bobby60100

bonjour a tous Pour mon problème tout est dans le titre voici un rapport hijack et combofix Pourriez vous me dire si vous trouver quelque chose en rapport avec mon probleme merci d'avance a tous Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:05:20, on 03/10/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\Explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O16 - DPF: {38D6D77C-5EC1-4A4A-AFEB-85FE780CD61A} (FontDownloaderIE Class) - http://www.qurancomplex.com/downloads/FontDown.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfi...fig_3_5_0_0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe -- End of file - 6405 bytes et pour combofix ComboFix 09-10-01.05 - nassbouss 03/10/2009 9:41.1.2 - NTFSx86 Microsoft® Windows Vista™ Édition Intégrale 6.0.6002.2.1252.33.1036.18.958.301 [GMT 2:00] Lancé depuis: c:\users\nassbouss\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\HarfDeleteFont.exe c:\windows\system32\oem9.inf . ((((((((((((((((((((((((((((( Fichiers créés du 2009-09-03 au 2009-10-03 )))))))))))))))))))))))))))))))))))) . 2009-10-03 07:56 . 2009-10-03 07:56 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-02 12:02 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2009-10-02 12:02 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2009-10-02 12:01 . 2009-10-02 12:01 -------- d-----w- c:\program files\iPod 2009-10-02 12:01 . 2009-10-02 12:02 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-02 12:01 . 2009-10-02 12:02 -------- d-----w- c:\program files\iTunes 2009-10-02 11:57 . 2009-10-02 11:58 -------- d-----w- c:\program files\QuickTime 2009-09-30 17:31 . 2009-09-30 17:31 -------- d-----w- c:\program files\Common Files\Ciel 2009-09-30 17:31 . 2009-09-30 18:24 -------- d-----w- C:\Données Ciel 2009-09-30 17:31 . 2009-09-30 17:31 -------- d-----w- c:\programdata\Ciel 2009-09-30 17:31 . 2009-09-30 17:31 -------- d-----w- c:\program files\Ciel 2009-09-25 20:12 . 2009-09-25 20:12 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-09-25 20:12 . 2009-09-25 20:12 -------- d-----w- c:\users\nassbouss\AppData\Local\Google 2009-09-25 20:12 . 2009-09-25 20:12 -------- d-----w- c:\windows\system32\IOSUBSYS 2009-09-25 20:11 . 2009-09-25 20:12 -------- d-----w- c:\program files\Google 2009-09-25 19:44 . 2009-09-25 19:59 -------- d-----w- c:\users\nassbouss\AppData\Roaming\Mavi 2009-09-25 19:44 . 2009-09-25 19:45 -------- d-----w- c:\programdata\Mavi 2009-09-25 19:44 . 2009-09-25 19:44 -------- d-----w- c:\program files\Mavi 2009-09-25 19:35 . 2009-09-25 19:41 -------- d-----w- c:\program files\PhotoFiltre 2009-09-22 19:50 . 2009-09-25 09:21 -------- d-----w- c:\program files\EA Sports 2009-09-19 11:12 . 2009-09-19 11:12 -------- d-----w- C:\Games 2009-09-18 10:38 . 2006-06-26 01:19 2388176 ----a-w- c:\windows\system\d3dx9_30.dll 2009-09-18 10:30 . 2009-09-18 10:30 -------- d-----w- c:\program files\KONAMI 2009-09-10 16:20 . 2009-09-10 16:20 -------- d-----w- c:\program files\Common Files\DivX Shared 2009-09-10 16:20 . 2009-09-10 16:22 -------- d-----w- c:\program files\DivX 2009-09-10 15:35 . 2009-09-10 15:35 -------- d-----w- c:\windows\Sun 2009-09-09 13:17 . 2009-09-09 13:17 -------- d-----w- c:\users\nassbouss\AppData\Roaming\OpenOffice.org 2009-09-09 13:12 . 2009-09-09 13:12 -------- d-----w- c:\program files\JRE 2009-09-09 13:12 . 2009-09-09 13:12 -------- d-----w- c:\program files\OpenOffice.org 3 2009-09-09 13:11 . 2009-09-09 13:10 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-09-09 13:10 . 2009-09-09 13:10 -------- d-----w- c:\program files\Java 2009-09-06 20:44 . 2009-09-06 20:45 -------- d-----w- c:\program files\SopCast . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-03 07:29 . 