailleurs).

 Important : dans "Nom du fichier" enregistre (renomme) "combofix" en combo-fix.exe

 Prends connaissance de ce tutoriel : http://www.bleepingcomputer.co [...] r-combofix

 Ferme toutes les fenêtres et applications.
 Déconnecte-toi du net et désactive tes protections résidentes :
 http://forum.pcastuces.com/des [...] -f31s4.htm

 Sur le bureau, double-clique sur combo-fix.exe.
 Tape sur la touche Y (Yes) pour démarrer le scan.
 (si l’ installation de la Console de récupération est demandé, accepte)
 ComboFix redémarrera ton PC.
 Lorsque le scan sera complété, un rapport apparaîtra.
 Copie/colle ce rapport dans ta prochaine réponse et nouveau rapport hijackthis.

 PS : le rapport se trouve également ici : C:\Combofix.txt

 [:lolo 1:7] Ne clique pas dans la fenêtre de Combofix durant l’analyse : cela pourrait provoquer le gel du programme.

supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 26/12/2009 à 22:19:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voila le scan combofix

 ComboFix 09-12-25.04 - supermagichaze 26/12/2009  14:58:16.2.2 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.204​7.1486 [GMT 1:00]
 Lancé depuis: c:\documents and settings\supermagichaze\Bureau​\Combo-fix.exe
 AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD33​50758C7}
 .

 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .

 c:\program files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 c:\program files\Mozilla Firefox\extensions\{5C6F8651-C​764-4190-9024-0588DFF6BA45}
 c:\program files\Mozilla Firefox\extensions\{5C6F8651-C​764-4190-9024-0588DFF6BA45}\ch​rome.manifest
 c:\program files\Mozilla Firefox\extensions\{5C6F8651-C​764-4190-9024-0588DFF6BA45}\ch​rome\content\overlay.xul
 c:\program files\Mozilla Firefox\extensions\{5C6F8651-C​764-4190-9024-0588DFF6BA45}\in​stall.rdf
 c:\windows\Sysvxd.exe
 c:\windows\TEMP\logishrd\LVPrc​Inj01.dll

 .
 (((((((((((((((((((((((((((((   Fichiers créés du 2009-11-26 au 2009-12-26  ))))))))))))))))))))))))))))))​))))))
 .

 2009-12-26 12:12 . 2009-12-26 12:18 -------- d-----w- C:\ToolBar SD
 2009-12-26 12:08 . 2009-12-26 12:08 -------- d-----w- C:\DriveKey
 2009-12-26 12:04 . 2009-12-26 12:06 -------- d-----w- c:\windows\system32\NtmsData
 2009-12-26 01:09 . 2009-12-26 01:09 -------- d-----w- c:\program files\Movies2iPhone
 2009-12-20 00:04 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.​dll
 2009-12-20 00:04 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine​3_5.dll
 2009-12-20 00:02 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.d​ll
 2009-12-20 00:01 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.d​ll
 2009-12-19 23:51 . 2009-12-20 00:00 -------- d--h--w- c:\windows\msdownld.tmp
 2009-12-19 23:51 . 2009-12-19 23:51 -------- d-----w- c:\windows\Logs
 2009-12-19 14:36 . 2009-12-19 14:36 -------- d-----w- C:\ubuntu-backup
 2009-12-19 13:09 . 2009-12-19 13:09 -------- d-----w- c:\program files\Nero
 2009-12-19 13:08 . 2009-12-19 13:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
 2009-12-19 13:08 . 2009-12-19 13:31 -------- d-----w- c:\program files\Fichiers communs\Nero
 2009-12-17 07:54 . 2009-12-17 07:54 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\Canneverbe_Limited
 2009-12-17 07:54 . 2009-12-17 07:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited
 2009-12-17 07:53 . 2009-12-17 07:53 -------- d-----w- c:\program files\CDBurnerXP
 2009-12-13 13:04 . 2009-12-13 13:04 -------- d-----w- c:\documents and settings\supermagichaze\Local Settings\Application Data\Neuf
 2009-12-09 21:14 . 2009-12-09 21:14 -------- d-----w- c:\program files\KC Softwares
 2009-12-06 10:05 . 2009-12-06 10:05 -------- d-----w- c:\program files\Hexago
 2009-12-05 21:31 . 2009-12-19 14:40 -------- d-----w- c:\program files\NiouzeFire
 2009-12-05 18:19 . 2009-12-05 18:19 -------- d-----w- c:\documents and settings\supermagichaze\Downlo​ads
 2009-12-05 18:19 . 2009-12-05 18:20 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\NewsLeecher
 2009-12-03 12:53 . 2009-12-03 12:53 -------- d-----w- c:\program files\Fichiers communs\Skype
 2009-12-03 12:53 . 2009-12-03 12:53 -------- d-----r- c:\program files\Skype
 2009-11-28 02:08 . 2009-11-28 02:08 -------- d-----w- c:\windows\system32\XPSViewer
 2009-11-28 02:08 . 2009-11-28 02:08 -------- d-----w- c:\program files\MSBuild
 2009-11-28 02:08 . 2009-11-28 02:08 -------- d-----w- c:\program files\Reference Assemblies
 2009-11-28 02:07 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtp​rocs\w32x86\filterpipelineprin​tproc.dll
 2009-11-28 02:07 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\f​ilterpipelineprintproc.dll
 2009-11-28 02:07 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\x​psshhdr.dll
 2009-11-28 02:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.d​ll
 2009-11-28 02:07 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\x​pssvcs.dll
 2009-11-28 02:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dl​l
 2009-11-28 02:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dl​l
 2009-11-28 02:07 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\p​rintfilterpipelinesvc.exe
 2009-11-28 02:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtp​rocs\w32x86\printfilterpipelin​esvc.exe
 2009-11-28 02:07 . 2009-11-28 02:07 -------- d-----w- C:\4a33115712d98a04346800

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2009-12-26 14:13 . 2009-11-21 20:30 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\uTorrent
 2009-12-26 14:10 . 2008-08-15 19:05 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\Skype
 2009-12-26 14:09 . 2008-04-09 17:02 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\OpenOffice.org2
 2009-12-26 12:36 . 2008-04-09 17:02 1 ----a-w- c:\documents and settings\supermagichaze\Applic​ation Data\OpenOffice.org2\user\uno_​packages\cache\stamp.sys
 2009-12-26 12:08 . 2008-04-08 10:33 -------- d--h--w- c:\program files\InstallShield Installation Information
 2009-12-26 11:46 . 2008-08-15 19:10 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\skypePM
 2009-12-25 20:54 . 2008-05-10 18:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
 2009-12-19 14:39 . 2008-12-20 18:45 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\Samsung
 2009-12-19 14:36 . 2008-04-13 09:29 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\Shareaza
 2009-12-14 21:14 . 2009-12-22 13:22 94208 ----a-w- c:\documents and settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 2009-12-14 21:14 . 2009-12-22 13:22 50176 ----a-w- c:\documents and settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 2009-12-13 13:02 . 2009-07-14 14:53 -------- d-----w- c:\program files\SFR
 2009-12-09 02:28 . 2009-12-02 04:41 79488 ----a-w- c:\documents and settings\supermagichaze\Applic​ation Data\Sun\Java\jre1.6.0_17\gtap​i.dll
 2009-12-09 02:27 . 2004-08-05 12:00 84526 ----a-w- c:\windows\system32\perfc00C.d​at
 2009-12-09 02:27 . 2004-08-05 12:00 510324 ----a-w- c:\windows\system32\perfh00C.d​at
 2009-12-03 12:53 . 2008-08-15 19:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
 2009-11-29 12:22 . 2008-04-08 18:33 -------- d-----w- c:\program files\Opera
 2009-11-28 08:05 . 2008-04-08 11:29 18256 ----a-w- c:\documents and settings\supermagichaze\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 2009-11-26 10:29 . 2009-11-26 10:28 -------- d-----w- c:\program files\Free Video Converter
 2009-11-26 10:28 . 2009-11-26 10:28 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\FreeVideoConverter
 2009-11-24 17:11 . 2008-05-10 19:08 -------- d-----w- c:\program files\Windows Live
 2009-11-24 17:10 . 2009-11-24 17:10 -------- d-----w- c:\program files\Microsoft
 2009-11-22 16:09 . 2009-07-16 19:04 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\Apple Computer
 2009-11-21 22:43 . 2009-11-21 14:44 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\Azureus
 2009-11-21 20:30 . 2009-11-21 20:30 -------- d-----w- c:\program files\uTorrent
 2009-11-21 14:53 . 2009-11-20 15:19 -------- d-----w- c:\program files\iTunes
 2009-11-21 14:45 . 2009-11-21 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus
 2009-11-21 14:10 . 2009-11-21 14:10 13208 ---ha-w- c:\windows\system32\mlfcache.d​at
 2009-11-20 15:20 . 2009-11-20 15:19 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-​C52491DAA8BD}
 2009-11-20 15:19 . 2009-11-20 15:19 -------- d-----w- c:\program files\iPod
 2009-11-20 15:19 . 2009-07-16 19:01 -------- d-----w- c:\program files\Fichiers communs\Apple
 2009-11-20 15:16 . 2009-11-20 15:16 -------- d-----w- c:\program files\QuickTime
 2009-11-20 15:09 . 2009-11-20 15:09 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
 2009-11-20 15:07 . 2009-11-20 15:07 -------- d-----w- c:\program files\Safari
 2009-11-20 15:05 . 2009-11-20 15:05 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
 2009-11-06 15:21 . 2009-11-06 15:13 -------- d-----w- c:\documents and settings\supermagichaze\Applic​ation Data\DeepBurner
 2009-11-06 15:13 . 2009-11-06 15:13 -------- d-----w- c:\program files\Astonsoft
 2009-10-29 07:42 . 2004-09-29 18:49 916480 ----a-w- c:\windows\system32\wininet.dl​l
 2009-10-21 05:39 . 2004-08-05 12:00 75776 ----a-w- c:\windows\system32\strmfilt.d​ll
 2009-10-21 05:39 . 2004-08-05 12:00 25088 ----a-w- c:\windows\system32\httpapi.dl​l
 2009-10-20 16:20 . 2004-08-05 12:00 265728 ----a-w- c:\windows\system32\drivers\ht​tp.sys
 2009-10-13 10:33 . 2004-08-05 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
 2009-10-12 13:39 . 2004-08-05 12:00 79872 ----a-w- c:\windows\system32\raschap.dl​l
 2009-10-12 13:39 . 2004-08-05 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
 2009-09-28 19:57 . 2008-12-20 18:36 7168 ----a-w- c:\windows\system32\drivers\St​arOpen.sys
 2008-04-11 01:43 . 2008-04-11 01:43 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
 2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
 2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
 2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\opera\program\plugins\li​bdivx.dll
 2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\opera\program\plugins\ss​ldivx.dll
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-06-02 5451536]
 "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
 "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-09 289584]
 "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2009-10-09 25623336]
 "Neuf Media Center"="c:\program files\SFR\Media Center\MediaCenter.exe" [2008-10-10 726336]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
 "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
 "NvCplDaemon"="c:\windows\syst​em32\NvCpl.dll" [2007-12-04 8523776]
 "nwiz"="nwiz.exe" [2007-12-04 1626112]
 "NvMediaCenter"="c:\windows\sy​stem32\NvMcTray.dll" [2007-12-04 81920]
 "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
 "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
 "SunJavaUpdateSched"="c:\progr​am files\Java\jre6\bin\jusched.ex​e" [2009-03-09 148888]
 "LogitechQuickCamRibbon"="c:\p​rogram files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]
 "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
 "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="c:\windows\syste​m32\CTFMON.EXE" [2008-04-14 15360]

 c:\documents and settings\supermagichaze\Menu D‚marrer\Programmes\D‚marrage\
 OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

 c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
 HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

 [HKEY_USERS\.default\software\m​icrosoft\windows\currentversio​n\policies\explorer]
 "NoSetActiveDesktop"= 1 (0x1)
 "NoActiveDesktopChanges"= 1 (0x1)

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]
 @="Service"

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Menu Démarrer^Programmes^Démarrage^​WiFi Station N.lnk]
 path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\​WiFi Station N.lnk
 backup=c:\windows\pss\WiFi Station N.lnkCommon Startup

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSMSGS]
 2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MsnMsgr]
 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "%windir%\\system32\\sessmgr.e​xe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"​=
 "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
 "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "c:\\Program Files\\EA Games\\American McGee's Alice Demo\\alice.exe"=
 "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
 "c:\\Program Files\\Bonjour\\mDNSResponder.​exe"=
 "c:\\Program Files\\Messenger\\msmsgs.exe"=
 "c:\\Program Files\\iTunes\\iTunes.exe"=
 "c:\\Program Files\\uTorrent\\uTorrent.exe"​=
 "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
 "c:\\Program Files\\Opera\\opera.exe"=
 "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
 "c:\\Program Files\\Skype\\Phone\\Skype.exe​"=
 "c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.​255.0/255.255.255.0,192.168.1.​0/255.255.255.0:Enabled:Serveu​r de partage Media Center (Player SFR)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "6346:TCP"= 6346:TCP:shareza
 "6346:UDP"= 6346:UDP:shareza

 S2 HerculesWiFi;HerculesWiFi;c:\w​indows\system32\HerculesWiFiSe​rvice.exe --> c:\windows\system32\HerculesWi​FiService.exe [?]
 S2 WSCS;Windows Server Colocation Service;c:\windows\system32\ws​cs.exe --> c:\windows\system32\wscs.exe [?]
 S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfserv​ice.exe [19/12/2008 16:54 195752]
 S3 rt2870;Hercules Wireless N USB Driver;c:\windows\system32\dri​vers\rt2870.sys [27/06/2009 21:41 560896]
 S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\DRI​VERS\sis163u.sys --> c:\windows\system32\DRIVERS\si​s163u.sys [?]
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://www.sfr.fr/kit/adsl/
 mWindow Title =
 uInternet Connection Wizard,ShellNext = iexplore
 uInternet Settings,ProxyOverride = *.local
 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} - hxxp://www.bitdefender.fr/scan​_fr/scan8/oscan8.cab
 FF - ProfilePath - c:\documents and settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\
 FF - prefs.js: browser.search.selectedEngine - Google
 FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
 FF - prefs.js: keyword.URL - hxxp://thepiratebay.toolbarhom​e.com/search.aspx?srch=ku&q=
 FF - component: c:\documents and settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 FF - component: c:\documents and settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 FF - plugin: c:\documents and settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{b​b628310-0ab7-11db-9cd8-0800200​c9a66}\plugins\nphardwaredetec​tion.dll
 FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDete​ct13.dll
 FF - plugin: c:\program files\ma-config.com\nphardware​detection.dll
 FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
 FF - plugin: c:\program files\Opera\program\plugins\np​divx32.dll
 FF - plugin: c:\program files\Opera\program\plugins\np​kimi.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 .
 - - - - ORPHELINS SUPPRIMES - - - -

 AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
 AddRemove-HijackThis - c:\documents and settings\supermagichaze\Bureau​\GenProc\GenProc\outil\HijackT​his.exe
 AddRemove-mIRC - c:\program files\%systemdir%\winasc.exe



 ******************************​******************************​**************

 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-12-26 15:10
 Windows 5.1.2600 Service Pack 3 NTFS

 Recherche de processus cachés ...

 Recherche d'éléments en démarrage automatique cachés ...

 Recherche de fichiers cachés ...

 Scan terminé avec succès
 Fichiers cachés: 0

 ******************************​******************************​**************
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------

 - - - - - - - > 'explorer.exe'(2080)
 c:\windows\system32\eappprxy.d​ll
 c:\windows\system32\webcheck.d​ll
 .
 ------------------------ Autres processus actifs ------------------------
 .
 c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
 c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 c:\windows\SOUNDMAN.EXE
 c:\windows\system32\RUNDLL32.E​XE
 c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 c:\program files\Bonjour\mDNSResponder.ex​e
 c:\program files\Java\jre6\bin\jqs.exe
 c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 c:\program files\Skype\Phone\Skype.exe
 c:\program files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 c:\program files\OpenOffice.org 2.4\program\soffice.exe
 c:\program files\CDBurnerXP\NMSAccessU.ex​e
 c:\program files\OpenOffice.org 2.4\program\soffice.BIN
 c:\windows\system32\nvsvc32.ex​e
 c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 c:\program files\AOLbox\Gateway\wlancfg.e​xe
 c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
 c:\program files\iPod\bin\iPodService.exe
 c:\program files\Skype\Plugin Manager\skypePM.exe
 c:\program files\SFR\Media Center\httpd\httpd.exe
 c:\program files\SFR\Media Center\httpd\httpd.exe
 c:\windows\system32\HPZipm12.e​xe
 .
 ******************************​******************************​**************
 .
 Heure de fin: 2009-12-26  15:17:17 - La machine a redémarré
 ComboFix-quarantined-files.txt  2009-12-26 14:17
 ComboFix2.txt  2009-02-14 22:50

 Avant-CF: 56 896 045 056 octets libres
 Après-CF: 56 891 703 296 octets libres

 - - End Of File - - 3AFE3303DE035357580AFE9EE5BA48​C3













 et hijackthis

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 21:02:12, on 26/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 C:\WINDOWS\SOUNDMAN.EXE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Logitech\Logitech Vid\vid.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 C:\Program Files\uTorrent\uTorrent.exe
 C:\Program Files\Skype\Phone\Skype.exe
 C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 C:\Program Files\SFR\Media Center\MediaCenter.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
 C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\Skype\Plugin Manager\skypePM.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\WINDOWS\explorer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers [...] 0_4_13.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe (file missing)
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 --
 End of file - 9264 bytes

supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 27/12/2009 à 15:40:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok dsl pour le retard j arrivai pas éa poster alors voile le raport de combo-fix

 ComboFix 09-12-25.04 - supermagichaze 27/12/2009  11:08:27.3.2 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.204​7.1396 [GMT 1:00]
 Lancé depuis: C:\Documents and Settings\supermagichaze\Bureau​\Combo-fix.exe
 AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD33​50758C7}
 .

 (((((((((((((((((((((((((((((   Fichiers créés du 2009-11-27 au 2009-12-27  ))))))))))))))))))))))))))))))​))))))
 .

 2009-12-26 12:12:54 . 2009-12-26 12:18:52 -------- d-----w- C:\ToolBar SD
 2009-12-26 12:08:33 . 2009-12-26 12:08:33 -------- d-----w- C:\DriveKey
 2009-12-26 12:04:26 . 2009-12-26 12:06:06 -------- d-----w- C:\WINDOWS\system32\NtmsData
 2009-12-26 01:09:28 . 2009-12-26 01:09:33 -------- d-----w- C:\Program Files\Movies2iPhone
 2009-12-22 13:22:54 . 2009-12-14 21:14:46 94208 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 2009-12-22 13:22:54 . 2009-12-14 21:14:46 50176 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 2009-12-20 00:04:02 . 2009-09-04 16:44:40 515416 ----a-w- C:\WINDOWS\system32\XAudio2_5.​dll
 2009-12-20 00:04:00 . 2009-09-04 16:44:40 238936 ----a-w- C:\WINDOWS\system32\xactengine​3_5.dll
 2009-12-20 00:02:58 . 2007-05-16 15:45:16 3497832 ----a-w- C:\WINDOWS\system32\d3dx9_34.d​ll
 2009-12-20 00:01:53 . 2005-05-26 14:34:52 2297552 ----a-w- C:\WINDOWS\system32\d3dx9_26.d​ll
 2009-12-19 23:51:46 . 2009-12-20 00:00:24 -------- d--h--w- C:\WINDOWS\msdownld.tmp
 2009-12-19 23:51:33 . 2009-12-19 23:51:33 -------- d-----w- C:\WINDOWS\Logs
 2009-12-19 14:36:36 . 2009-12-19 14:36:36 -------- d-----w- C:\ubuntu-backup
 2009-12-19 13:09:50 . 2009-12-19 13:09:50 -------- d-----w- C:\Program Files\Nero
 2009-12-19 13:08:30 . 2009-12-19 13:17:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Nero
 2009-12-19 13:08:27 . 2009-12-19 13:31:15 -------- d-----w- C:\Program Files\Fichiers communs\Nero
 2009-12-17 07:54:16 . 2009-12-17 07:54:16 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Canneverbe_Limited
 2009-12-17 07:54:09 . 2009-12-17 07:54:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
 2009-12-17 07:53:48 . 2009-12-17 07:53:51 -------- d-----w- C:\Program Files\CDBurnerXP
 2009-12-13 13:04:17 . 2009-12-13 13:04:17 -------- d-----w- C:\Documents and Settings\supermagichaze\Local Settings\Application Data\Neuf
 2009-12-09 21:14:57 . 2009-12-09 21:14:57 -------- d-----w- C:\Program Files\KC Softwares
 2009-12-06 10:05:17 . 2009-12-06 10:05:18 -------- d-----w- C:\Program Files\Hexago
 2009-12-05 21:31:25 . 2009-12-19 14:40:10 -------- d-----w- C:\Program Files\NiouzeFire
 2009-12-05 18:19:56 . 2009-12-05 18:19:56 -------- d-----w- C:\Documents and Settings\supermagichaze\Downlo​ads
 2009-12-05 18:19:51 . 2009-12-05 18:20:54 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\NewsLeecher
 2009-12-03 12:53:55 . 2009-12-03 12:53:55 -------- d-----w- C:\Program Files\Fichiers communs\Skype
 2009-12-03 12:53:51 . 2009-12-03 12:53:55 -------- d-----r- C:\Program Files\Skype
 2009-12-02 04:41:32 . 2009-12-09 02:28:07 79488 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Sun\Java\jre1.6.0_17\gtap​i.dll
 2009-11-28 02:08:27 . 2009-11-28 02:08:28 -------- d-----w- C:\WINDOWS\system32\XPSViewer
 2009-11-28 02:08:19 . 2009-11-28 02:08:19 -------- d-----w- C:\Program Files\MSBuild
 2009-11-28 02:08:04 . 2009-11-28 02:08:04 -------- d-----w- C:\Program Files\Reference Assemblies
 2009-11-28 02:07:44 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtp​rocs\w32x86\filterpipelineprin​tproc.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 89088 -c----w- C:\WINDOWS\system32\dllcache\f​ilterpipelineprintproc.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 575488 -c----w- C:\WINDOWS\system32\dllcache\x​psshhdr.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\xpsshhdr.d​ll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 1676288 -c----w- C:\WINDOWS\system32\dllcache\x​pssvcs.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\xpssvcs.dl​l
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 117760 ------w- C:\WINDOWS\system32\prntvpt.dl​l
 2009-11-28 02:07:14 . 2008-07-06 10:50:03 597504 -c----w- C:\WINDOWS\system32\dllcache\p​rintfilterpipelinesvc.exe
 2009-11-28 02:07:14 . 2008-07-06 10:50:03 597504 ------w- C:\WINDOWS\system32\Spool\prtp​rocs\w32x86\printfilterpipelin​esvc.exe
 2009-11-28 02:07:13 . 2009-11-28 02:07:45 -------- d-----w- C:\4a33115712d98a04346800

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2009-12-27 10:16:45 . 2009-11-21 20:30:00 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\uTorrent
 2009-12-27 09:57:27 . 2008-04-09 17:02:19 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\OpenOffice.org2
 2009-12-27 09:57:18 . 2008-08-15 19:05:14 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Skype
 2009-12-27 07:00:11 . 2008-08-15 19:10:30 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\skypePM
 2009-12-26 12:36:58 . 2008-04-09 17:02:55 1 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\OpenOffice.org2\user\uno_​packages\cache\stamp.sys
 2009-12-26 12:08:32 . 2008-04-08 10:33:25 -------- d--h--w- C:\Program Files\InstallShield Installation Information
 2009-12-25 20:54:14 . 2008-05-10 18:28:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater
 2009-12-19 14:39:07 . 2008-12-20 18:45:30 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Samsung
 2009-12-19 14:36:07 . 2008-04-13 09:29:40 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Shareaza
 2009-12-13 13:02:26 . 2009-07-14 14:53:11 -------- d-----w- C:\Program Files\SFR
 2009-12-09 02:27:17 . 2004-08-05 12:00:00 84526 ----a-w- C:\WINDOWS\system32\perfc00C.d​at
 2009-12-09 02:27:17 . 2004-08-05 12:00:00 510324 ----a-w- C:\WINDOWS\system32\perfh00C.d​at
 2009-12-03 12:53:50 . 2008-08-15 19:04:33 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Skype
 2009-11-29 12:22:22 . 2008-04-08 18:33:44 -------- d-----w- C:\Program Files\Opera
 2009-11-28 08:05:56 . 2008-04-08 11:29:28 18256 ----a-w- C:\Documents and Settings\supermagichaze\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 2009-11-26 10:29:00 . 2009-11-26 10:28:06 -------- d-----w- C:\Program Files\Free Video Converter
 2009-11-26 10:28:41 . 2009-11-26 10:28:06 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\FreeVideoConverter
 2009-11-24 17:11:38 . 2008-05-10 19:08:59 -------- d-----w- C:\Program Files\Windows Live
 2009-11-24 17:10:49 . 2009-11-24 17:10:49 -------- d-----w- C:\Program Files\Microsoft
 2009-11-22 16:09:08 . 2009-07-16 19:04:20 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Apple Computer
 2009-11-21 22:43:24 . 2009-11-21 14:44:45 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Azureus
 2009-11-21 20:30:16 . 2009-11-21 20:30:16 -------- d-----w- C:\Program Files\uTorrent
 2009-11-21 14:53:41 . 2009-11-20 15:19:25 -------- d-----w- C:\Program Files\iTunes
 2009-11-21 14:45:00 . 2009-11-21 14:45:00 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Azureus
 2009-11-21 14:10:35 . 2009-11-21 14:10:35 13208 ---ha-w- C:\WINDOWS\system32\mlfcache.d​at
 2009-11-20 15:20:40 . 2009-11-20 15:19:25 -------- d-----w- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-​C52491DAA8BD}
 2009-11-20 15:19:30 . 2009-11-20 15:19:30 -------- d-----w- C:\Program Files\iPod
 2009-11-20 15:19:29 . 2009-07-16 19:01:40 -------- d-----w- C:\Program Files\Fichiers communs\Apple
 2009-11-20 15:16:50 . 2009-11-20 15:16:16 -------- d-----w- C:\Program Files\QuickTime
 2009-11-20 15:09:39 . 2009-11-20 15:09:39 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
 2009-11-20 15:07:45 . 2009-11-20 15:07:34 -------- d-----w- C:\Program Files\Safari
 2009-11-20 15:05:48 . 2009-11-20 15:05:48 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
 2009-11-06 15:21:13 . 2009-11-06 15:13:15 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\DeepBurner
 2009-11-06 15:13:10 . 2009-11-06 15:13:10 -------- d-----w- C:\Program Files\Astonsoft
 2009-10-29 07:42:33 . 2004-09-29 18:49:14 916480 ------w- C:\WINDOWS\system32\wininet.dl​l
 2009-10-21 05:39:43 . 2004-08-05 12:00:00 75776 ----a-w- C:\WINDOWS\system32\strmfilt.d​ll
 2009-10-21 05:39:43 . 2004-08-05 12:00:00 25088 ----a-w- C:\WINDOWS\system32\httpapi.dl​l
 2009-10-20 16:20:16 . 2004-08-05 12:00:00 265728 ----a-w- C:\WINDOWS\system32\drivers\ht​tp.sys
 2009-10-13 10:33:37 . 2004-08-05 12:00:00 271360 ----a-w- C:\WINDOWS\system32\oakley.dll
 2009-10-12 13:39:22 . 2004-08-05 12:00:00 79872 ----a-w- C:\WINDOWS\system32\raschap.dl​l
 2009-10-12 13:39:22 . 2004-08-05 12:00:00 150528 ----a-w- C:\WINDOWS\system32\rastls.dll
 2009-09-28 19:57:28 . 2008-12-20 18:36:41 7168 ----a-w- C:\WINDOWS\system32\drivers\St​arOpen.sys
 2008-04-11 01:43:28 . 2008-04-11 01:43:27 278528 ----a-w- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 ----a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 ----a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 ----a-w- C:\Program Files\opera\program\plugins\li​bdivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 ----a-w- C:\Program Files\opera\program\plugins\ss​ldivx.dll
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Logitech Vid"="C:\Program Files\Logitech\Logitech Vid\vid.exe" [2009-06-02 06:59:46 5451536]
 "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 15:44:52 3883856]
 "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2009-12-09 06:14:49 289584]
 "Skype"="C:\Program Files\Skype\\Phone\Skype.exe" [2009-10-09 12:11:12 25623336]
 "Neuf Media Center"="C:\Program Files\SFR\Media Center\MediaCenter.exe" [2008-10-10 18:24:46 726336]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SoundMan"="SOUNDMAN.EXE" [2007-04-16 13:28:22 577536]
 "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 18:58:21 266497]
 "NvCplDaemon"="C:\WINDOWS\syst​em32\NvCpl.dll" [2007-12-04 23:41:00 8523776]
 "nwiz"="nwiz.exe" [2007-12-04 23:41:00 1626112]
 "NvMediaCenter"="C:\WINDOWS\sy​stem32\NvMcTray.dll" [2007-12-04 23:41:00 81920]
 "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 00:41:10 49152]
 "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 20:16:38 39792]
 "SunJavaUpdateSched"="C:\Progr​am Files\Java\jre6\bin\jusched.ex​e" [2009-03-09 03:19:17 148888]
 "LogitechQuickCamRibbon"="C:\P​rogram Files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 08:35:50 2780432]
 "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-11-10 22:08:18 417792]
 "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-11-12 15:33:10 141600]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="C:\WINDOWS\syste​m32\CTFMON.EXE" [2008-04-14 02:33:59 15360]

 C:\Documents and Settings\supermagichaze\Menu D‚marrer\Programmes\D‚marrage\
 OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

 C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
 HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

 [HKEY_USERS\.default\software\m​icrosoft\windows\currentversio​n\policies\explorer]
 "NoSetActiveDesktop"= 1 (0x1)
 "NoActiveDesktopChanges"= 1 (0x1)

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]
 @="Service"

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Menu Démarrer^Programmes^Démarrage^​WiFi Station N.lnk]
 path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​WiFi Station N.lnk
 backup=C:\WINDOWS\pss\WiFi Station N.lnkCommon Startup

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSMSGS]
 2008-04-14 02:34:13 1695232 ------w- C:\Program Files\Messenger\msmsgs.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MsnMsgr]
 2009-07-26 15:44:52 3883856 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "%windir%\\system32\\sessmgr.e​xe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"​=
 "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "C:\\Program Files\\EA Games\\American McGee's Alice Demo\\alice.exe"=
 "C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
 "C:\\Program Files\\Bonjour\\mDNSResponder.​exe"=
 "C:\\Program Files\\Messenger\\msmsgs.exe"=
 "C:\\Program Files\\iTunes\\iTunes.exe"=
 "C:\\Program Files\\uTorrent\\uTorrent.exe"​=
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
 "C:\\Program Files\\Opera\\opera.exe"=
 "C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
 "C:\\Program Files\\Skype\\Phone\\Skype.exe​"=
 "C:\Program Files\SFR\Media Center\httpd\httpd.exe"= C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.​255.0/255.255.255.0,192.168.1.​0/255.255.255.0:Enabled:Serveu​r de partage Media Center (Player SFR)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "6346:TCP"= 6346:TCP:shareza
 "6346:UDP"= 6346:UDP:shareza

 S2 HerculesWiFi;HerculesWiFi;C:\W​INDOWS\system32\HerculesWiFiSe​rvice.exe --> C:\WINDOWS\system32\HerculesWi​FiService.exe [?]
 S2 WSCS;Windows Server Colocation Service;C:\WINDOWS\system32\ws​cs.exe --> C:\WINDOWS\system32\wscs.exe [?]
 S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfserv​ice.exe [19/12/2008 16:54:10 195752]
 S3 rt2870;Hercules Wireless N USB Driver;C:\WINDOWS\system32\dri​vers\rt2870.sys [27/06/2009 21:41:17 560896]
 S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRI​VERS\sis163u.sys --> C:\WINDOWS\system32\DRIVERS\si​s163u.sys [?]
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://www.sfr.fr/kit/adsl/
 mWindow Title =
 uInternet Connection Wizard,ShellNext = iexplore
 uInternet Settings,ProxyOverride = *.local
 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} - hxxp://www.bitdefender.fr/scan​_fr/scan8/oscan8.cab
 FF - ProfilePath - C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\
 FF - prefs.js: browser.search.selectedEngine - Google
 FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
 FF - prefs.js: keyword.URL - hxxp://thepiratebay.toolbarhom​e.com/search.aspx?srch=ku&q=
 FF - component: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 FF - component: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 FF - plugin: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{b​b628310-0ab7-11db-9cd8-0800200​c9a66}\plugins\nphardwaredetec​tion.dll
 FF - plugin: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDete​ct13.dll
 FF - plugin: C:\Program Files\ma-config.com\nphardware​detection.dll
 FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
 FF - plugin: C:\Program Files\Opera\program\plugins\np​divx32.dll
 FF - plugin: C:\Program Files\Opera\program\plugins\np​kimi.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\WINDOWS\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 .



 et le log hijackthis


 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 14:39:54, on 27/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 C:\WINDOWS\SOUNDMAN.EXE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\uTorrent\uTorrent.exe
 C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 C:\Program Files\SFR\Media Center\MediaCenter.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\WINDOWS\system32\wscntfy.ex​e
 C:\WINDOWS\explorer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers [...] 0_4_13.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe (file missing)
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 --
 End of file - 8882 bytes


(Publicité)
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 27/12/2009 à 17:36:28  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 N' est-ce pas depuis l' installation de uTorrent (le 09-12) que le PC rame ?

 ---
 Télécharge RSIT (de random/random) sur le bureau :

 - Sur le bureau, double clique sur RSIT.exe ;
 - Clique sur Continue (Disclaimer) dans la fenêtre ;

 Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.

 Lorsque l’ analyse sera achevée, 2 fichiers texte s’ ouvriront (avec le bloc-notes).

 Poste le contenu de log.txt (celui qui apparaît à l’ écran) ainsi que info.txt (que tu verras dans la Barre des tâches).

 Tuto : http://forum.pcastuces.com/ran [...] f31s31.htm

 [:lolo 1:7] Merci d' être patient(e) car, vous et moi, ne pouvons être tenus pour responsable(s) des bugs  :/  de ce forum ... tels que
 « Désolé, ce sujet n’ existe pas », retour sur la journée du 26-12-09 !, etc …

 ---

supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 27/12/2009 à 21:48:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok dsl pour le retard j arrivai pas éa poster alors voile le raport de combo-fix

 ComboFix 09-12-25.04 - supermagichaze 27/12/2009  11:08:27.3.2 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.204​7.1396 [GMT 1:00]
 Lancé depuis: C:\Documents and Settings\supermagichaze\Bureau​\Combo-fix.exe
 AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD33​50758C7}
 .

 (((((((((((((((((((((((((((((   Fichiers créés du 2009-11-27 au 2009-12-27  ))))))))))))))))))))))))))))))​))))))
 .

 2009-12-26 12:12:54 . 2009-12-26 12:18:52 -------- d-----w- C:\ToolBar SD
 2009-12-26 12:08:33 . 2009-12-26 12:08:33 -------- d-----w- C:\DriveKey
 2009-12-26 12:04:26 . 2009-12-26 12:06:06 -------- d-----w- C:\WINDOWS\system32\NtmsData
 2009-12-26 01:09:28 . 2009-12-26 01:09:33 -------- d-----w- C:\Program Files\Movies2iPhone
 2009-12-22 13:22:54 . 2009-12-14 21:14:46 94208 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 2009-12-22 13:22:54 . 2009-12-14 21:14:46 50176 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 2009-12-20 00:04:02 . 2009-09-04 16:44:40 515416 ----a-w- C:\WINDOWS\system32\XAudio2_5.​dll
 2009-12-20 00:04:00 . 2009-09-04 16:44:40 238936 ----a-w- C:\WINDOWS\system32\xactengine​3_5.dll
 2009-12-20 00:02:58 . 2007-05-16 15:45:16 3497832 ----a-w- C:\WINDOWS\system32\d3dx9_34.d​ll
 2009-12-20 00:01:53 . 2005-05-26 14:34:52 2297552 ----a-w- C:\WINDOWS\system32\d3dx9_26.d​ll
 2009-12-19 23:51:46 . 2009-12-20 00:00:24 -------- d--h--w- C:\WINDOWS\msdownld.tmp
 2009-12-19 23:51:33 . 2009-12-19 23:51:33 -------- d-----w- C:\WINDOWS\Logs
 2009-12-19 14:36:36 . 2009-12-19 14:36:36 -------- d-----w- C:\ubuntu-backup
 2009-12-19 13:09:50 . 2009-12-19 13:09:50 -------- d-----w- C:\Program Files\Nero
 2009-12-19 13:08:30 . 2009-12-19 13:17:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Nero
 2009-12-19 13:08:27 . 2009-12-19 13:31:15 -------- d-----w- C:\Program Files\Fichiers communs\Nero
 2009-12-17 07:54:16 . 2009-12-17 07:54:16 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Canneverbe_Limited
 2009-12-17 07:54:09 . 2009-12-17 07:54:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
 2009-12-17 07:53:48 . 2009-12-17 07:53:51 -------- d-----w- C:\Program Files\CDBurnerXP
 2009-12-13 13:04:17 . 2009-12-13 13:04:17 -------- d-----w- C:\Documents and Settings\supermagichaze\Local Settings\Application Data\Neuf
 2009-12-09 21:14:57 . 2009-12-09 21:14:57 -------- d-----w- C:\Program Files\KC Softwares
 2009-12-06 10:05:17 . 2009-12-06 10:05:18 -------- d-----w- C:\Program Files\Hexago
 2009-12-05 21:31:25 . 2009-12-19 14:40:10 -------- d-----w- C:\Program Files\NiouzeFire
 2009-12-05 18:19:56 . 2009-12-05 18:19:56 -------- d-----w- C:\Documents and Settings\supermagichaze\Downlo​ads
 2009-12-05 18:19:51 . 2009-12-05 18:20:54 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\NewsLeecher
 2009-12-03 12:53:55 . 2009-12-03 12:53:55 -------- d-----w- C:\Program Files\Fichiers communs\Skype
 2009-12-03 12:53:51 . 2009-12-03 12:53:55 -------- d-----r- C:\Program Files\Skype
 2009-12-02 04:41:32 . 2009-12-09 02:28:07 79488 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Sun\Java\jre1.6.0_17\gtap​i.dll
 2009-11-28 02:08:27 . 2009-11-28 02:08:28 -------- d-----w- C:\WINDOWS\system32\XPSViewer
 2009-11-28 02:08:19 . 2009-11-28 02:08:19 -------- d-----w- C:\Program Files\MSBuild
 2009-11-28 02:08:04 . 2009-11-28 02:08:04 -------- d-----w- C:\Program Files\Reference Assemblies
 2009-11-28 02:07:44 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtp​rocs\w32x86\filterpipelineprin​tproc.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 89088 -c----w- C:\WINDOWS\system32\dllcache\f​ilterpipelineprintproc.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 575488 -c----w- C:\WINDOWS\system32\dllcache\x​psshhdr.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\xpsshhdr.d​ll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 1676288 -c----w- C:\WINDOWS\system32\dllcache\x​pssvcs.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\xpssvcs.dl​l
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 117760 ------w- C:\WINDOWS\system32\prntvpt.dl​l
 2009-11-28 02:07:14 . 2008-07-06 10:50:03 597504 -c----w- C:\WINDOWS\system32\dllcache\p​rintfilterpipelinesvc.exe
 2009-11-28 02:07:14 . 2008-07-06 10:50:03 597504 ------w- C:\WINDOWS\system32\Spool\prtp​rocs\w32x86\printfilterpipelin​esvc.exe
 2009-11-28 02:07:13 . 2009-11-28 02:07:45 -------- d-----w- C:\4a33115712d98a04346800

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2009-12-27 10:16:45 . 2009-11-21 20:30:00 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\uTorrent
 2009-12-27 09:57:27 . 2008-04-09 17:02:19 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\OpenOffice.org2
 2009-12-27 09:57:18 . 2008-08-15 19:05:14 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Skype
 2009-12-27 07:00:11 . 2008-08-15 19:10:30 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\skypePM
 2009-12-26 12:36:58 . 2008-04-09 17:02:55 1 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\OpenOffice.org2\user\uno_​packages\cache\stamp.sys
 2009-12-26 12:08:32 . 2008-04-08 10:33:25 -------- d--h--w- C:\Program Files\InstallShield Installation Information
 2009-12-25 20:54:14 . 2008-05-10 18:28:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater
 2009-12-19 14:39:07 . 2008-12-20 18:45:30 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Samsung
 2009-12-19 14:36:07 . 2008-04-13 09:29:40 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Shareaza
 2009-12-13 13:02:26 . 2009-07-14 14:53:11 -------- d-----w- C:\Program Files\SFR
 2009-12-09 02:27:17 . 2004-08-05 12:00:00 84526 ----a-w- C:\WINDOWS\system32\perfc00C.d​at
 2009-12-09 02:27:17 . 2004-08-05 12:00:00 510324 ----a-w- C:\WINDOWS\system32\perfh00C.d​at
 2009-12-03 12:53:50 . 2008-08-15 19:04:33 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Skype
 2009-11-29 12:22:22 . 2008-04-08 18:33:44 -------- d-----w- C:\Program Files\Opera
 2009-11-28 08:05:56 . 2008-04-08 11:29:28 18256 ----a-w- C:\Documents and Settings\supermagichaze\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 2009-11-26 10:29:00 . 2009-11-26 10:28:06 -------- d-----w- C:\Program Files\Free Video Converter
 2009-11-26 10:28:41 . 2009-11-26 10:28:06 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\FreeVideoConverter
 2009-11-24 17:11:38 . 2008-05-10 19:08:59 -------- d-----w- C:\Program Files\Windows Live
 2009-11-24 17:10:49 . 2009-11-24 17:10:49 -------- d-----w- C:\Program Files\Microsoft
 2009-11-22 16:09:08 . 2009-07-16 19:04:20 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Apple Computer
 2009-11-21 22:43:24 . 2009-11-21 14:44:45 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Azureus
 2009-11-21 20:30:16 . 2009-11-21 20:30:16 -------- d-----w- C:\Program Files\uTorrent
 2009-11-21 14:53:41 . 2009-11-20 15:19:25 -------- d-----w- C:\Program Files\iTunes
 2009-11-21 14:45:00 . 2009-11-21 14:45:00 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Azureus
 2009-11-21 14:10:35 . 2009-11-21 14:10:35 13208 ---ha-w- C:\WINDOWS\system32\mlfcache.d​at
 2009-11-20 15:20:40 . 2009-11-20 15:19:25 -------- d-----w- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-​C52491DAA8BD}
 2009-11-20 15:19:30 . 2009-11-20 15:19:30 -------- d-----w- C:\Program Files\iPod
 2009-11-20 15:19:29 . 2009-07-16 19:01:40 -------- d-----w- C:\Program Files\Fichiers communs\Apple
 2009-11-20 15:16:50 . 2009-11-20 15:16:16 -------- d-----w- C:\Program Files\QuickTime
 2009-11-20 15:09:39 . 2009-11-20 15:09:39 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
 2009-11-20 15:07:45 . 2009-11-20 15:07:34 -------- d-----w- C:\Program Files\Safari
 2009-11-20 15:05:48 . 2009-11-20 15:05:48 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
 2009-11-06 15:21:13 . 2009-11-06 15:13:15 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\DeepBurner
 2009-11-06 15:13:10 . 2009-11-06 15:13:10 -------- d-----w- C:\Program Files\Astonsoft
 2009-10-29 07:42:33 . 2004-09-29 18:49:14 916480 ------w- C:\WINDOWS\system32\wininet.dl​l
 2009-10-21 05:39:43 . 2004-08-05 12:00:00 75776 ----a-w- C:\WINDOWS\system32\strmfilt.d​ll
 2009-10-21 05:39:43 . 2004-08-05 12:00:00 25088 ----a-w- C:\WINDOWS\system32\httpapi.dl​l
 2009-10-20 16:20:16 . 2004-08-05 12:00:00 265728 ----a-w- C:\WINDOWS\system32\drivers\ht​tp.sys
 2009-10-13 10:33:37 . 2004-08-05 12:00:00 271360 ----a-w- C:\WINDOWS\system32\oakley.dll
 2009-10-12 13:39:22 . 2004-08-05 12:00:00 79872 ----a-w- C:\WINDOWS\system32\raschap.dl​l
 2009-10-12 13:39:22 . 2004-08-05 12:00:00 150528 ----a-w- C:\WINDOWS\system32\rastls.dll
 2009-09-28 19:57:28 . 2008-12-20 18:36:41 7168 ----a-w- C:\WINDOWS\system32\drivers\St​arOpen.sys
 2008-04-11 01:43:28 . 2008-04-11 01:43:27 278528 ----a-w- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 ----a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 ----a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 ----a-w- C:\Program Files\opera\program\plugins\li​bdivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 ----a-w- C:\Program Files\opera\program\plugins\ss​ldivx.dll
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Logitech Vid"="C:\Program Files\Logitech\Logitech Vid\vid.exe" [2009-06-02 06:59:46 5451536]
 "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 15:44:52 3883856]
 "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2009-12-09 06:14:49 289584]
 "Skype"="C:\Program Files\Skype\\Phone\Skype.exe" [2009-10-09 12:11:12 25623336]
 "Neuf Media Center"="C:\Program Files\SFR\Media Center\MediaCenter.exe" [2008-10-10 18:24:46 726336]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SoundMan"="SOUNDMAN.EXE" [2007-04-16 13:28:22 577536]
 "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 18:58:21 266497]
 "NvCplDaemon"="C:\WINDOWS\syst​em32\NvCpl.dll" [2007-12-04 23:41:00 8523776]
 "nwiz"="nwiz.exe" [2007-12-04 23:41:00 1626112]
 "NvMediaCenter"="C:\WINDOWS\sy​stem32\NvMcTray.dll" [2007-12-04 23:41:00 81920]
 "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 00:41:10 49152]
 "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 20:16:38 39792]
 "SunJavaUpdateSched"="C:\Progr​am Files\Java\jre6\bin\jusched.ex​e" [2009-03-09 03:19:17 148888]
 "LogitechQuickCamRibbon"="C:\P​rogram Files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 08:35:50 2780432]
 "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-11-10 22:08:18 417792]
 "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-11-12 15:33:10 141600]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="C:\WINDOWS\syste​m32\CTFMON.EXE" [2008-04-14 02:33:59 15360]

 C:\Documents and Settings\supermagichaze\Menu D‚marrer\Programmes\D‚marrage\
 OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

 C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
 HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

 [HKEY_USERS\.default\software\m​icrosoft\windows\currentversio​n\policies\explorer]
 "NoSetActiveDesktop"= 1 (0x1)
 "NoActiveDesktopChanges"= 1 (0x1)

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]
 @="Service"

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Menu Démarrer^Programmes^Démarrage^​WiFi Station N.lnk]
 path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​WiFi Station N.lnk
 backup=C:\WINDOWS\pss\WiFi Station N.lnkCommon Startup

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSMSGS]
 2008-04-14 02:34:13 1695232 ------w- C:\Program Files\Messenger\msmsgs.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MsnMsgr]
 2009-07-26 15:44:52 3883856 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "%windir%\\system32\\sessmgr.e​xe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"​=
 "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "C:\\Program Files\\EA Games\\American McGee's Alice Demo\\alice.exe"=
 "C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
 "C:\\Program Files\\Bonjour\\mDNSResponder.​exe"=
 "C:\\Program Files\\Messenger\\msmsgs.exe"=
 "C:\\Program Files\\iTunes\\iTunes.exe"=
 "C:\\Program Files\\uTorrent\\uTorrent.exe"​=
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
 "C:\\Program Files\\Opera\\opera.exe"=
 "C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
 "C:\\Program Files\\Skype\\Phone\\Skype.exe​"=
 "C:\Program Files\SFR\Media Center\httpd\httpd.exe"= C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.​255.0/255.255.255.0,192.168.1.​0/255.255.255.0:Enabled:Serveu​r de partage Media Center (Player SFR)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "6346:TCP"= 6346:TCP:shareza
 "6346:UDP"= 6346:UDP:shareza

 S2 HerculesWiFi;HerculesWiFi;C:\W​INDOWS\system32\HerculesWiFiSe​rvice.exe --> C:\WINDOWS\system32\HerculesWi​FiService.exe [?]
 S2 WSCS;Windows Server Colocation Service;C:\WINDOWS\system32\ws​cs.exe --> C:\WINDOWS\system32\wscs.exe [?]
 S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfserv​ice.exe [19/12/2008 16:54:10 195752]
 S3 rt2870;Hercules Wireless N USB Driver;C:\WINDOWS\system32\dri​vers\rt2870.sys [27/06/2009 21:41:17 560896]
 S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRI​VERS\sis163u.sys --> C:\WINDOWS\system32\DRIVERS\si​s163u.sys [?]
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://www.sfr.fr/kit/adsl/
 mWindow Title =
 uInternet Connection Wizard,ShellNext = iexplore
 uInternet Settings,ProxyOverride = *.local
 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} - hxxp://www.bitdefender.fr/scan​_fr/scan8/oscan8.cab
 FF - ProfilePath - C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\
 FF - prefs.js: browser.search.selectedEngine - Google
 FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
 FF - prefs.js: keyword.URL - hxxp://thepiratebay.toolbarhom​e.com/search.aspx?srch=ku&q=
 FF - component: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 FF - component: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 FF - plugin: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{b​b628310-0ab7-11db-9cd8-0800200​c9a66}\plugins\nphardwaredetec​tion.dll
 FF - plugin: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDete​ct13.dll
 FF - plugin: C:\Program Files\ma-config.com\nphardware​detection.dll
 FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
 FF - plugin: C:\Program Files\Opera\program\plugins\np​divx32.dll
 FF - plugin: C:\Program Files\Opera\program\plugins\np​kimi.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\WINDOWS\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 .



 et le log hijackthis


 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 14:39:54, on 27/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 C:\WINDOWS\SOUNDMAN.EXE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\uTorrent\uTorrent.exe
 C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 C:\Program Files\SFR\Media Center\MediaCenter.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\WINDOWS\system32\wscntfy.ex​e
 C:\WINDOWS\explorer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers [...] 0_4_13.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe (file missing)
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 --
 End of file - 8882 bytes


Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 27/12/2009 à 23:02:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Supprime ton dernier message avec le rapport ComboFix !

 Pour cela, replaces-toi sur ton message et clique sur le bouton "éditer". Une fois dans le message, va au bas de celui-ci
 et coche > Supprimer ce message ; puis, clique sur > Envoyer.

 En effet, à cause des bugs répétés du forum, tu ne t' es pas
 aperçu que tu avais déjà posté le rapport ComboFix !

 ---
 Je rappelle que dans mon dernier message, je demande les rapports RSIT.

(Publicité)
supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 27/12/2009 à 23:21:57  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok dsl pour le retard j arrivai pas éa poster alors voile le raport de combo-fix

 ComboFix 09-12-25.04 - supermagichaze 27/12/2009  11:08:27.3.2 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.204​7.1396 [GMT 1:00]
 Lancé depuis: C:\Documents and Settings\supermagichaze\Bureau​\Combo-fix.exe
 AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD33​50758C7}
 .

 (((((((((((((((((((((((((((((   Fichiers créés du 2009-11-27 au 2009-12-27  ))))))))))))))))))))))))))))))​))))))
 .

 2009-12-26 12:12:54 . 2009-12-26 12:18:52 -------- d-----w- C:\ToolBar SD
 2009-12-26 12:08:33 . 2009-12-26 12:08:33 -------- d-----w- C:\DriveKey
 2009-12-26 12:04:26 . 2009-12-26 12:06:06 -------- d-----w- C:\WINDOWS\system32\NtmsData
 2009-12-26 01:09:28 . 2009-12-26 01:09:33 -------- d-----w- C:\Program Files\Movies2iPhone
 2009-12-22 13:22:54 . 2009-12-14 21:14:46 94208 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 2009-12-22 13:22:54 . 2009-12-14 21:14:46 50176 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 2009-12-20 00:04:02 . 2009-09-04 16:44:40 515416 ----a-w- C:\WINDOWS\system32\XAudio2_5.​dll
 2009-12-20 00:04:00 . 2009-09-04 16:44:40 238936 ----a-w- C:\WINDOWS\system32\xactengine​3_5.dll
 2009-12-20 00:02:58 . 2007-05-16 15:45:16 3497832 ----a-w- C:\WINDOWS\system32\d3dx9_34.d​ll
 2009-12-20 00:01:53 . 2005-05-26 14:34:52 2297552 ----a-w- C:\WINDOWS\system32\d3dx9_26.d​ll
 2009-12-19 23:51:46 . 2009-12-20 00:00:24 -------- d--h--w- C:\WINDOWS\msdownld.tmp
 2009-12-19 23:51:33 . 2009-12-19 23:51:33 -------- d-----w- C:\WINDOWS\Logs
 2009-12-19 14:36:36 . 2009-12-19 14:36:36 -------- d-----w- C:\ubuntu-backup
 2009-12-19 13:09:50 . 2009-12-19 13:09:50 -------- d-----w- C:\Program Files\Nero
 2009-12-19 13:08:30 . 2009-12-19 13:17:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Nero
 2009-12-19 13:08:27 . 2009-12-19 13:31:15 -------- d-----w- C:\Program Files\Fichiers communs\Nero
 2009-12-17 07:54:16 . 2009-12-17 07:54:16 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Canneverbe_Limited
 2009-12-17 07:54:09 . 2009-12-17 07:54:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
 2009-12-17 07:53:48 . 2009-12-17 07:53:51 -------- d-----w- C:\Program Files\CDBurnerXP
 2009-12-13 13:04:17 . 2009-12-13 13:04:17 -------- d-----w- C:\Documents and Settings\supermagichaze\Local Settings\Application Data\Neuf
 2009-12-09 21:14:57 . 2009-12-09 21:14:57 -------- d-----w- C:\Program Files\KC Softwares
 2009-12-06 10:05:17 . 2009-12-06 10:05:18 -------- d-----w- C:\Program Files\Hexago
 2009-12-05 21:31:25 . 2009-12-19 14:40:10 -------- d-----w- C:\Program Files\NiouzeFire
 2009-12-05 18:19:56 . 2009-12-05 18:19:56 -------- d-----w- C:\Documents and Settings\supermagichaze\Downlo​ads
 2009-12-05 18:19:51 . 2009-12-05 18:20:54 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\NewsLeecher
 2009-12-03 12:53:55 . 2009-12-03 12:53:55 -------- d-----w- C:\Program Files\Fichiers communs\Skype
 2009-12-03 12:53:51 . 2009-12-03 12:53:55 -------- d-----r- C:\Program Files\Skype
 2009-12-02 04:41:32 . 2009-12-09 02:28:07 79488 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Sun\Java\jre1.6.0_17\gtap​i.dll
 2009-11-28 02:08:27 . 2009-11-28 02:08:28 -------- d-----w- C:\WINDOWS\system32\XPSViewer
 2009-11-28 02:08:19 . 2009-11-28 02:08:19 -------- d-----w- C:\Program Files\MSBuild
 2009-11-28 02:08:04 . 2009-11-28 02:08:04 -------- d-----w- C:\Program Files\Reference Assemblies
 2009-11-28 02:07:44 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtp​rocs\w32x86\filterpipelineprin​tproc.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 89088 -c----w- C:\WINDOWS\system32\dllcache\f​ilterpipelineprintproc.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 575488 -c----w- C:\WINDOWS\system32\dllcache\x​psshhdr.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\xpsshhdr.d​ll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 1676288 -c----w- C:\WINDOWS\system32\dllcache\x​pssvcs.dll
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\xpssvcs.dl​l
 2009-11-28 02:07:14 . 2008-07-06 12:06:10 117760 ------w- C:\WINDOWS\system32\prntvpt.dl​l
 2009-11-28 02:07:14 . 2008-07-06 10:50:03 597504 -c----w- C:\WINDOWS\system32\dllcache\p​rintfilterpipelinesvc.exe
 2009-11-28 02:07:14 . 2008-07-06 10:50:03 597504 ------w- C:\WINDOWS\system32\Spool\prtp​rocs\w32x86\printfilterpipelin​esvc.exe
 2009-11-28 02:07:13 . 2009-11-28 02:07:45 -------- d-----w- C:\4a33115712d98a04346800

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2009-12-27 10:16:45 . 2009-11-21 20:30:00 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\uTorrent
 2009-12-27 09:57:27 . 2008-04-09 17:02:19 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\OpenOffice.org2
 2009-12-27 09:57:18 . 2008-08-15 19:05:14 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Skype
 2009-12-27 07:00:11 . 2008-08-15 19:10:30 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\skypePM
 2009-12-26 12:36:58 . 2008-04-09 17:02:55 1 ----a-w- C:\Documents and Settings\supermagichaze\Applic​ation Data\OpenOffice.org2\user\uno_​packages\cache\stamp.sys
 2009-12-26 12:08:32 . 2008-04-08 10:33:25 -------- d--h--w- C:\Program Files\InstallShield Installation Information
 2009-12-25 20:54:14 . 2008-05-10 18:28:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater
 2009-12-19 14:39:07 . 2008-12-20 18:45:30 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Samsung
 2009-12-19 14:36:07 . 2008-04-13 09:29:40 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Shareaza
 2009-12-13 13:02:26 . 2009-07-14 14:53:11 -------- d-----w- C:\Program Files\SFR
 2009-12-09 02:27:17 . 2004-08-05 12:00:00 84526 ----a-w- C:\WINDOWS\system32\perfc00C.d​at
 2009-12-09 02:27:17 . 2004-08-05 12:00:00 510324 ----a-w- C:\WINDOWS\system32\perfh00C.d​at
 2009-12-03 12:53:50 . 2008-08-15 19:04:33 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Skype
 2009-11-29 12:22:22 . 2008-04-08 18:33:44 -------- d-----w- C:\Program Files\Opera
 2009-11-28 08:05:56 . 2008-04-08 11:29:28 18256 ----a-w- C:\Documents and Settings\supermagichaze\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 2009-11-26 10:29:00 . 2009-11-26 10:28:06 -------- d-----w- C:\Program Files\Free Video Converter
 2009-11-26 10:28:41 . 2009-11-26 10:28:06 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\FreeVideoConverter
 2009-11-24 17:11:38 . 2008-05-10 19:08:59 -------- d-----w- C:\Program Files\Windows Live
 2009-11-24 17:10:49 . 2009-11-24 17:10:49 -------- d-----w- C:\Program Files\Microsoft
 2009-11-22 16:09:08 . 2009-07-16 19:04:20 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Apple Computer
 2009-11-21 22:43:24 . 2009-11-21 14:44:45 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\Azureus
 2009-11-21 20:30:16 . 2009-11-21 20:30:16 -------- d-----w- C:\Program Files\uTorrent
 2009-11-21 14:53:41 . 2009-11-20 15:19:25 -------- d-----w- C:\Program Files\iTunes
 2009-11-21 14:45:00 . 2009-11-21 14:45:00 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Azureus
 2009-11-21 14:10:35 . 2009-11-21 14:10:35 13208 ---ha-w- C:\WINDOWS\system32\mlfcache.d​at
 2009-11-20 15:20:40 . 2009-11-20 15:19:25 -------- d-----w- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-​C52491DAA8BD}
 2009-11-20 15:19:30 . 2009-11-20 15:19:30 -------- d-----w- C:\Program Files\iPod
 2009-11-20 15:19:29 . 2009-07-16 19:01:40 -------- d-----w- C:\Program Files\Fichiers communs\Apple
 2009-11-20 15:16:50 . 2009-11-20 15:16:16 -------- d-----w- C:\Program Files\QuickTime
 2009-11-20 15:09:39 . 2009-11-20 15:09:39 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
 2009-11-20 15:07:45 . 2009-11-20 15:07:34 -------- d-----w- C:\Program Files\Safari
 2009-11-20 15:05:48 . 2009-11-20 15:05:48 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
 2009-11-06 15:21:13 . 2009-11-06 15:13:15 -------- d-----w- C:\Documents and Settings\supermagichaze\Applic​ation Data\DeepBurner
 2009-11-06 15:13:10 . 2009-11-06 15:13:10 -------- d-----w- C:\Program Files\Astonsoft
 2009-10-29 07:42:33 . 2004-09-29 18:49:14 916480 ------w- C:\WINDOWS\system32\wininet.dl​l
 2009-10-21 05:39:43 . 2004-08-05 12:00:00 75776 ----a-w- C:\WINDOWS\system32\strmfilt.d​ll
 2009-10-21 05:39:43 . 2004-08-05 12:00:00 25088 ----a-w- C:\WINDOWS\system32\httpapi.dl​l
 2009-10-20 16:20:16 . 2004-08-05 12:00:00 265728 ----a-w- C:\WINDOWS\system32\drivers\ht​tp.sys
 2009-10-13 10:33:37 . 2004-08-05 12:00:00 271360 ----a-w- C:\WINDOWS\system32\oakley.dll
 2009-10-12 13:39:22 . 2004-08-05 12:00:00 79872 ----a-w- C:\WINDOWS\system32\raschap.dl​l
 2009-10-12 13:39:22 . 2004-08-05 12:00:00 150528 ----a-w- C:\WINDOWS\system32\rastls.dll
 2009-09-28 19:57:28 . 2008-12-20 18:36:41 7168 ----a-w- C:\WINDOWS\system32\drivers\St​arOpen.sys
 2008-04-11 01:43:28 . 2008-04-11 01:43:27 278528 ----a-w- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 ----a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 ----a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 ----a-w- C:\Program Files\opera\program\plugins\li​bdivx.dll
 2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 ----a-w- C:\Program Files\opera\program\plugins\ss​ldivx.dll
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Logitech Vid"="C:\Program Files\Logitech\Logitech Vid\vid.exe" [2009-06-02 06:59:46 5451536]
 "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 15:44:52 3883856]
 "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2009-12-09 06:14:49 289584]
 "Skype"="C:\Program Files\Skype\\Phone\Skype.exe" [2009-10-09 12:11:12 25623336]
 "Neuf Media Center"="C:\Program Files\SFR\Media Center\MediaCenter.exe" [2008-10-10 18:24:46 726336]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SoundMan"="SOUNDMAN.EXE" [2007-04-16 13:28:22 577536]
 "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 18:58:21 266497]
 "NvCplDaemon"="C:\WINDOWS\syst​em32\NvCpl.dll" [2007-12-04 23:41:00 8523776]
 "nwiz"="nwiz.exe" [2007-12-04 23:41:00 1626112]
 "NvMediaCenter"="C:\WINDOWS\sy​stem32\NvMcTray.dll" [2007-12-04 23:41:00 81920]
 "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 00:41:10 49152]
 "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 20:16:38 39792]
 "SunJavaUpdateSched"="C:\Progr​am Files\Java\jre6\bin\jusched.ex​e" [2009-03-09 03:19:17 148888]
 "LogitechQuickCamRibbon"="C:\P​rogram Files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 08:35:50 2780432]
 "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-11-10 22:08:18 417792]
 "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-11-12 15:33:10 141600]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="C:\WINDOWS\syste​m32\CTFMON.EXE" [2008-04-14 02:33:59 15360]

 C:\Documents and Settings\supermagichaze\Menu D‚marrer\Programmes\D‚marrage\
 OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

 C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
 HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

 [HKEY_USERS\.default\software\m​icrosoft\windows\currentversio​n\policies\explorer]
 "NoSetActiveDesktop"= 1 (0x1)
 "NoActiveDesktopChanges"= 1 (0x1)

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]
 @="Service"

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Menu Démarrer^Programmes^Démarrage^​WiFi Station N.lnk]
 path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​WiFi Station N.lnk
 backup=C:\WINDOWS\pss\WiFi Station N.lnkCommon Startup

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSMSGS]
 2008-04-14 02:34:13 1695232 ------w- C:\Program Files\Messenger\msmsgs.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MsnMsgr]
 2009-07-26 15:44:52 3883856 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "%windir%\\system32\\sessmgr.e​xe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"​=
 "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
 "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "C:\\Program Files\\EA Games\\American McGee's Alice Demo\\alice.exe"=
 "C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
 "C:\\Program Files\\Bonjour\\mDNSResponder.​exe"=
 "C:\\Program Files\\Messenger\\msmsgs.exe"=
 "C:\\Program Files\\iTunes\\iTunes.exe"=
 "C:\\Program Files\\uTorrent\\uTorrent.exe"​=
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
 "C:\\Program Files\\Opera\\opera.exe"=
 "C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
 "C:\\Program Files\\Skype\\Phone\\Skype.exe​"=
 "C:\Program Files\SFR\Media Center\httpd\httpd.exe"= C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.​255.0/255.255.255.0,192.168.1.​0/255.255.255.0:Enabled:Serveu​r de partage Media Center (Player SFR)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "6346:TCP"= 6346:TCP:shareza
 "6346:UDP"= 6346:UDP:shareza

 S2 HerculesWiFi;HerculesWiFi;C:\W​INDOWS\system32\HerculesWiFiSe​rvice.exe --> C:\WINDOWS\system32\HerculesWi​FiService.exe [?]
 S2 WSCS;Windows Server Colocation Service;C:\WINDOWS\system32\ws​cs.exe --> C:\WINDOWS\system32\wscs.exe [?]
 S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfserv​ice.exe [19/12/2008 16:54:10 195752]
 S3 rt2870;Hercules Wireless N USB Driver;C:\WINDOWS\system32\dri​vers\rt2870.sys [27/06/2009 21:41:17 560896]
 S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRI​VERS\sis163u.sys --> C:\WINDOWS\system32\DRIVERS\si​s163u.sys [?]
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://www.sfr.fr/kit/adsl/
 mWindow Title =
 uInternet Connection Wizard,ShellNext = iexplore
 uInternet Settings,ProxyOverride = *.local
 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} - hxxp://www.bitdefender.fr/scan​_fr/scan8/oscan8.cab
 FF - ProfilePath - C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\
 FF - prefs.js: browser.search.selectedEngine - Google
 FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
 FF - prefs.js: keyword.URL - hxxp://thepiratebay.toolbarhom​e.com/search.aspx?srch=ku&q=
 FF - component: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayAccessComponent.dll
 FF - component: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{6​2760FD6-B943-48C9-AB09-F99C6FE​96088}\platform\WINNT\componen​ts\ebayShortcutMaker.dll
 FF - plugin: C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla\Firefox\Profiles\​takljwgt.default\extensions\{b​b628310-0ab7-11db-9cd8-0800200​c9a66}\plugins\nphardwaredetec​tion.dll
 FF - plugin: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDete​ct13.dll
 FF - plugin: C:\Program Files\ma-config.com\nphardware​detection.dll
 FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
 FF - plugin: C:\Program Files\Opera\program\plugins\np​divx32.dll
 FF - plugin: C:\Program Files\Opera\program\plugins\np​kimi.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\WINDOWS\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 .



 et le log hijackthis


 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 14:39:54, on 27/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 C:\WINDOWS\SOUNDMAN.EXE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\uTorrent\uTorrent.exe
 C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 C:\Program Files\SFR\Media Center\MediaCenter.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\WINDOWS\system32\wscntfy.ex​e
 C:\WINDOWS\explorer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers [...] 0_4_13.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe (file missing)
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 --
 End of file - 8882 bytes


Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 27/12/2009 à 23:26:34  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Supprime tes 2 derniers messages avec le rapport ComboFix !

 Pour cela, replaces-toi sur ces messages et clique sur le bouton "éditer". Une fois dans le message, va au bas de celui-ci
 et coche > Supprimer ce message ; puis, clique sur > Envoyer.

 En effet, à cause des bugs répétés du forum, tu ne t' es pas
 aperçu que tu avais déjà posté le rapport ComboFix !

 ---
 Je rappelle que dans mon dernier message, je demande les rapports RSIT.

supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 27/12/2009 à 23:27:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
re kmisol alors j ai fait comme tu ma demander j ai voulu editer et effacer mon poste mais du coup cela ma tous effacer meme ta derniere reponser donc je n ai pas u le temps de suivre la marche a suivre toute mes escuses.
 Et sinon mon pc ram depuit avant l instalation de utorrent mais j avou que se derniere n a pas arranger les choses  :D

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 27/12/2009 à 23:32:42  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Merci de supprimer les messages :

 le 27 décembre 2009 à 20h48
 le 27 décembre 2009 à 22h21

 Insiste !

supermagichaze
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 27/12/2009 à 23:43:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bon alors j ai beau insisté je n arrive pas a effacer mes messages mais je vais continuer d insisté.

 En attendant voici les raport de rist:


 Logfile of random's system information tool 1.06 (written by random/random)
 Run by supermagichaze at 2009-12-27 22:39:31
 Microsoft Windows XP Édition familiale Service Pack 3
 System drive C: has 40 GB (17%) free of 238 GB
 Total RAM: 2047 MB (71% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 22:39:39, on 27/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 C:\WINDOWS\SOUNDMAN.EXE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\uTorrent\uTorrent.exe
 C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 C:\Program Files\SFR\Media Center\MediaCenter.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIMa​nager.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\Program Files\SFR\Media Center\httpd\httpd.exe
 C:\WINDOWS\system32\wscntfy.ex​e
 C:\WINDOWS\explorer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Documents and Settings\supermagichaze\Bureau​\RSIT.exe
 C:\Program Files\Trend Micro\HijackThis\supermagichaz​e.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers [...] 0_4_13.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe (file missing)
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\AOLbox\Gateway\wlancfg.e​xe
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 --
 End of file - 9039 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\AppleSoftware​Update.job
 C:\WINDOWS\tasks\Google Software Updater.job
 C:\WINDOWS\tasks\Maintenance en 1 clic.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
 Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll [2006-10-22 62080]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
 Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll [2009-03-25 668656]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2009-03-09 73728]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SoundMan"=C:\WINDOWS\SOUNDMAN​.EXE [2007-04-16 577536]
 "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-17 266497]
 "NvCplDaemon"=C:\WINDOWS\syste​m32\NvCpl.dll [2007-12-05 8523776]
 "nwiz"=nwiz.exe /install []
 "NvMediaCenter"=C:\WINDOWS\sys​tem32\NvMcTray.dll [2007-12-05 81920]
 "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
 "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
 "SunJavaUpdateSched"=C:\Progra​m Files\Java\jre6\bin\jusched.ex​e [2009-03-09 148888]
 "LogitechQuickCamRibbon"=C:\Pr​ogram Files\Logitech\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]
 "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
 "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Logitech Vid"=C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-06-02 5451536]
 "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
 "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-12-09 289584]
 "Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]
 "Neuf Media Center"=C:\Program Files\SFR\Media Center\MediaCenter.exe [2008-10-10 726336]
 "ctfmon.exe"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSMSGS]
 C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MsnMsgr]
 C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^​WiFi Station N.lnk]
 C:\PROGRA~1\Hercules\WIFIST~1\​WiFiN.exe [2008-02-21 25048360]

 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
 HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

 C:\Documents and Settings\supermagichaze\Menu Démarrer\Programmes\Démarrage
 OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\PEVSystemStart]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\procexp90.Sys]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\aawservice]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\PEVSystemStart]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\procexp90.Sys]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveAutoRun"=67108863
 "NoDriveTypeAutoRun"=323
 "NoDrives"=0

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "NoDriveAutoRun"=
 "NoDriveTypeAutoRun"=
 "NoDrives"=
 "HonorAutoRunSetting"=

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Ena​bled:hpofxm08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Ena​bled:hposfx08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Ena​bled:hpqscnvw.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enab​led:hpqcopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Ena​bled:hpzwiz01.exe"
 "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="​C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:​Enabled:hpqphunl.exe"
 "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:​\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:En​abled:hpqdia.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Ena​bled:hpqnrs08.exe"
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "C:\Program Files\ma-config.com\maconfserv​ice.exe"="C:\Program Files\ma-config.com\maconfserv​ice.exe:LocalSubNet:Enabled:ma​confservice"
 "C:\Program Files\EA Games\American McGee's Alice Demo\alice.exe"="C:\Program Files\EA Games\American McGee's Alice Demo\alice.exe:*:Enabled:Ameri​can McGee's Alice"
 "C:\Program Files\Logitech\Logitech Vid\Vid.exe"="C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid"
 "C:\Program Files\Bonjour\mDNSResponder.ex​e"="C:\Program Files\Bonjour\mDNSResponder.ex​e:*:Enabled:Bonjour"
 "C:\Program Files\Messenger\msmsgs.exe"="C​:\Program Files\Messenger\msmsgs.exe:*:E​nabled:Windows Messenger"
 "C:\Program Files\iTunes\iTunes.exe"="C:\P​rogram Files\iTunes\iTunes.exe:*:Enab​led:iTunes"
 "C:\Program Files\uTorrent\uTorrent.exe"="​C:\Program Files\uTorrent\uTorrent.exe:*:​Enabled:µTorrent"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Opera\opera.exe"="C:\Pro​gram Files\Opera\opera.exe:*:Enable​d:Opera Internet Browser"
 "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Progr​am Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:​Skype Extras Manager"
 "C:\Program Files\Skype\Phone\Skype.exe"="​C:\Program Files\Skype\Phone\Skype.exe:*:​Enabled:Skype"
 "C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Pr​ogram Files\SFR\Media Center\httpd\httpd.exe:172.16.​255.0/255.255.255.0,192.168.1.​0/255.255.255.0:Enabled:Serveu​r de partage Media Center (Player SFR)"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"

 ======List of files/folders created in the last 1 months======

 2009-12-27 22:39:31 ----D---- C:\rsit
 2009-12-27 19:59:36 ----SHD---- C:\RECYCLER
 2009-12-27 11:06:47 ----D---- C:\Combo-fix
 2009-12-26 14:57:10 ----A---- C:\WINDOWS\MBR.exe
 2009-12-26 14:57:09 ----A---- C:\WINDOWS\PEV.exe
 2009-12-26 13:54:42 ----A---- C:\WINDOWS\SchedLgU.Txt
 2009-12-26 13:13:40 ----A---- C:\TB.txt
 2009-12-26 13:12:54 ----D---- C:\ToolBar SD
 2009-12-26 13:08:33 ----D---- C:\DriveKey
 2009-12-26 13:04:26 ----D---- C:\WINDOWS\system32\NtmsData
 2009-12-26 02:09:28 ----D---- C:\Program Files\Movies2iPhone
 2009-12-20 01:04:02 ----A---- C:\WINDOWS\system32\XAudio2_5.​dll
 2009-12-20 01:04:00 ----A---- C:\WINDOWS\system32\xactengine​3_5.dll
 2009-12-20 01:03:58 ----A---- C:\WINDOWS\system32\D3DCompile​r_42.dll
 2009-12-20 01:03:54 ----A---- C:\WINDOWS\system32\d3dcsx_42.​dll
 2009-12-20 01:03:52 ----A---- C:\WINDOWS\system32\d3dx11_42.​dll
 2009-12-20 01:03:51 ----A---- C:\WINDOWS\system32\d3dx10_42.​dll
 2009-12-20 01:03:48 ----A---- C:\WINDOWS\system32\D3DX9_42.d​ll
 2009-12-20 01:03:46 ----A---- C:\WINDOWS\system32\d3dx10_41.​dll
 2009-12-20 01:03:46 ----A---- C:\WINDOWS\system32\D3DCompile​r_41.dll
 2009-12-20 01:03:44 ----A---- C:\WINDOWS\system32\D3DX9_41.d​ll
 2009-12-20 01:03:42 ----A---- C:\WINDOWS\system32\XAudio2_4.​dll
 2009-12-20 01:03:42 ----A---- C:\WINDOWS\system32\XAPOFX1_3.​dll
 2009-12-20 01:03:40 ----A---- C:\WINDOWS\system32\xactengine​3_4.dll
 2009-12-20 01:03:40 ----A---- C:\WINDOWS\system32\X3DAudio1_​6.dll
 2009-12-20 01:03:38 ----A---- C:\WINDOWS\system32\d3dx10_40.​dll
 2009-12-20 01:03:38 ----A---- C:\WINDOWS\system32\D3DCompile​r_40.dll
 2009-12-20 01:03:36 ----A---- C:\WINDOWS\system32\D3DX9_40.d​ll
 2009-12-20 01:03:35 ----A---- C:\WINDOWS\system32\XAudio2_3.​dll
 2009-12-20 01:03:35 ----A---- C:\WINDOWS\system32\XAPOFX1_2.​dll
 2009-12-20 01:03:33 ----A---- C:\WINDOWS\system32\xactengine​3_3.dll
 2009-12-20 01:03:32 ----A---- C:\WINDOWS\system32\X3DAudio1_​5.dll
 2009-12-20 01:03:31 ----A---- C:\WINDOWS\system32\XAudio2_2.​dll
 2009-12-20 01:03:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.​dll
 2009-12-20 01:03:30 ----A---- C:\WINDOWS\system32\xactengine​3_2.dll
 2009-12-20 01:03:29 ----A---- C:\WINDOWS\system32\D3DCompile​r_39.dll
 2009-12-20 01:03:28 ----A---- C:\WINDOWS\system32\d3dx10_39.​dll
 2009-12-20 01:03:27 ----A---- C:\WINDOWS\system32\D3DX9_39.d​ll
 2009-12-20 01:03:25 ----A---- C:\WINDOWS\system32\XAudio2_1.​dll
 2009-12-20 01:03:25 ----A---- C:\WINDOWS\system32\XAPOFX1_0.​dll
 2009-12-20 01:03:24 ----A---- C:\WINDOWS\system32\xactengine​3_1.dll
 2009-12-20 01:03:23 ----A---- C:\WINDOWS\system32\X3DAudio1_​4.dll
 2009-12-20 01:03:22 ----A---- C:\WINDOWS\system32\d3dx10_38.​dll
 2009-12-20 01:03:22 ----A---- C:\WINDOWS\system32\D3DCompile​r_38.dll
 2009-12-20 01:03:20 ----A---- C:\WINDOWS\system32\D3DX9_38.d​ll
 2009-12-20 01:03:18 ----A---- C:\WINDOWS\system32\XAudio2_0.​dll
 2009-12-20 01:03:17 ----A---- C:\WINDOWS\system32\xactengine​3_0.dll
 2009-12-20 01:03:16 ----A---- C:\WINDOWS\system32\X3DAudio1_​3.dll
 2009-12-20 01:03:15 ----A---- C:\WINDOWS\system32\d3dx10_37.​dll
 2009-12-20 01:03:15 ----A---- C:\WINDOWS\system32\D3DCompile​r_37.dll
 2009-12-20 01:03:14 ----A---- C:\WINDOWS\system32\D3DX9_37.d​ll
 2009-12-20 01:03:12 ----A---- C:\WINDOWS\system32\xactengine​2_10.dll
 2009-12-20 01:03:10 ----A---- C:\WINDOWS\system32\d3dx10_36.​dll
 2009-12-20 01:03:10 ----A---- C:\WINDOWS\system32\D3DCompile​r_36.dll
 2009-12-20 01:03:08 ----A---- C:\WINDOWS\system32\d3dx9_36.d​ll
 2009-12-20 01:03:06 ----A---- C:\WINDOWS\system32\xactengine​2_9.dll
 2009-12-20 01:03:05 ----A---- C:\WINDOWS\system32\d3dx10_35.​dll
 2009-12-20 01:03:05 ----A---- C:\WINDOWS\system32\D3DCompile​r_35.dll
 2009-12-20 01:03:04 ----A---- C:\WINDOWS\system32\d3dx9_35.d​ll
 2009-12-20 01:03:02 ----A---- C:\WINDOWS\system32\xactengine​2_8.dll
 2009-12-20 01:03:02 ----A---- C:\WINDOWS\system32\X3DAudio1_​2.dll
 2009-12-20 01:03:01 ----A---- C:\WINDOWS\system32\d3dx10_34.​dll
 2009-12-20 01:03:01 ----A---- C:\WINDOWS\system32\D3DCompile​r_34.dll
 2009-12-20 01:02:58 ----A---- C:\WINDOWS\system32\d3dx9_34.d​ll
 2009-12-20 01:02:57 ----A---- C:\WINDOWS\system32\xinput1_3.​dll
 2009-12-20 01:02:52 ----A---- C:\WINDOWS\system32\xactengine​2_7.dll
 2009-12-20 01:02:47 ----A---- C:\WINDOWS\system32\d3dx10_33.​dll
 2009-12-20 01:02:47 ----A---- C:\WINDOWS\system32\D3DCompile​r_33.dll
 2009-12-20 01:02:37 ----A---- C:\WINDOWS\system32\d3dx9_33.d​ll
 2009-12-20 01:02:35 ----A---- C:\WINDOWS\system32\xactengine​2_6.dll
 2009-12-20 01:02:33 ----A---- C:\WINDOWS\system32\xactengine​2_5.dll
 2009-12-20 01:02:30 ----A---- C:\WINDOWS\system32\d3dx9_32.d​ll
 2009-12-20 01:02:28 ----A---- C:\WINDOWS\system32\xactengine​2_4.dll
 2009-12-20 01:02:28 ----A---- C:\WINDOWS\system32\x3daudio1_​1.dll
 2009-12-20 01:02:26 ----A---- C:\WINDOWS\system32\d3dx9_31.d​ll
 2009-12-20 01:02:24 ----A---- C:\WINDOWS\system32\xactengine​2_3.dll
 2009-12-20 01:02:22 ----A---- C:\WINDOWS\system32\xinput1_2.​dll
 2009-12-20 01:02:21 ----A---- C:\WINDOWS\system32\xactengine​2_2.dll
 2009-12-20 01:02:19 ----A---- C:\WINDOWS\system32\xinput1_1.​dll
 2009-12-20 01:02:17 ----A---- C:\WINDOWS\system32\xactengine​2_1.dll
 2009-12-20 01:02:04 ----A---- C:\WINDOWS\system32\xactengine​2_0.dll
 2009-12-20 01:02:04 ----A---- C:\WINDOWS\system32\x3daudio1_​0.dll
 2009-12-20 01:02:02 ----A---- C:\WINDOWS\system32\d3dx9_29.d​ll
 2009-12-20 01:02:00 ----A---- C:\WINDOWS\system32\d3dx9_28.d​ll
 2009-12-20 01:01:59 ----A---- C:\WINDOWS\system32\xinput9_1_​0.dll
 2009-12-20 01:01:56 ----A---- C:\WINDOWS\system32\d3dx9_27.d​ll
 2009-12-20 01:01:53 ----A---- C:\WINDOWS\system32\d3dx9_26.d​ll
 2009-12-20 01:01:50 ----A---- C:\WINDOWS\system32\d3dx9_25.d​ll
 2009-12-20 01:01:43 ----A---- C:\WINDOWS\system32\d3dx9_24.d​ll
 2009-12-20 00:51:46 ----HD---- C:\WINDOWS\msdownld.tmp
 2009-12-20 00:51:33 ----D---- C:\WINDOWS\Logs
 2009-12-19 15:36:36 ----D---- C:\ubuntu-backup
 2009-12-19 14:09:50 ----D---- C:\Program Files\Nero
 2009-12-19 14:08:30 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
 2009-12-19 14:08:27 ----D---- C:\Program Files\Fichiers communs\Nero
 2009-12-19 14:05:23 ----A---- C:\WINDOWS\system32\d3dx9_30.d​ll
 2009-12-17 08:54:16 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\Canneverbe_Limited
 2009-12-17 08:54:09 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
 2009-12-17 08:53:48 ----D---- C:\Program Files\CDBurnerXP
 2009-12-12 19:21:05 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\WinRAR
 2009-12-12 19:20:31 ----D---- C:\Program Files\WinRAR
 2009-12-09 22:14:57 ----D---- C:\Program Files\KC Softwares
 2009-12-09 03:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB97043​0$
 2009-12-09 03:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB97431​8$
 2009-12-09 03:04:08 ----HDC---- C:\WINDOWS\$NtUninstallKB97390​4$
 2009-12-09 03:03:59 ----HDC---- C:\WINDOWS\$NtUninstallKB97439​2$
 2009-12-09 03:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB97173​7$
 2009-12-06 11:05:17 ----D---- C:\Program Files\Hexago
 2009-12-05 22:31:25 ----D---- C:\Program Files\NiouzeFire
 2009-12-05 19:19:51 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\NewsLeecher
 2009-12-03 13:53:55 ----D---- C:\Program Files\Fichiers communs\Skype
 2009-12-03 13:53:51 ----RD---- C:\Program Files\Skype
 2009-11-29 03:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB96111​8$
 2009-11-28 03:08:27 ----D---- C:\WINDOWS\system32\XPSViewer
 2009-11-28 03:08:19 ----D---- C:\Program Files\MSBuild
 2009-11-28 03:08:15 ----D---- C:\WINDOWS\system32\en-US
 2009-11-28 03:08:04 ----D---- C:\Program Files\Reference Assemblies
 2009-11-28 03:07:14 ----N---- C:\WINDOWS\system32\xpssvcs.dl​l
 2009-11-28 03:07:14 ----N---- C:\WINDOWS\system32\xpsshhdr.d​ll
 2009-11-28 03:07:14 ----N---- C:\WINDOWS\system32\prntvpt.dl​l
 2009-11-28 03:07:13 ----D---- C:\4a33115712d98a04346800

 ======List of files/folders modified in the last 1 months======

 2009-12-27 22:39:29 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\uTorrent
 2009-12-27 20:13:57 ----D---- C:\WINDOWS\Temp
 2009-12-27 11:18:59 ----D---- C:\Program Files\Mozilla Firefox
 2009-12-27 11:17:26 ----D---- C:\Qoobox
 2009-12-27 11:16:27 ----D---- C:\WINDOWS
 2009-12-27 11:16:27 ----A---- C:\WINDOWS\system.ini
 2009-12-27 11:13:20 ----D---- C:\WINDOWS\system32\drivers
 2009-12-27 11:13:20 ----D---- C:\WINDOWS\system32
 2009-12-27 11:13:20 ----D---- C:\WINDOWS\AppPatch
 2009-12-27 11:13:18 ----D---- C:\Program Files\Fichiers communs
 2009-12-27 11:07:47 ----D---- C:\WINDOWS\system32\CatRoot2
 2009-12-27 11:07:23 ----D---- C:\WINDOWS\Prefetch
 2009-12-27 10:57:27 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\OpenOffice.org2
 2009-12-27 10:57:18 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\Skype
 2009-12-27 08:00:11 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\skypePM
 2009-12-26 15:15:06 ----D---- C:\WINDOWS\ERDNT
 2009-12-26 13:55:25 ----SD---- C:\WINDOWS\Tasks
 2009-12-26 13:46:58 ----RD---- C:\Program Files
 2009-12-26 13:08:32 ----HD---- C:\Program Files\InstallShield Installation Information
 2009-12-26 12:41:39 ----HD---- C:\WINDOWS\inf
 2009-12-25 21:54:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
 2009-12-22 14:20:37 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\Mozilla
 2009-12-20 01:04:07 ----D---- C:\WINDOWS\system32\DirectX
 2009-12-20 01:02:17 ----RSD---- C:\WINDOWS\assembly
 2009-12-20 01:01:29 ----D---- C:\WINDOWS\Microsoft.NET
 2009-12-19 15:47:33 ----D---- C:\WINDOWS\system32\Samsung_US​B_Drivers
 2009-12-19 15:45:10 ----D---- C:\WINDOWS\Debug
 2009-12-19 15:39:07 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\Samsung
 2009-12-19 15:38:53 ----SHD---- C:\WINDOWS\Installer
 2009-12-19 15:36:37 ----RSH---- C:\boot.ini
 2009-12-19 15:36:07 ----D---- C:\Documents and Settings\supermagichaze\Applic​ation Data\Shareaza
 2009-12-19 14:04:41 ----D---- C:\WINDOWS\WinSxS
 2009-12-13 14:02:26 ----D---- C:\Program Files\SFR
 2009-12-09 03:27:17 ----A---- C:\WINDOWS\system32\PerfString​Backup.INI
 2009-12-09 03:20:26 ----D---- C:\WINDOWS\security
 2009-12-09 03:04:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
 2009-12-09 03:04:31 ----D---- C:\Program Files\Internet Explorer
 2009-12-09 03:04:16 ----HD---- C:\WINDOWS\$hf_mig$
 2009-12-05 19:19:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
 2009-12-03 13:53:50 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
 2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
 2009-11-29 13:22:22 ----D---- C:\Program Files\Opera
 2009-11-29 03:01:42 ----D---- C:\WINDOWS\system32\CatRoot
 2009-11-28 03:08:12 ----RSD---- C:\WINDOWS\Fonts
 2009-11-28 03:07:41 ----D---- C:\WINDOWS\system32\spool

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
 R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\av​ipbb.sys [2009-05-27 75096]
 R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-14 40576]
 R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kb​dhid.sys [2008-04-14 14720]
 R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ss​mdrv.sys [2007-03-01 28352]
 R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tc​pip6.sys [2008-06-20 225856]
 R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws​2ifsl.sys [2004-08-05 12032]
 R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\Ae​gisP.sys [2009-06-27 21419]
 R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\AL​CXWDM.SYS [2008-01-24 4127488]
 R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\ar​p1394.sys [2008-04-13 60800]
 R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
 R3 catchme;catchme; \??\C:\DOCUME~1\SUPERM~1\LOCAL​S~1\Temp\catchme.sys []
 R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GE​ARAspiWDM.sys [2009-05-18 26600]
 R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LV​Pr2Mon.sys [2009-04-30 25624]
 R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2004-08-05 12288]
 R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\ni​c1394.sys [2008-04-13 61824]
 R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv​4_mini.sys [2007-12-05 7435392]
 R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​nicxp.sys [2008-04-08 105088]
 R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tu​nmp.sys [2008-04-13 12288]
 R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\us​behci.sys [2008-04-13 30208]
 R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bhub.sys [2008-04-13 59520]
 R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 driverhardwarev2;driverhardwar​ev2; \??\C:\Program Files\ma-config.com\Drivers\dr​iverhardwarev2.sys []
 S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HP​Zid412.sys [2006-04-13 49664]
 S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HP​Zipr12.sys [2006-04-13 16496]
 S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HP​Zius12.sys [2006-04-13 21568]
 S3 mbr;mbr; \??\C:\DOCUME~1\SUPERM~1\LOCAL​S~1\Temp\mbr.sys []
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR​5.SYS []
 S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDI​S5.SYS []
 S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV​302V32.SYS [2009-04-30 2687512]
 S3 rt2870;Hercules Wireless N USB Driver; C:\WINDOWS\system32\DRIVERS\rt​2870.sys [2008-01-31 560896]
 S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RT​L8139.SYS [2004-08-03 20992]
 S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1​17bus.sys [2007-06-25 82984]
 S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\si​s163u.sys []
 S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\St​arOpen.sys [2009-09-28 7168]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\us​baapl.sys [2009-08-28 40448]
 S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bprint.sys [2008-04-13 25856]
 S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\us​bscan.sys [2008-04-13 15104]
 S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
 R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
 R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2009-07-09 144712]
 R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2008-12-12 238888]
 R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
 R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
 R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.ex​e [2009-09-06 71096]
 R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.ex​e [2007-12-05 155716]
 R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
 S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe []
 S2 HerculesWiFi;HerculesWiFi; C:\WINDOWS\system32\HerculesWi​FiService.exe []
 S2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcS​rv.exe [2009-04-30 154136]
 S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.e​xe [2006-03-03 69632]
 S2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\AOLbox\Gateway\wlancfg.e​xe [2006-02-24 1466368]
 S2 WSCS;Windows Server Colocation Service; C:\WINDOWS\system32\wscs.exe []
 S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfserv​ice.exe [2008-12-19 195752]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 -----------------EOF----------​-------






 info.txt logfile of random's system information tool 1.06 2009-12-27 22:39:44

 ======Uninstall list======

 -->C:\Program Files\DivX\DivXConverterUninst​all.exe /CONVERTER
 -->rundll32.exe setupapi.dll,InstallHinfSectio​n DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
 µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
 Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6F​D3C28D1EF}
 Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B12​0F86AF5D7}
 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\​Macromed\Flash\uninstall_activ​eX.exe
 Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\M​acromed\Flash\uninstall_plugin​.exe
 Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81​200000003}
 Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe​\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOC​KW~1\Install.log
 Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13F​E0E915E6D}
 Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8​A33E65143}
 Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8​D1C18F4EE}
 Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F4​95BE32033}
 Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18​E473546C7}
 Autodesk Design Review 2009-->C:\Program Files\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {450063AA-643B-417C-8CF5-405BA​3F4EF40} /M ADR
 Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
 AVS DVD Player version 2.4-->"C:\Program Files\AVS4YOU\AVSDVDPlayer\uni​ns000.exe"
 AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavig​ator\unins000.exe"
 Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D7​77245C35B}
 CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
 CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
 Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7up​dates\KB947864-IE7\spuninst\sp​uninst.exe"
 Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUn​installKB952287$\spuninst\spun​inst.exe"
 Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUn​installKB961118$\spuninst\spun​inst.exe"
 Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$N​tUninstallKB970653-v3$\spunins​t\spuninst.exe"
 Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$N​tUninstallKB976098-v2$\spunins​t\spuninst.exe"
 Dealio Toolbar v4.0.1-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B4​1F46E97EF}
 DeepBurner v1.9.0.228-->"C:\Program Files\Astonsoft\DeepBurner\Uni​nstall.exe" "C:\Program Files\Astonsoft\DeepBurner\ins​tall.log" -u
 DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.​exe /CODEC
 DivX Converter-->C:\Program Files\DivX\DivXConverterUninst​all.exe /CONVERTER
 DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall​.exe /PLAYER
 DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninst​all.exe /DSFILTERS
 DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninst​all.exe /PLUGIN
 ESET Online Scanner-->C:\WINDOWS\system32\​OnlineScannerUninstaller.exe
 Free Video Converter V 2.3-->"C:\Program Files\Free Video Converter\unins000.exe"
 FusionSoft DVD Player XP Version 5.0-->"C:\Program Files\FusionSoft DVD Player XP\unins000.exe"
 Ghost Recon-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{D89EF3B3-6F17-466​5-B7A9-A4235A6DC787}\Setup.exe​"
 Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA​4F0EA21E3}
 Hercules WiFi N-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-461​5-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
 HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e" /uninstall
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A​786E658} /qb+ REBOOTPROMPT=""
 HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr​01.exe -datfile hpqhsc01.dat
 HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzsc​r01.exe -datfile hpqbud01.dat
 HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E17​9C1FFFC2F}
 HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8C​B1-19BA765DBC6C}\setup\hpzscr0​1.exe -datfile hposcr11.dat
 HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258​C3C7DF72E}
 HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
 HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{0E0DF90C-D0BA-4C8​9-9262-AD78D1A3DE51}\Setup.exe​" -l0x9  anything
 Imikimi Plugin-->"C:\Program Files\Imikimi\uninstall.exe"
 Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
 Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C​063A63F31}
 iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-884​9A2A700D5}
 J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0150000}
 Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F8​3216010FF}
 Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160070}
 Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C​48E991DE5}
 KC Softwares VideoInspector-->"C:\Program Files\KC Softwares\VideoInspector\unins​000.exe"
 Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
 Logitech Vid-->MsiExec.exe /I{4FBCEA31-5D18-4212-9231-DE7​CF1BE7DBB}
 Logitech Webcam Software-->MsiExec.exe /I{AC96671C-2001-432C-9826-526​6D84EF1DC}
 Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DA​E9E35307A}
 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
 Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B​559F4E700}
 Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Micro​soft.NET\Framework\v1.1.4322\U​pdates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Fram​ework\v1.1.4322\Updates\M95329​7\M953297Uninstall.msp"
 Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52E​AE172A1}
 Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F5​2EAE172A1}
 Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1​D67F2073F}
 Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8D​CCDE8F8C7}
 Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET​\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
 Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4​DCF5C5BD9}
 Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C​8A0C4D570}
 Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallIDNMitigationAPIs$​\spuninst\spuninst.exe"
 Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallNLSDownlevelMappin​g$\spuninst\spuninst.exe"
 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C8​3EC895118}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0​f04e2912c}
 Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUn​installKB952069_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUn​installKB954155_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUn​installKB968816_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUn​installKB973540_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7up​dates\KB938127-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7up​dates\KB942615-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7up​dates\KB944533-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7up​dates\KB950759-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7up​dates\KB953838-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7up​dates\KB956390-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7up​dates\KB958215-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7up​dates\KB960714-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7up​dates\KB961260-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7up​dates\KB963027-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7up​dates\KB969897-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8up​dates\KB969897-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8up​dates\KB971961-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8up​dates\KB972260-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8up​dates\KB974455-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8up​dates\KB976325-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUn​installKB923561$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system​32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\F​lash\KB923789.inf
 Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUn​installKB938464$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$N​tUninstallKB938464-v2$\spunins​t\spuninst.exe"
 Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUn​installKB941569$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUn​installKB946648$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUn​installKB950760$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUn​installKB950762$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUn​installKB950974$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUn​installKB951066$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUn​installKB951376$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$N​tUninstallKB951376-v2$\spunins​t\spuninst.exe"
 Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUn​installKB951698$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUn​installKB951748$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUn​installKB952004$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUn​installKB952954$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUn​installKB953839$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUn​installKB954211$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUn​installKB954459$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUn​installKB954600$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUn​installKB955069$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUn​installKB956391$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUn​installKB956572$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUn​installKB956744$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUn​installKB956802$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUn​installKB956803$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUn​installKB956841$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUn​installKB956844$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUn​installKB957095$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUn​installKB957097$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUn​installKB958644$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUn​installKB958687$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUn​installKB958690$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUn​installKB958869$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUn​installKB959426$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUn​installKB960225$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUn​installKB960715$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUn​installKB960803$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUn​installKB960859$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUn​installKB961371$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUn​installKB961373$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUn​installKB961501$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUn​installKB968537$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUn​installKB969059$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUn​installKB969898$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUn​installKB969947$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUn​installKB970238$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUn​installKB970430$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUn​installKB971486$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUn​installKB971557$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUn​installKB971633$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUn​installKB971657$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUn​installKB973346$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUn​installKB973354$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUn​installKB973507$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUn​installKB973525$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUn​installKB973869$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUn​installKB973904$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUn​installKB974112$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUn​installKB974318$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUn​installKB974392$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUn​installKB974571$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUn​installKB975025$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUn​installKB975467$\spuninst\spun​inst.exe"
 Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8up​dates\KB971930-IE8\spuninst\sp​uninst.exe"
 Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8up​dates\KB976749-IE8\spuninst\sp​uninst.exe"
 Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$N​tUninstallKB951072-v2$\spunins​t\spuninst.exe"
 Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUn​installKB951978$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUn​installKB955839$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUn​installKB961503$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUn​installKB967715$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUn​installKB968389$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUn​installKB971737$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUn​installKB973687$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUn​installKB973815$\spuninst\spun​inst.exe"
 Movies2iPhone .74b-->C:\Program Files\Movies2iPhone\uninst.exe
 Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
 MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5​E3257BD94}
 MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-696​9D703A9EF}
 MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5​DCDC52A71}
 MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C1​1F044BDEC}
 Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9​EAAB40999}
 Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-801​2808074AC}
 Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF6​3A86DA34F}
 Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B0​1276E5F8B}
 Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088​FAEA16FB2}
 Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-868​45787B54B}
 Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F​6B6E7356F}
 NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208​859000AF8}
 NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D79​51DA56270}
 neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-975​4A3E60F9B}
 NVIDIA Drivers-->C:\WINDOWS\system32\​nvuninst.exe UninstallGUI
 OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
 OpenOffice.org 2.4-->MsiExec.exe /I{2A1AA9CF-2E7D-4235-BDAB-8FA​4291DD5D8}
 Opera 10.10-->MsiExec.exe /X{690BE098-6D0D-493D-B079-BD7​E8F81A141}
 Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
 Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A0​93F35A238}
 QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B36​3A17588A2}
 Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-410​8-B7DD-039E11FBC27E}\setup.exe​" -l0x40c  -removeonly
 REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF​5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
 Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F​38FAFEE90}
 Search Settings 1.2.2-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E​6A222F0E1}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F​8D1E69FB7}
 SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
 SFR - Media Center-->C:\Program Files\SFR\Media Center\uninstall.exe
 Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB2​4763BBE36}
 SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-856​05420FE9D}
 TopSolid/Viewer 2006 by Missler Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{CC580AB7-45E4-48B​9-BBB0-CD00088F62EC}\Setup.exe​" -l0x40c
 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275​C4F3607} /qb+ REBOOTPROMPT=""
 VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4​595DD148B}
 VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.e​xe
 Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\s​puninst.exe"
 Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD​3A3F9DF41}
 Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189​800823F52}
 Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E90​5E91AC818}
 Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8​525FFA3B1}
 Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePack​Uninstall$\spuninst\spuninst.e​xe"

 =====HijackThis Backups=====

 O4 - HKLM\..\Run: [WSCS] "C:\WINDOWS\system32\wscs.exe" * [2009-02-13]
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe [2009-02-13]
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file) [2009-02-13]
 O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-12-26]
 O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\sv​chost.exe [2009-12-26]
 O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-12-26]
 R3 - Default URLSearchHook is missing [2009-12-26]

 ======Security center information======

 AV: Avira AntiVir PersonalEdition (disabled)

 ======System event log======

 Computer Name: MAGICHAZ-44631C
 Event Code: 7035
 Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

 Record Number: 14083042
 Source Name: Service Control Manager
 Time Written: 20091227212957.000000+060
 Event Type: Informations
 User: MAGICHAZ-44631C\supermagichaze

 Computer Name: MAGICHAZ-44631C
 Event Code: 7036
 Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

 Record Number: 14083041
 Source Name: Service Control Manager
 Time Written: 20091227212957.000000+060
 Event Type: Informations
 User:

 Computer Name: MAGICHAZ-44631C
 Event Code: 7036
 Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

 Record Number: 14083040
 Source Name: Service Control Manager
 Time Written: 20091227212952.000000+060
 Event Type: Informations
 User:

 Computer Name: MAGICHAZ-44631C
 Event Code: 7035
 Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

 Record Number: 14083039
 Source Name: Service Control Manager
 Time Written: 20091227212952.000000+060
 Event Type: Informations
 User: MAGICHAZ-44631C\supermagichaze

 Computer Name: MAGICHAZ-44631C
 Event Code: 7036
 Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

 Record Number: 14083038
 Source Name: Service Control Manager
 Time Written: 20091227212952.000000+060
 Event Type: Informations
 User:

 =====Application event log=====

 Computer Name: MAGICHAZ-44631C
 Event Code: 12001
 Message:
 Record Number: 1153
 Source Name: usnjsvc
 Time Written: 20090114123111.000000+060
 Event Type:
 User:

 Computer Name: MAGICHAZ-44631C
 Event Code: 1800
 Message: Le service Centre de sécurité Windows a démarré.

 Record Number: 1152
 Source Name: SecurityCenter
 Time Written: 20090114031112.000000+060
 Event Type: Informations
 User:

 Computer Name: MAGICHAZ-44631C
 Event Code: 0
 Message:
 Record Number: 1151
 Source Name: gusvc
 Time Written: 20090114031103.000000+060
 Event Type: Informations
 User:

 Computer Name: MAGICHAZ-44631C
 Event Code: 4096
 Message:
 Record Number: 1150
 Source Name: Avira AntiVir
 Time Written: 20090114031102.000000+060
 Event Type: Informations
 User: AUTORITE NT\SYSTEM

 Computer Name: MAGICHAZ-44631C
 Event Code: 101
 Message: MsnMsgr (1776) Le moteur de base de données est arrêté.

 Record Number: 1149
 Source Name: ESENT
 Time Written: 20090113231811.000000+060
 Event Type: Informations
 User:

 ======Environment variables======

 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "Path"=%SystemRoot%\system32;%​SystemRoot%;%SystemRoot%\syste​m32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Fichiers communs\DivX Shared;C:\Program Files\QuickTime\QTSystem
 "windir"=%SystemRoot%
 "FP_NO_HOST_CHECK"=NO
 "OS"=Windows_NT
 "PROCESSOR_ARCHITECTURE"=x86
 "PROCESSOR_LEVEL"=15
 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
 "PROCESSOR_REVISION"=0304
 "NUMBER_OF_PROCESSORS"=2
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP
 "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava​.zip
 "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava​.zip

 -----------------EOF----------​-------







Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 28/12/2009 à 00:24:55  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Via Ajout/Suppres... des programmes du Panneau de Config., supprime :

 Adobe Reader 8.1.2, puis vide la Corbeille.

 Installe la dernière version : http://get.adobe.com/fr/reader/?promoid=DAGAU (sans la barre Google, si possible)

 ---
 Installe la dernière version de Java : http://www.java.com/fr/download/

 puis, redémarre le PC.

 ---
 Redémarre le PC en  mode sans échec  …
 -> méthode F8 (ou F5/F11 sur certains PC) de préférence
 
 ------------------------------​--------------
 Tu n' auras pas accès à Internet pendant le "mode sans échec".
 Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
 sur le "bureau" pour l' avoir à ta disposition.
 ------------------------------​--------------

 Ensuite, arrête le service Ad-Aware 2007 Service ou (aawservice) :

 Clique droit sur le Poste de travail, puis Gérer.
 Double-clique sur Services et Applications, puis double-clique sur Services.
 Dans la liste des services, cherche celui nommé précisément Ad-Aware 2007 Service ou (aawservice).
 Double-clique dessus.
 Vérifie que dans "Chemin d'accès des fichiers executables", tu as bien :

 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

 Si c'est le cas:
 Dans "Etat du service", clique sur Arrêter ;
 Dans "Type de démarrage", choisis Désactiver.
 Fais OK pour fermer toutes les fenêtres.


 Ferme toutes les fenêtres et applications.
 Relance HijackThis et clique sur > Do a system scan only puis, coche
 les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :

 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe  
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime  
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU..Run: [Skype] "C:Program FilesSkype\PhoneSkype.exe" /nosplash /minimized
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWi​FiService.exe (file missing)
 O23 - Service: Windows Server Colocation Service (WSCS) - Unknown owner - C:\WINDOWS\system32\wscs.exe (file missing)

 Ensuite, clique sur > Fix checked et valide par "Yes". Referme HijackThis.

 Lance CCleaner ...
 Clique sur > Analyser > Nettoyer, puis sur OK dans la fenêtre qui s' affiche.  
 (re)Lance le nettoyage et (re)confirme par OK.

 Lance un scan Malwarebytes et conserve le rapport pour le poster après un redémarrage du PC en mode normal ...

 Page :
1

Aller à :
 

Sujets relatifs
Probleme de blocage de mon pc apres quelques secondes PC long au démarrage + problème gestionnaire des tâches
après infection pc bug au démarrage en mode normal PC lent, virus ou trojan...
pc au ralenit PC trés lent au démarrage, dans l'utilisation et plantages
PC trés lent au démarrage, dans l'utilisation et plantages Pc qui rame
mon pc rame après plusieurs utilisateurs suite à une absence  
Plus de sujets relatifs à : PC qui ram de plus en plus

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
problème extinction 0
Probleme de blocage de mon pc apres quelques secondes 4
Infection Win32 : Mabezat [Wrm] et Mabezat-AM [Tri] 11
pubs intempestives [résolu] 8
PC long au démarrage + problème gestionnaire des tâches 0