DepanneTonPC, dépannage et aide informatique

Bienvenue : Connexion | Inscription
La date/heure actuelle est 21 Aoû 2008 à 18:34 FAQ | Rechercher | Membres | Groupes
pbm d'ouverture du Google
 
 
Poster un nouveau sujet   Répondre au sujet    DepanneTonPC Index du Forum -> Sécurité
Voir le sujet précédent :: Voir le sujet suivant  
Auteur Message
Aladin



Inscrit le: 22 Nov 2007
Messages: 73
MessagePosté le: 04 Mai 2008 à 23:40    Sujet du message: pbm d'ouverture du Google Répondre en citant
salut,

j'ai un pbm dans le site Google je pense que j'ai un petit spy qui tourne dans mon PC,

voici mon rapport de HIJACKTHIS:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:39:13, on 04/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,\s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International*
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\mmmxxsxx.dll
O20 - Winlogon Notify: iifdtqqo - C:\WINDOWS\
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (tuneup.defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 8020 bytes

merci d'avance
_________________
- Tu crois qu'il y a une vie sur la lune ?
- Évidemment il y a de la lumière  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Geronimo



Inscrit le: 27 Avr 2006
Messages: 92
Localisation: Dans mon tepee
MessagePosté le: 05 Mai 2008 à 16:08    Sujet du message: Répondre en citant
Bonjour Aladin

[*] Télécharge DSS (Deckard's System Scanner de Deckard) à partir de ce lien :
http://www.techsupportforum.com/sectools/Deckard/dss.exe Enregistre ce fichier sur le bureau

[*] Ferme toutes les applications en cours antivirus y compris (très important sinon le PC peut planter)

[*] Double-clique sur dss.exe pour lancer l'outil.

[*] S'il ne trouve pas HijackThis, clique sur Oui.

[*] Clique sur OK à chaque fois que cela sera demandé.

[*] L'analyse finie, un fichier texte s'affichera. Poste son contenu dans ta prochaine réponse.

[*] Le rapport se trouve ici : C:\Deckard\System Scanner\main.txt.  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Aladin



Inscrit le: 22 Nov 2007
Messages: 73
MessagePosté le: 05 Mai 2008 à 23:18    Sujet du message: Répondre en citant
Merci pour votre réponse,

quand le DSS a fini le travail il ma donner 2 rapports : le main.txt et extra.txt

voici le MAIN.TXT:


Deckard's System Scanner v20071014.68
Run by Alla Eddine on 2008-05-05 22:09:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
8: 2008-05-05 21:10:01 UTC - RP8 - Deckard's System Scanner Restore Point
7: 2008-05-05 20:27:02 UTC - RP7 - Windows Internet Explorer 7 installé.
6: 2008-05-05 20:25:20 UTC - RP6 - Installed Windows IDNMitigationAPIs.
5: 2008-05-05 20:24:47 UTC - RP5 - Installed Windows NLSDownlevelMapping.
4: 2008-05-05 20:24:08 UTC - RP4 - Installed Windows XP KB915865.


-- First Restore Point --
1: 2008-05-05 19:06:06 UTC - RP1 - Point de vérification système


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Alla Eddine.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:10:45, on 05/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\Alla Eddine\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Alla Eddine.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,\s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Gainward] C:\Program Files\XpertVision\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O8 - Extra context menu item: &download with &dap - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: download &all with dap - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: download all links with idm - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: download flv video content with idm - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: download with idm - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International*
O11 - Options group: [searching] Search from the Address bar
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\mmmxxsxx.dll
O20 - Winlogon Notify: iifdtqqo - C:\WINDOWS\
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (tuneup.defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9018 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080504-223248-140 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
backup-20080504-223248-243 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20080504-223248-276 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
backup-20080504-223248-496 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20080504-223248-579 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
backup-20080504-223248-659 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
backup-20080504-223248-777 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
backup-20080504-223248-895 O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuClearCache.html
backup-20080504-223248-905 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
backup-20080504-223248-911 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080504-223248-954 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R1 hwinterface - c:\windows\system32\drivers\hwinterface.sys <Not Verified; Logix4u; hwinterface Driver Version 1.1>
R2 tbpanel - c:\windows\system32\drivers\tbpanel.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
R3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
R3 DtvAudio - c:\windows\system32\drivers\dtvaudio.sys <Not Verified; TwinHan Provide; DTVAudio>
R3 DtvVideo - c:\windows\system32\drivers\dtvvideo.sys <Not Verified; TwinHan Provide; DTV Video Controller.>
R3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>

S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
S3 cardex - c:\windows\system32\drivers\tbpanel.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
S3 libusb0 (LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1) - c:\windows\system32\drivers\libusb0.sys <Not Verified; http://libusb-win32.sourceforge.net; LibUSB-Win32 - Kernel Driver>
S3 usb2vcom (USB Data Cable) - c:\windows\system32\drivers\usb2vcom.sys <Not Verified; USB World Technology Inc. http://www.usbworld.net; USB Data Cable>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 BlueSoleil Hid Service - c:\program files\ivt corporation\bluesoleil\btntservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-05-05 20:04:56 406 --a------ C:\WINDOWS\Tasks\Maintenance en 1 clic.job


-- Files created between 2008-04-05 and 2008-05-05 -----------------------------

2008-05-05 20:59:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-05 20:38:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-05 20:32:41 6656 --a------ C:\WINDOWS\system32\wincreate.exe
2008-05-05 20:16:10 0 d--hs---- C:\Documents and Settings\Alla Eddine\Recent
2008-05-05 20:09:14 0 d-------- C:\WINDOWS\LastGood.Tmp
2008-05-05 20:08:15 5306 --a------ C:\WINDOWS\system32\drivers\TBPanel.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2008-05-05 20:08:14 0 d-------- C:\Program Files\XpertVision
2008-05-05 20:04:55 0 d-------- C:\WINDOWS\Prefetch
2008-05-05 19:51:44 0 d-------- C:\Program Files\msn gaming zone
2008-05-04 22:31:17 0 d-------- C:\Program Files\Trend Micro
2008-05-04 22:28:55 0 d-------- C:\Program Files\Support Tools
2008-05-04 18:10:30 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\TuneUp Software
2008-05-04 18:10:18 0 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-05-04 18:09:59 0 d-------- C:\Program Files\TuneUp Utilities 2008
2008-05-04 18:09:25 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-01 20:45:40 36352 --a------ C:\WINDOWS\system32\mmmxxsxx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-01 20:44:13 2 --a------ C:\281866439
2008-04-29 21:21:34 0 d-------- C:\Program Files\Fichiers communs\Nero
2008-04-29 21:20:24 0 d-------- C:\Program Files\Fichiers communs\LightScribe
2008-04-29 21:18:33 364544 --a------ C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4>
2008-04-29 21:18:33 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2008-04-29 21:18:27 471040 --a------ C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-04-29 21:18:27 262144 --a------ C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-04-29 21:18:27 1568768 --a------ C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-04-29 21:18:25 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2008-04-29 21:18:18 0 d-------- C:\Program Files\Fichiers communs\Ahead
2008-04-29 21:18:16 0 d-------- C:\Program Files\Ahead
2008-04-28 22:51:39 22760 --a------ C:\WINDOWS\system32\drivers\usb2vcom.sys <Not Verified; USB World Technology Inc. http://www.usbworld.net; USB Data Cable>
2008-04-26 21:28:25 0 d-------- C:\Program Files\DAP
2008-04-25 21:41:07 0 d-------- C:\Program Files\Silabs
2008-04-25 21:40:43 0 d-------- C:\WINDOWS\system32\Silabs
2008-04-24 21:51:21 96645 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-04-24 21:51:21 87941 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-04-24 21:50:46 192544 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-04-24 21:50:46 9710880 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-24 21:50:46 0 d-------- C:\Program Files\Kaspersky Lab
2008-04-24 21:50:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-24 21:49:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-04-19 21:28:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Nokia
2008-04-19 21:27:59 0 d-------- C:\Program Files\MSXML 6.0
2008-04-19 21:24:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-04-19 20:38:51 0 d-------- C:\Program Files\Fichiers communs\LogoManager
2008-04-19 20:29:07 0 d-------- C:\Program Files\FMA 2
2008-04-19 20:29:07 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\FMA
2008-04-19 20:04:49 0 d-------- C:\Program Files\Fichiers communs\Motorola Shared
2008-04-19 20:04:49 0 d-------- C:\Program Files\Common Files
2008-04-19 19:32:35 0 d-------- C:\Program Files\ImTOO
2008-04-10 12:08:13 0 d-------- C:\Program Files\Intelore
2008-04-09 20:03:49 0 d-------- C:\Program Files\Passware
2008-04-09 18:49:54 0 d-------- C:\Program Files\ElcomSoft
2008-04-08 18:03:12 0 d-------- C:\Program Files\DVD Decrypter
2008-04-08 17:36:49 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\IDM
2008-04-08 17:36:42 0 d-------- C:\Program Files\Internet Download Manager
2008-04-06 20:55:48 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\NCH Swift Sound
2008-04-06 20:55:20 0 d-------- C:\Program Files\NCH Swift Sound
2008-04-06 20:07:22 0 d-------- C:\WINDOWS\system32\EWS


-- Find3M Report ---------------------------------------------------------------

2008-05-05 21:29:15 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\DMCache
2008-05-05 20:19:54 370414 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-05-05 20:19:54 49494 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-05-05 19:49:32 23016 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-05 19:49:11 0 d-------- C:\Program Files\Messenger
2008-05-05 18:51:04 0 d-------- C:\Program Files\Movie Maker
2008-05-04 18:09:25 0 d-------- C:\Program Files\Fichiers communs
2008-05-03 19:55:15 0 d-------- C:\Program Files\eMule
2008-05-03 19:54:22 0 d-------- C:\Program Files\Ubisoft
2008-05-03 18:45:36 0 d-------- C:\Program Files\Fichiers communs\Sage
2008-05-03 18:44:31 0 d-------- C:\Program Files\Fichiers communs\Ciel
2008-05-02 22:17:19 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\LimeWire
2008-05-01 21:36:36 0 d-------- C:\Program Files\Google
2008-04-28 23:43:11 0 d-------- C:\Program Files\MobiMB Mobile Media Browser
2008-04-27 22:43:05 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\Real
2008-04-26 12:14:35 0 d-------- C:\Program Files\Nokia
2008-04-25 22:17:47 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll <Not Verified; BitComet; BitComet BCTP Helper>
2008-04-25 22:10:34 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\ShoppingReport
2008-04-25 21:40:38 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-08 12:28:16 0 d-------- C:\Program Files\Zapu
2008-04-07 20:10:00 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\ma-config.com
2008-04-04 16:53:29 0 d-------- C:\Program Files\Magicbit
2008-04-03 21:34:07 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\Google
2008-04-01 12:46:32 1660 --a------ C:\WINDOWS\desctemp.dat
2008-03-29 20:44:26 0 d-------- C:\Program Files\Share_Accelerator_MM
2008-03-29 20:43:21 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\MegauploadToolbar
2008-03-27 15:19:45 0 d-------- C:\Program Files\Ciel
2008-03-25 22:29:54 203776 --a------ C:\WINDOWS\system32\clrviddc.dll <Not Verified; Iterated Systems, Inc.; ClearVideo Decoder DLL>
2008-03-25 22:19:35 0 d-------- C:\Program Files\Fichiers communs\xing shared
2008-03-25 22:19:27 0 d-------- C:\Program Files\Fichiers communs\Real
2008-03-25 19:53:12 0 d-------- C:\Program Files\DownloadToolz
2008-03-22 21:13:18 6120 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-03-22 21:13:17 64364 --a------ C:\WINDOWS\BricoPackUninst.cmd
2008-03-22 20:08:59 0 d-------- C:\Program Files\Thoosje Sidebar V2.3
2008-03-21 21:01:49 0 --a------ C:\WINDOWS\system32\suupdate.dat
2008-03-20 19:28:52 0 d-------- C:\Program Files\SuperCopier2
2008-03-19 21:36:45 0 d-------- C:\Program Files\WMV9_VCM
2008-03-19 20:07:45 0 d-------- C:\Program Files\s1clone
2008-03-18 18:55:32 0 d-------- C:\Program Files\Athan
2008-03-18 18:54:58 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-03-18 18:30:48 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-17 20:29:00 0 d-------- C:\Program Files\Fichiers communs\DVDVideoSoft
2008-03-17 20:28:56 0 d-------- C:\Program Files\DVDVideoSoft
2008-03-12 20:06:22 276480 --a------ C:\WINDOWS\system32\baksm.dll
2008-03-11 21:03:38 2097152000 --a------ C:\timeshift.dat
2008-03-10 13:15:53 0 d-------- C:\Program Files\MagicDownloadAccelerator
2008-03-09 23:19:21 0 d-------- C:\Program Files\speed-bit
2008-03-09 23:16:20 50688 --a------ C:\WINDOWS\system32\wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines>
2008-03-07 21:56:38 0 d-------- C:\Documents and Settings\Alla Eddine\Application Data\Grisoft
2008-02-12 17:45:08 62 --ahs---- C:\Documents and Settings\Alla Eddine\Application Data\desktop.ini
2008-02-12 17:02:20 0 -rahs---- C:\MSDOS.SYS
2008-02-12 17:02:20 0 -rahs---- C:\IO.SYS
2008-02-12 17:02:20 0 --a------ C:\CONFIG.SYS
2008-02-12 17:02:20 0 --a------ C:\AUTOEXEC.BAT


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
09/03/2008 23:58 1470488 --a------ C:\Program Files\speed-bit\tbspe1.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= C:\Program Files\speed-bit\tbspe1.dll [09/03/2008 23:58 1470488]

[-HKEY_CLASSES_ROOT\CLSID\{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [04/08/2004 03:32]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [02/11/2004 20:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [17/04/2004 12:41]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [13/04/2004 06:07]
"Athan"="C:\Program Files\Athan\Athan.exe" [06/09/2007 20:25]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [25/03/2008 22:18]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [08/02/2008 17:36]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [26/04/2008 21:28]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 10:50]
"Cmaudio"="cmicnfg.cpl" []
"Gainward"="C:\Program Files\XpertVision\TBPanel.exe" [13/09/2006 10:10]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [11/08/2006 14:43]
"nwiz"="nwiz.exe" [11/08/2006 14:43 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [11/08/2006 14:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [12/02/2008 19:55]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 05:54]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [10/01/2008 22:05]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43]

C:\Documents and Settings\Alla Eddine\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [18/03/2007 23:05:02]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,\s"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdtqqo]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\WINDOWS\system32\mmmxxsxx.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0115c511-e15a-11dc-8385-00194b8e1a63}]
autorun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04c90abd-db1b-11dc-8b9c-00194b8e1a63}]
autorun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c0a9e40-f380-11dc-b985-00194b8e1a63}]
autorun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c719ee8-f1a8-11dc-b97b-00194b8e1a63}]
AutoRun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fe46af9-f06e-11dc-b975-00194b8e1a63}]
AutoRun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{629256f9-d986-11dc-913e-00138fcd7b17}]
autorun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{68e899e9-da09-11dc-8b8e-00194b8e1a63}]
autorun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8af3f717-f84c-11dc-b99e-00194b8e1a63}]
AutoRun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8da3e001-0547-11dd-88c9-00194b8e1a63}]
AutoRun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e79c1d9e-d98a-11dc-8f4d-00194b8e1a63}]
AutoRun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f887e2f8-03fa-11dd-88c5-00194b8e1a63}]
AutoRun\command- wscript.exe .\.vbs
open\command- wscript.exe .\.vbs




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8300 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-05-05 22:12:18 ------------


et le EXTRA.TXT:


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professionnel (build 2600) SP 2.0
Architecture: X86; Language: French

CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of Memory in Use: 33%
Physical Memory (total/avail): 1022.79 MiB / 679.05 MiB
Pagefile Memory (total/avail): 2461.33 MiB / 2211.02 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1932.25 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 37.26 GiB total, 9.41 GiB free.
D: is Fixed (NTFS) - 37.27 GiB total, 12.77 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Hitachi HDS721680PLA380 - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Système de fichiers installable - 37.26 GiB - C:
\PARTITION1 - Étendu avec Inter. 13 étendue - 37.27 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

AV: Kaspersky Anti-Virus v7.0.1.325 (Kaspersky Lab) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\\Program Files\\Internet Download Manager\\IDMan.exe"="C:\\Program Files\\Internet Download Manager\\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:Bluetooth Application"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Alla Eddine\Application Data
CLIENTNAME=Console
CNVPATH=C:\Program Files\Systran\Cnv
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=PC-B67351FA98C0
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Alla Eddine
LOGONSERVER=\\PC-B67351FA98C0
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\Support Tools\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ALLAED~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ALLAED~1\LOCALS~1\Temp
USERDOMAIN=PC-B67351FA98C0
USERNAME=Alla Eddine
USERPROFILE=C:\Documents and Settings\Alla Eddine
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Alla Eddine (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Advanced IP Scanner v1.5 --> C:\Program Files\Advanced IP Scanner\uninstal.exe
Athan Basic 3.3 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Athan\irunin.ini"
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
BitComet 0.73 --> C:\Program Files\BitComet\uninst.exe
BitZipper 5.0.2 --> "C:\Program Files\BitZipper\unins000.exe"
BlueSoleil --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\setup.exe" -l0x40c
C-Media WDM Audio Driver --> C:\WINDOWS\system32\cmirmdrv.exe
Canon S200 --> C:\WINDOWS\system32\CNMCP3W.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S200 Installer\Inst\DeIsL1.isu" -pCanon S200-c"C:\BJPrinter\CNMWINDOWS\Canon S200 Installer\Inst\bjinst.dll
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE
DVD Decrypter 3.5.4.0 Fr --> C:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
floAt's Mobile Agent 2 --> "C:\Program Files\FMA 2\unins000.exe"
Free Video Dub version 1.2 --> "C:\Program Files\DVDVideoSoft\Free Video Dub\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Internet Download Manager --> C:\Program Files\Internet Download Manager\Uninstall.exe
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Ma-Config.com plugin --> MsiExec.exe /I{38C45BBD-2A0A-4173-9ABE-425B3C3FBE9C}
Megaupload Toolbar --> C:\Program Files\MegauploadToolbar\uninstall.exe
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
MobiMB Mobile Media Browser --> C:\Program Files\MobiMB Mobile Media Browser\_Unins.exe
Motorola Driver Installation 3.2.0 --> MsiExec.exe /I{D6A1E429-CCE1-4140-A615-710B806D12BA}
MSXML 6.0 Parser --> MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
Nero Suite --> C:\Program Files\Fichiers communs\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver --> MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
Nokia Flashing Cable Driver --> MsiExec.exe /X{A4E0CA0F-1903-440A-9B98-FEA6CB049999}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PowerDVD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Pro Evolution Soccer 6 --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1036
RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x40c REMOVE
s1clone --> C:\Program Files\s1clone\uninstall.exe
SAGEM F@st 3302 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4A975AC1-1E5B-43B7-B42B-6E617B39C936}\setup.exe" -l0x40c
ShopperReports --> C:\Program Files\ShoppingReport\Uninst.exe
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) --> C:\WINDOWS\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista --> "C:\Program Files\InstallShield Installation Information\{0A0A3308-5FF0-4749-A366-4BF5DB29E403}\setup.exe" -runfromtemp -l0x0009 -removeonly
speed-bit Toolbar --> C:\PROGRA~1\SPEED-~1\UNWISE.EXE C:\PROGRA~1\SPEED-~1\INSTALL.LOG
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Switch --> C:\Program Files\NCH Swift Sound\Switch\uninst.exe
SYSTRAN PROfessional Premium --> C:\WINDOWS\unvise32.exe C:\Program Files\Systran\premium\uninstal.log
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Uninstall 1.0.0.0 --> "C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Support Tools --> MsiExec.exe /I{8398B542-3CC4-44D9-83DF-696CCE70124B}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XpertVision 4.6 --> "C:\Program Files\XpertVision\unins000.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type3179 / Error
Event Submitted/Written: 05/05/2008 08:14:30 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Application bloquée nwiz.exe, version 6.14.10.11048, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Event Record #/Type3167 / Warning
Event Submitted/Written: 05/05/2008 07:51:10 PM
Event ID/Source: 4353 / EventSystem
Event Description:
Le système d'événements de COM+ a tenté de déclencher l'événement EventObjectChange::ChangedSubscription mais a reçu un code d'erreur. HRESULT : 80040201.

Event Record #/Type3166 / Warning
Event Submitted/Written: 05/05/2008 07:51:10 PM
Event ID/Source: 4356 / EventSystem
Event Description:
Le système d'événements de COM+ n'a pas pu créer d'instance de l'abonné partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject a renvoyé HRESULT 80070422.

Event Record #/Type3165 / Warning
Event Submitted/Written: 05/05/2008 07:51:09 PM
Event ID/Source: 4353 / EventSystem
Event Description:
Le système d'événements de COM+ a tenté de déclencher l'événement EventObjectChange::ChangedSubscription mais a reçu un code d'erreur. HRESULT : 80040201.

Event Record #/Type3164 / Warning
Event Submitted/Written: 05/05/2008 07:51:09 PM
Event ID/Source: 4356 / EventSystem
Event Description:
Le système d'événements de COM+ n'a pas pu créer d'instance de l'abonné partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject a renvoyé HRESULT 80070422.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type6074 / Warning
Event Submitted/Written: 05/05/2008 10:09:38 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type6072 / Warning
Event Submitted/Written: 05/05/2008 09:54:10 PM
Event ID/Source: 8021 / BROWSER
Event Description:
L'explorateur n'a pas pu retrouver la liste des serveurs du maître explorateur \\PC sur le réseau \Device\NetBT_Tcpip_{46B71561-C7D0-4E87-AAE1-F03F55C623BD}.
La donnée est le code d'erreur.

Event Record #/Type6071 / Warning
Event Submitted/Written: 05/05/2008 09:30:09 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type6057 / Error
Event Submitted/Written: 05/05/2008 09:29:07 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Le service TuneUp Extension de thème n'a pas pu démarrer en raison de l'erreur :
%%1083

Event Record #/Type6039 / Warning
Event Submitted/Written: 05/05/2008 08:50:58 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.



-- End of Deckard's System Scanner: finished at 2008-05-05 22:12:18 ------------


et merci encore de votre aide.
_________________
- Tu crois qu'il y a une vie sur la lune ?
- Évidemment il y a de la lumière  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Geronimo



Inscrit le: 27 Avr 2006
Messages: 92
Localisation: Dans mon tepee
MessagePosté le: 06 Mai 2008 à 13:56    Sujet du message: Répondre en citant
Important Désactive TeaTimer le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO


- Démarre Spybot clique sur Mode coche Mode avancé
- A gauche clique sur Outils ==> Résident

- Décoche la case devant Résident "TeaTimer"
- Quitte Spybot


1/


- Clique sur Démarrer/Exécuter tape notepad clique sur Ok

- Surligne le texte en citation (sans le mot citation) copie/colle le dans le bloc notes.

Pas de ligne vide avant Windows Registry Editor Version 5.00


Citation:
Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"=-

[-HKEY_CLASSES_ROOT\CLSID\{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdtqqo]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=-

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0115c511-e15a-11dc-8385-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04c90abd-db1b-11dc-8b9c-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c0a9e40-f380-11dc-b985-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c719ee8-f1a8-11dc-b97b-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fe46af9-f06e-11dc-b975-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{629256f9-d986-11dc-913e-00138fcd7b17}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{68e899e9-da09-11dc-8b8e-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8af3f717-f84c-11dc-b99e-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8da3e001-0547-11dd-88c9-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e79c1d9e-d98a-11dc-8f4d-00194b8e1a63}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f887e2f8-03fa-11dd-88c5-00194b8e1a63}]


- Clique ensuite sur Fichier/Enregistrer sous
- Choisis le bureau comme lieu d'enregistrement
- A Type ===> Tous les fichiers
- Donne lui ce nom fixme.reg clique sur Enregistrer quitte le bloc notes


- Clic droit sur fixme.reg choisis Fusionner dans la liste, accepte la fusion avec le registre.


2/


- Télécharge OTMoveIt (de Old_Timer) http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe Enregistre ce fichier sur le Bureau.

- Double-clique sur OTMoveIt2.exe
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation (sans le mot citation) et, colle le dans le cadre de gauche de OTMoveIt nommé Paste Standart List of Files/Folders to move (Cadre bleu)

Citation:
C:\WINDOWS\system32\mmmxxsxx.dll
C:\Program Files\speed-bit


- Clique sur MoveIt! pour lancer la suppression.
- Lorsqu'un résultat apparaît dans le cadre Results clique sur Exit


Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.



- Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.



3/


- Fais un double clic sur le raccourci d'hijackthis qui est sur le Bureau.

- Clique sur Do a scan system and save log file
- Le bloc notes s'ouvrira avec le résultat su scan
- Dans le bloc notes menu Edition et Sélectionner tout puis menu Edition et Copier
- Clic droit dans ta prochaine réponse choisis coller.


Note : Au final tu as deux rapports à poster  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Aladin



Inscrit le: 22 Nov 2007
Messages: 73
MessagePosté le: 06 Mai 2008 à 22:16    Sujet du message: Répondre en citant
Salut,

j'ai fait exactement ce que tu ma demander

voici le rapport de Hijackthis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:12:44, on 06/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\XpertVision\TBPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,\s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Gainward] C:\Program Files\XpertVision\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O8 - Extra context menu item: &download with &dap - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: download &all with dap - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: download all links with idm - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: download flv video content with idm - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: download with idm - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International*
O11 - Options group: [searching] Search from the Address bar
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O20 - Winlogon Notify: iifdtqqo - C:\WINDOWS\
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (tuneup.defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 8800 bytes


le rapport de OTmovIt :

DllUnregisterServer procedure not found in C:\WINDOWS\system32\mmmxxsxx.dll
C:\WINDOWS\system32\mmmxxsxx.dll NOT unregistered.
C:\WINDOWS\system32\mmmxxsxx.dll moved successfully.
C:\Program Files\speed-bit moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05062008_210041
_________________
- Tu crois qu'il y a une vie sur la lune ?
- Évidemment il y a de la lumière  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Geronimo



Inscrit le: 27 Avr 2006
Messages: 92
Localisation: Dans mon tepee
MessagePosté le: 07 Mai 2008 à 6:34    Sujet du message: Répondre en citant
[*] Je te conseille d'imprimer cette réponse ou copie la dans un fichier texte que tu sauvegardera sur le

bureau, une partie de la désinfection se déroulera en mode sans échec sans prise en charge du réseau. L'accés à internet ne sera donc pas possible




=========================================




[*] Télécharge et installe :

- CCleaner http://www.sosordi.net/Telechargement/logiciel-147-ccleaner
- Lors de son installation décoche la case devant : Ajouter la Barre d'Outils Yahoo! CCleaner

[*] Démarre Ccleaner

- Clique sur Registre décoche la case devant Intégrité du registre

- Clique sur Nettoyeur
- Onglet Windows ne coche pas la case Avancé
- Onglet Applications laisse toutes les cases cochées
- Clique sur le bouton Analyse puis celle-ci finie sur Lancer le nettoyage



[*] Redémarre ton PC en mode sans échec



Citation:
Au redémarrage de ton PC tapote sur la touche F8 ou F5 sur l'écran

suivant déplace toi avec les les fléches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session

Administrateur




[*] Relance Hijackthis, clique sur Do a scan system only coche la case devant les lignes suivantes

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,\s
O2 - BHO: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O20 - Winlogon Notify: iifdtqqo - C:\WINDOWS\


- Ferme les fenêtres en cours sauf hijackthis, clique sur Fix checked


[*] Redémarre ton PC en mode normal poste :

- Un nouveau rapport Hijackthis  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Aladin



Inscrit le: 22 Nov 2007
Messages: 73
MessagePosté le: 08 Mai 2008 à 21:57    Sujet du message: Répondre en citant
Resalut,

voici le nouveau rapport de HJT :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:11, on 08/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\XpertVision\TBPanel.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,\s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Gainward] C:\Program Files\XpertVision\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O8 - Extra context menu item: ajouter à kaspersky anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: download all links with idm - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: download flv video content with idm - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: download with idm - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International*
O11 - Options group: [searching] Search from the Address bar
O16 - DPF: {215b8138-a3cf-44c5-803f-8226143cfc0a} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {556dde35-e955-11d0-a707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Internet Security 7.0 (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdauxservice) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdcoreservice) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TuneUp Drive Defrag Service (tuneup.defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 8828 bytes
_________________
- Tu crois qu'il y a une vie sur la lune ?
- Évidemment il y a de la lumière  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Geronimo



Inscrit le: 27 Avr 2006
Messages: 92
Localisation: Dans mon tepee
MessagePosté le: 09 Mai 2008 à 6:54    Sujet du message: Répondre en citant
Bonjour

- Relance Hijackthis, clique sur Do a scan sytem only coche la case devant les lignes suivantes

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,\s

- Clique sur Fixchecked

* As tu toujours des problèmes avec google  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Aladin



Inscrit le: 22 Nov 2007
Messages: 73
MessagePosté le: 09 Mai 2008 à 16:10    Sujet du message: Répondre en citant
salut Geronimo,

merci beaucoup de votre aide, j'ai pu acceder dans google et réinstaller sa barre,

j'ai fait une analyse générale avec le Doctor Spyware et le Kaspersky, j'ai trouvé une menace de 04 infections et j'ai les illiminer, maintenant je suis bien tranquille.

et merci encore.
_________________
- Tu crois qu'il y a une vie sur la lune ?
- Évidemment il y a de la lumière  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Geronimo



Inscrit le: 27 Avr 2006
Messages: 92
Localisation: Dans mon tepee
MessagePosté le: 09 Mai 2008 à 18:27    Sujet du message: Répondre en citant
- On va procéder au nettoyage des outils téléchargés
- Télécharge ToolsCleaner http://perso.orange.fr/AceRothstein/ToolsCleaner2.exe enregistre ce fichier sur le bureau

- Clique sur Recherche Patiente ...
- Le Scan terminé Clique sur Suppression
- Clique sur Quitter.
- Poste le contenu du rapport qui trouve dans C:\TCleaner.txt  
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé
Ajouter à : Scoopeo del.icio.us Digg this Technorati fuzz
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    DepanneTonPC Index du Forum -> Sécurité Toutes les heures sont au format GMT + 2 Heures
 
Page 1 sur 1 

 
Sauter vers:  

Vous ne pouvez pas poster de nouveaux sujets dans ce forum
Vous ne pouvez pas répondre aux sujets dans ce forum
Vous ne pouvez pas éditer vos messages dans ce forum
Vous ne pouvez pas supprimer vos messages dans ce forum
Vous ne pouvez pas voter dans les sondages de ce forum