2009-04-11 16:33 669538 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-03 07:29 . 2009-04-11 16:33 123556 ----a-w- c:\windows\system32\perfc00C.dat 2009-10-03 07:24 . 2009-05-29 08:09 32251 ----a-w- c:\programdata\nvModes.dat 2009-10-02 12:05 . 2009-05-31 12:20 -------- d-----w- c:\users\nassbouss\AppData\Roaming\Apple Computer 2009-10-02 12:01 . 2009-05-31 12:18 -------- d-----w- c:\program files\Common Files\Apple 2009-09-30 17:29 . 2009-05-29 08:36 -------- d-----w- c:\program files\Common Files\InstallShield 2009-09-30 16:14 . 2009-05-29 09:51 -------- d-----w- c:\users\nassbouss\AppData\Roaming\GrabIt 2009-09-10 10:21 . 2009-06-11 09:46 70452 ---ha-w- c:\windows\system32\mlfcache.dat 2009-09-09 13:25 . 2009-05-29 07:11 45896 ----a-w- c:\users\nassbouss\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-31 17:41 . 2009-08-31 17:41 -------- d-----w- c:\program files\Common Files\xing shared 2009-08-31 17:41 . 2009-08-31 17:41 -------- d-----w- c:\program files\Common Files\Real 2009-08-31 17:41 . 2009-08-31 17:41 -------- d-----w- c:\program files\Real 2009-08-28 17:42 . 2009-08-28 17:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2009-08-28 17:42 . 2009-08-28 17:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-08-24 10:05 . 2009-08-24 10:05 -------- d-----w- c:\users\nassbouss\AppData\Roaming\Malwarebytes 2009-08-24 10:05 . 2009-08-24 10:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-24 10:05 . 2009-08-24 10:05 -------- d-----w- c:\programdata\Malwarebytes 2009-08-21 19:18 . 2009-08-21 19:18 -------- d-----w- c:\program files\CCleaner 2009-08-20 18:07 . 2009-08-20 18:07 -------- d-----w- c:\programdata\Blizzard Entertainment 2009-08-19 20:48 . 2009-08-19 20:48 -------- d-----w- c:\programdata\TVU Networks 2009-08-19 20:48 . 2009-08-19 20:48 -------- d-----w- c:\program files\TVUPlayer 2009-08-19 09:47 . 2009-05-31 13:20 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-08-18 15:16 . 2009-08-18 15:14 -------- d-----w- c:\program files\FlashGet 2009-08-18 15:15 . 2009-08-18 15:15 -------- d-----w- c:\users\nassbouss\AppData\Roaming\FlashGet 2009-08-14 08:31 . 2009-05-29 07:08 680 ----a-w- c:\users\nassbouss\AppData\Local\d3d9caps.dat 2009-08-09 14:19 . 2009-08-07 14:42 -------- d-----w- c:\programdata\Pinnacle 2009-08-09 14:15 . 2009-08-07 21:19 -------- d-----w- c:\program files\Pinnacle 2009-08-09 14:15 . 2009-05-29 08:37 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-07 14:58 . 2009-05-29 10:56 -------- d-----w- c:\programdata\CyberLink 2009-08-03 11:36 . 2009-08-24 10:05 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-03 11:36 . 2009-08-24 10:05 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-14 102400] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13605408] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 92704] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-23 176128] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-31 198160] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 149280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Pinnacle Streaming Server.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Pinnacle Streaming Server.lnk backup=c:\windows\pss\Pinnacle Streaming Server.lnk.CommonStartup backupExtension=.CommonStartup R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [31/05/2009 15:20 108289] S3 Ltn_stk7070P;PCTV based TV tuner device;c:\windows\System32\drivers\Ltn_stk7070P.sys [07/08/2009 16:52 466048] S3 Ltn_stkrc;PCTV Infrared Receiver;c:\windows\System32\drivers\Ltn_stkrc.sys [07/08/2009 16:52 13440] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/05/2009 14:37 234864] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . . ------- Examen supplémentaire ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab DPF: {38D6D77C-5EC1-4A4A-AFEB-85FE780CD61A} - hxxp://www.qurancomplex.com/downloads/FontDown.cab FF - ProfilePath - c:\users\nassbouss\AppData\Roaming\Mozilla\Firefox\Profiles\i7colwok.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\users\nassbouss\AppData\Roaming\Mozilla\Firefox\Profiles\i7colwok.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-PMCRemote - (no file) AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-03 09:56 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,3b,86,76,a3,de, eb,a4,cb,e2,63,26,f1,3f,c8,ff,68,53,dd,7b,fe,72,25,98,08,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,1e,c7,25,e5,76, 10,dc,2d,6a,9c,d6,61,af,45,84,18,c5,9c,54,dd,8c,75,86,6d,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,03,d0,d7,16,e4, aa,68,2c,ff,7c,85,e0,43,d4,0e,fe,5a,a5,3c,01,9f,29,a5,a3,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,a6,59,03,71,cb, b2,a8,64,86,8c,21,01,be,91,eb,e7,81,db,a6,bd,59,24,df,e1,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,71,9e,3c,3f,b5, 73,a3,34,f5,1d,4d,73,a8,13,5c,05,7d,dd,f4,d8,0b,94,a7,7b,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,96,cd,9c,bc,44, f7,ea,75,df,20,58,62,78,6b,cf,c8,67,1c,3f,44,51,d4,6e,39,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,c7,e8,be,95,ee, 8c,53,38,fb,a7,78,e6,12,2f,9a,ea,65,37,9c,e3,d3,9e,ac,6b,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,c9,a3,30,1a,0b, 7e,01,dd,01,3a,48,fc,e8,04,4a,f1,1e,22,2e,97,1d,29,a6,2e,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,39,35,3f,20,98, bc,24,85,f6,0f,4e,58,98,5b,89,c9,b9,f3,03,d1,ba,09,bc,94,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,ea,18,91,10,74, 60,75,23,3d,ce,ea,26,2d,45,aa,78,8b,20,64,f9,17,c3,15,21,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,63,d4,d6,88,d2, 8b,23,04,2a,b7,cc,b5,b9,7f,41,e7,30,27,08,31,39,bf,5c,1e,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\Windows\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:05,73,21,dd,54,d8,4a,c5,fc,ec,8f,6e,dc, ae,9c,14,6c,43,2d,1e,aa,22,2f,9c,18,df,49,02,4e,91,07,8b,6c,43,2d,1e,aa,22,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Heure de fin: 2009-10-03 9:59 ComboFix-quarantined-files.txt 2009-10-03 07:59 Avant-CF: 2 663 448 576 octets libres Après-CF: 3 558 965 248 octets libres 226 --- E O F --- 2009-06-23 07:36

pouvez vous me dire l'etat du log svp merci d'avance Logfile of HijackThis v1.99.1 Scan saved at 21:01:50, on 24/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Mixer.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [bDSwitchAgent] "C:\progra~1\softwin\bitdef~2\bdswitch.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [iPX Local Chat] C:\Program Files\Mattgo27 Apps\IPX Local Chat\Ipx Local Chat.exe O4 - HKCU\..\Run: [Go!Zilla] "C:\Program Files\Go!Zilla\gozilla.exe" /tray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {04F414E9-E352-4BC3-963D-7BFE5A5F31A9} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1064_XP.cab O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll MsgPlusLoader.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

deja merci pour votre rapidité ensuite ce qui manene c'est que j'ai du changer d'AV plusieur fois car kav 6.0 me bouf ma connection et depuis g des petit souci de connection lenteur probleme de jeu en reseau voila koi ps kel AV avg ou antivir vous me conseiller

salut pouver vous me dire si j'ai un souci ou pas merci d'avance a+ Logfile of HijackThis v1.99.1 Scan saved at 16:43:16, on 17/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Grisoft\AVG7\avgw.exe C:\Program Files\Grisoft\AVG7\avgwb.dat C:\Program Files\Grisoft\AVG7\avgcc.exe C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe