tyziboo

ca y est mon pc est ok merci beaucoup de ton aide apollo

coucou le pc n'est toujours pas ok je t'envoie le rapport Avira AntiVir Personal Report file date: lundi 29 septembre 2008 13:12 Scanning for 1369550 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows Vista Windows version: (Service Pack 1) [6.0.6001] Boot mode: Normally booted Username: SYSTEM Computer name: PC-DE-PILLIARD Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 05:20:53 ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 09:24:47 Engineversion : 8.1.1.19 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.63 311673 Bytes 06/08/2008 13:13:47 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.0.20 418165 Bytes 24/04/2008 12:37:48 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 06:35:21 AEHEUR.DLL : 8.1.0.47 1368437 Bytes 06/08/2008 13:13:47 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.35 315764 Bytes 06/08/2008 14:38:47 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 08:33:21 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: lundi 29 septembre 2008 13:12 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'VSSVC.exe' - '1' Module(s) have been scanned Scan process 'conime.exe' - '1' Module(s) have been scanned Scan process 'ieuser.exe' - '1' Module(s) have been scanned Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned Scan process 'hpqste08.exe' - '1' Module(s) have been scanned Scan process 'Camfrog Video Chat.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'eRecoveryService.exe' - '1' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'RichVideo.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned Scan process 'MemCheck.exe' - '1' Module(s) have been scanned Scan process 'ehmsas.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'ehtray.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'mm_tray.exe' - '1' Module(s) have been scanned Scan process 'issch.exe' - '1' Module(s) have been scanned Scan process 'vVX1000.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'dwm.exe' - '1' Module(s) have been scanned Scan process 'ashServ.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SLsvc.exe' - '1' Module(s) have been scanned Scan process 'audiodg.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 66 processes with 66 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Master boot sector HD2 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Master boot sector HD3 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Master boot sector HD4 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '43' files ). Starting the file scan: Begin scan in 'C:\' <ACER> C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\ProgramData\Zylom\ZylomGamesPlayer\zylom\deliciouswinteredition\fr-FR\deliciouswinteredition.1.0.0.fr-FR.cab [0] Archive type: CAB (Microsoft) --> fmod.dll [WARNING] No further files can be extracted from this archive. The archive will be closed C:\ProgramData\Zylom\ZylomGamesPlayer\zylom\dinerdash2\fr-FR\dinerdash2.1.0.0.fr-FR.cab [0] Archive type: CAB (Microsoft) --> assets\playfirstlogo.png [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Users\All Users\Zylom\ZylomGamesPlayer\zylom\deliciouswinteredition\fr-FR\deliciouswinteredition.1.0.0.fr-FR.cab [0] Archive type: CAB (Microsoft) --> fmod.dll [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Users\All Users\Zylom\ZylomGamesPlayer\zylom\dinerdash2\fr-FR\dinerdash2.1.0.0.fr-FR.cab [0] Archive type: CAB (Microsoft) --> assets\playfirstlogo.png [WARNING] No further files can be extracted from this archive. The archive will be closed Begin scan in 'D:\' <DATA> End of the scan: lundi 29 septembre 2008 13:59 Used time: 46:52 Minute(s) The scan has been done completely. 21945 Scanning directories 391007 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 391005 Files not concerned 2048 Archives were scanned 10 Warnings 0 Notes

desole pour la conversation mais j'essaye tellement de comprendre ce que tu me dis en essayant de ne pas faire d'erreur qu'effectivement la conversation n'est pas terrible

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:39:21, on 29/09/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\vVX1000.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/s...te/certdgi1.cab O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www.photoweb.fr/telechargement/Photoweb_Uploader.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resou...NPUpldfr-fr.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/frame...geUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Game...ronGameHost.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{449AC132-DC57-4D2C-B5AE-8FCC28A59535}: NameServer = 205.188.146.145 O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 11533 bytes

Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1221 Windows 6.0.6001 Service Pack 1 29/09/2008 12:34:26 mbam-log-2008-09-29 (12-34-26).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 152056 Temps écoulé: 57 minute(s), 4 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Baidu (Adware.Cinmus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\baidu\bar (Adware.Cinmus) -> Quarantined and deleted successfully. C:\Casino (Adware.Casino) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelNE.exe (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelQC.exe (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelqx.exe (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelSlnchr.exe (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelUpdate.exe (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\The Weather Channel FW\Framework\WiseInstallUtility.dll (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\The Weather Channel FW\Framework\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\baidu\bar\BaiduBar.cab (Adware.Cinmus) -> Quarantined and deleted successfully. C:\Program Files\baidu\bar\baidubar_versionex.txt (Adware.Cinmus) -> Quarantined and deleted successfully.

Clean Navipromo version 3.6.5 commencé le 29/09/2008 à 11:03:19,35 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "pilliard" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows Vista 6.0.6001 Internet Explorer : 7.0.6001.18000 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\Windows\System32" * * Suppression dans "C:\Users\pilliard\AppData\Local\Microsoft" * * Suppression dans "C:\Users\pilliard\AppData\Local\virtualstore\windows\system32" * * Suppression dans "C:\Users\pilliard\AppData\Local" * immoc.exe trouvé ! Copie immoc.exe réalisée avec succès ! immoc.exe supprimé ! immoc.dat trouvé ! Copie immoc.dat réalisée avec succès ! immoc.dat supprimé ! immoc_nav.dat trouvé ! Copie immoc_nav.dat réalisée avec succès ! immoc_nav.dat supprimé ! immoc_navps.dat trouvé ! Copie immoc_navps.dat réalisée avec succès ! immoc_navps.dat supprimé ! *** Suppression dossiers dans "C:\Windows" *** *** Suppression dossiers dans "C:\Program Files" *** ...\Live-Player ...suppression... ...\Live-Player supprimé ! *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" *** ...\InternetGamebox ...suppression... ...\InternetGamebox supprimé ! ...\Live-Player ...suppression... ...\Live-Player supprimé ! *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" *** *** Suppression dossiers dans "C:\ProgramData" *** *** Suppression dossiers dans c:\users\pilliard\appdata\roaming\micros~1\windows\startm~1\programs *** *** Suppression dossiers dans "C:\Users\pilliard\AppData\Local\virtualstore\Program Files" *** ...\InternetGamebox ...suppression... ...\InternetGamebox supprimé ! *** Suppression dossiers dans "C:\Users\pilliard\AppData\Roaming" *** *** Suppression fichiers *** C:\Windows\pack.epk supprimé ! C:\Windows\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\Windows\Temp effectué ! Nettoyage contenu C:\Users\pilliard\AppData\Local\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\Windows\system32" * * Dans "C:\Users\pilliard\AppData\Local\Microsoft" * * Dans "C:\Users\pilliard\AppData\Local\virtualstore\windows\system32" * * Dans "C:\Users\pilliard\AppData\Local" * vxyrjixfh.dat trouvé ! Copie vxyrjixfh.dat réalisée avec succès ! vxyrjixfh.dat supprimé ! vxyrjixfh_nav.dat trouvé ! Copie vxyrjixfh_nav.dat réalisée avec succès ! vxyrjixfh_nav.dat supprimé ! vxyrjixfh_navps.dat trouvé ! Copie vxyrjixfh_navps.dat réalisée avec succès ! vxyrjixfh_navps.dat supprimé ! vxyrjixfh_navup.dat trouvé ! Copie vxyrjixfh_navup.dat réalisée avec succès ! vxyrjixfh_navup.dat supprimé ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 29/09/2008 à 11:08:45,20 ***

-----------\\ ToolBar S&D 1.2.1 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4600+ ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : pilliard ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080929-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total : 145 Go Free : 85 Go D:\ (Local Disk) - NTFS - Total : 145 Go Free : 144 Go E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) "C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 ) Option : [2] ( 29/09/2008|11:01 ) [ UAC => 1 ] -----------\\ SUPPRESSION Supprime! - C:\ProgramData\GamesBar\about.gif Supprime! - C:\ProgramData\GamesBar\action.gif Supprime! - C:\ProgramData\GamesBar\animal_agents16x16.gif Supprime! - C:\ProgramData\GamesBar\arcade.gif Supprime! - C:\ProgramData\GamesBar\BigCity_SF16x16.gif Supprime! - C:\ProgramData\GamesBar\buy.gif Supprime! - C:\ProgramData\GamesBar\cards.gif Supprime! - C:\ProgramData\GamesBar\deals.gif Supprime! - C:\ProgramData\GamesBar\diner_dash_hometown_hero16x16.gif Supprime! - C:\ProgramData\GamesBar\download.gif Supprime! - C:\ProgramData\GamesBar\dream_day_first_home16x16.gif Supprime! - C:\ProgramData\GamesBar\feedback.gif Supprime! - C:\ProgramData\GamesBar\fishdom16x16.gif Supprime! - C:\ProgramData\GamesBar\heart_of_egypt16x16.gif Supprime! - C:\ProgramData\GamesBar\help.gif Supprime! - C:\ProgramData\GamesBar\highlight.gif Supprime! - C:\ProgramData\GamesBar\jigsaw.gif Supprime! - C:\ProgramData\GamesBar\kids.gif Supprime! - C:\ProgramData\GamesBar\mahjong.gif Supprime! - C:\ProgramData\GamesBar\MahjongChina16x16.gif Supprime! - C:\ProgramData\GamesBar\mah_jong_quest_316x16.gif Supprime! - C:\ProgramData\GamesBar\miss_teri_tale16x16.gif Supprime! - C:\ProgramData\GamesBar\multiplayer.gif Supprime! - C:\ProgramData\GamesBar\mygames.gif Supprime! - C:\ProgramData\GamesBar\newGames.gif Supprime! - C:\ProgramData\GamesBar\oberonconfig.xm_ Supprime! - C:\ProgramData\GamesBar\partner.gif Supprime! - C:\ProgramData\GamesBar\peril_at_end_house16x16.gif Supprime! - C:\ProgramData\GamesBar\popup_off.gif Supprime! - C:\ProgramData\GamesBar\popup_on.gif Supprime! - C:\ProgramData\GamesBar\puzzle.gif Supprime! - C:\ProgramData\GamesBar\ranch_rush16x16.gif Supprime! - C:\ProgramData\GamesBar\search.gif Supprime! - C:\ProgramData\GamesBar\sendafriend.gif Supprime! - C:\ProgramData\GamesBar\sports.gif Supprime! - C:\ProgramData\GamesBar\supermarket_mania16x16.gif Supprime! - C:\ProgramData\GamesBar\trial.gif Supprime! - C:\ProgramData\GamesBar\uninstall.gif Supprime! - C:\ProgramData\GamesBar\update.gif Supprime! - C:\ProgramData\GamesBar\virtual_farm16x16.gif Supprime! - C:\ProgramData\GamesBar\webgame.gif Supprime! - C:\ProgramData\GamesBar\wedding_dash_216x16.gif Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\GamesBar Supprime! - C:\Program Files\GamesBar\Localization-French.ini Supprime! - C:\Program Files\GamesBar\oberontb.dll Supprime! - C:\Program Files\GamesBar\OBGet.exe Supprime! - C:\Program Files\GamesBar\uninst.exe Supprime! - C:\Program Files\MySearch\bar Supprime! - C:\ProgramData\GamesBar Supprime! - C:\Program Files\GamesBar Supprime! - C:\Program Files\MySearch -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.msn.com/"'>http://fr.msn.com/" "SEARCH PAGE"="http://recherche.neuf.fr/"'>http://recherche.neuf.fr/" "Local Page"="C:\\Windows\\system32\\blank.htm" "SearchMigratedDefaultURL"="http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7" "Search Bar"="http://recherche.neuf.fr/ie/default.html" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Default_Page_URL"="http://fr.msn.com/" "Default_Search_URL"="http://recherche.neuf.fr/" "Search Page"="http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com" "Search Bar"="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html" --------------------\\ Recherche d'autres infections [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vxyrjixfh"="c:\\users\\pilliard\\appdata\\local\\vxyrjixfh.exe vxyrjixfh" C:\Program Files\Live-Player C:\Program Files\Live-Player\data C:\Program Files\Live-Player\live-player.exe C:\Program Files\Live-Player\SkinCrafterDll.dll C:\Program Files\Live-Player\skins C:\Program Files\Live-Player\sqlite3.dll C:\Program Files\Live-Player\uninst.exe C:\Users\pilliard\AppData\Local\live-player C:\Users\pilliard\AppData\Local\live-player\flv.swf C:\Users\pilliard\AppData\Local\live-player\liveplayer.s3db C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Conditions g‚n‚rales.url C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Confidentialit‚.url C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\D‚sinstaller.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Live-Player.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Website.url C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Conditions g‚n‚rales.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Confidentialit‚.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\InternetGameBox.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Website.lnk C:\Windows\Pack.epk C:\Windows\System32\nvs2.inf C:\Users\pilliard\AppData\Local\immoc.dat C:\Users\pilliard\AppData\Local\immoc.exe C:\Users\pilliard\AppData\Local\immoc_nav.dat C:\Users\pilliard\AppData\Local\immoc_navps.dat C:\Users\pilliard\AppData\Local\vxyrjixfh.dat C:\Users\pilliard\AppData\Local\vxyrjixfh_nav.dat C:\Users\pilliard\AppData\Local\vxyrjixfh_navps.dat C:\Users\pilliard\AppData\Local\vxyrjixfh_navup.dat ==> EGDACCESS <== [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 29/09/2008|10:19 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 29/09/2008|11:04 - Option : [2] -----------\\ Fin du rapport a 11:04:39,06

ca y est j'y arrive j'attends les resultats SmitFraudFix v2.354 Scan done at 10:47:10,23, 29/09/2008 Run from C:\Windows\system32\SmitfraudFix OS: Microsoft Windows [version 6.0.6001] - Windows_NT The filesystem type is NTFS Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» Process C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\vVX1000.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe C:\Windows\RtHDVCpl.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\taskeng.exe C:\Users\pilliard\AppData\Local\immoc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe C:\Windows\system32\conime.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\ehome\ehsched.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Windows\system32\SmitfraudFix\Policies.exe C:\Windows\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\pilliard »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\pilliard\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\pilliard\FAVORI~1 »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, following keys are not inevitably infected!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, following keys are not inevitably infected!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, following keys are not inevitably infected!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, following keys are not inevitably infected!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, following keys are not inevitably infected!!! »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "LoadAppInit_DLLs"=dword:00000000 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\Windows\\system32\\userinit.exe," »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{449AC132-DC57-4D2C-B5AE-8FCC28A59535}: NameServer=205.188.146.145 HKLM\SYSTEM\CCS\Services\Tcpip\..\{F02C6852-4A8E-4995-9A62-AA6655A76234}: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End

je n'arrive pas a fare le 2 smitfraudfix je le telecharge je suis les instructions en mettant 1 search et apres il n se passe plus rien

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "pilliard" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows Vista 6.0.6001 Internet Explorer : 7.0.6001.18000 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\Windows" *** *** Recherche dossiers dans "C:\Program Files" *** ...\Live-Player trouvé ! *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" *** ...\InternetGameBox trouvé ! ...\Live-Player trouvé ! *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" *** *** Recherche dossiers dans "C:\ProgramData" *** *** Recherche dossiers dans "c:\users\pilliard\appdata\roaming\micros~1\windows\startm~1\programs" *** *** Recherche dossiers dans "C:\Users\pilliard\AppData\Local\virtualstore\Program Files" *** ...\InternetGameBox trouvé ! *** Recherche dossiers dans "C:\Users\pilliard\AppData\Roaming" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\Windows\system32" * * Recherche dans "C:\Users\pilliard\AppData\Local\Microsoft" * * Recherche dans "C:\Users\pilliard\AppData\Local\virtualstore\windows\system32" * * Recherche dans "C:\Users\pilliard\AppData\Local" * Fichiers trouvés : immoc.exe trouvé ! immoc.dat trouvé ! immoc_nav.dat trouvé ! immoc_navps.dat trouvé ! *** Recherche fichiers *** C:\Windows\pack.epk trouvé ! C:\Windows\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\Windows\system32" : * Dans "C:\Users\pilliard\AppData\Local\Microsoft" : * Dans "C:\Users\pilliard\AppData\Local\virtualstore\windows\system32" : * Dans "C:\Users\pilliard\AppData\Local" : immoc.dat trouvé ! immoc.exe trouvé ! immoc_nav.dat trouvé ! immoc_navps.dat trouvé ! vxyrjixfh.dat trouvé ! vxyrjixfh_nav.dat trouvé ! vxyrjixfh_navup.dat trouvé ! vxyrjixfh_navps.dat trouvé ! 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 29/09/2008 à 10:38:41,64 ***

-----------\\ ToolBar S&D 1.2.1 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4600+ ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : pilliard ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080929-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total : 145 Go Free : 85 Go D:\ (Local Disk) - NTFS - Total : 145 Go Free : 144 Go E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) "C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 ) Option : [1] ( 29/09/2008|10:19 ) [ UAC => 1 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\ProgramData\GamesBar C:\ProgramData\GamesBar\about.gif C:\ProgramData\GamesBar\action.gif C:\ProgramData\GamesBar\animal_agents16x16.gif C:\ProgramData\GamesBar\arcade.gif C:\ProgramData\GamesBar\BigCity_SF16x16.gif C:\ProgramData\GamesBar\buy.gif C:\ProgramData\GamesBar\cards.gif C:\ProgramData\GamesBar\deals.gif C:\ProgramData\GamesBar\diner_dash_hometown_hero16x16.gif C:\ProgramData\GamesBar\download.gif C:\ProgramData\GamesBar\dream_day_first_home16x16.gif C:\ProgramData\GamesBar\feedback.gif C:\ProgramData\GamesBar\fishdom16x16.gif C:\ProgramData\GamesBar\heart_of_egypt16x16.gif C:\ProgramData\GamesBar\help.gif C:\ProgramData\GamesBar\highlight.gif C:\ProgramData\GamesBar\jigsaw.gif C:\ProgramData\GamesBar\kids.gif C:\ProgramData\GamesBar\mahjong.gif C:\ProgramData\GamesBar\MahjongChina16x16.gif C:\ProgramData\GamesBar\mah_jong_quest_316x16.gif C:\ProgramData\GamesBar\miss_teri_tale16x16.gif C:\ProgramData\GamesBar\multiplayer.gif C:\ProgramData\GamesBar\mygames.gif C:\ProgramData\GamesBar\newGames.gif C:\ProgramData\GamesBar\oberonconfig.xm_ C:\ProgramData\GamesBar\partner.gif C:\ProgramData\GamesBar\peril_at_end_house16x16.gif C:\ProgramData\GamesBar\popup_off.gif C:\ProgramData\GamesBar\popup_on.gif C:\ProgramData\GamesBar\puzzle.gif C:\ProgramData\GamesBar\ranch_rush16x16.gif C:\ProgramData\GamesBar\search.gif C:\ProgramData\GamesBar\sendafriend.gif C:\ProgramData\GamesBar\sports.gif C:\ProgramData\GamesBar\supermarket_mania16x16.gif C:\ProgramData\GamesBar\trial.gif C:\ProgramData\GamesBar\uninstall.gif C:\ProgramData\GamesBar\update.gif C:\ProgramData\GamesBar\virtual_farm16x16.gif C:\ProgramData\GamesBar\webgame.gif C:\ProgramData\GamesBar\wedding_dash_216x16.gif C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\GamesBar C:\Program Files\GamesBar C:\Program Files\GamesBar\Localization-French.ini C:\Program Files\GamesBar\oberontb.dll C:\Program Files\GamesBar\OBGet.exe C:\Program Files\GamesBar\uninst.exe C:\Program Files\MySearch C:\Program Files\MySearch\bar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.msn.com/"'>http://fr.msn.com/"'>http://fr.msn.com/" "SEARCH PAGE"="http://recherche.neuf.fr/"'>http://recherche.neuf.fr/" "Local Page"="C:\\Windows\\system32\\blank.htm" "SearchMigratedDefaultURL"="http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7" "Search Bar"="http://recherche.neuf.fr/ie/default.html" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.msn.com/" "Default_Page_URL"="http://fr.msn.com/" "Default_Search_URL"="http://recherche.neuf.fr/" "Search Page"="http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com" "Search Bar"="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html" --------------------\\ Recherche d'autres infections [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vxyrjixfh"="c:\\users\\pilliard\\appdata\\local\\vxyrjixfh.exe vxyrjixfh" C:\Program Files\Live-Player C:\Program Files\Live-Player\data C:\Program Files\Live-Player\live-player.exe C:\Program Files\Live-Player\SkinCrafterDll.dll C:\Program Files\Live-Player\skins C:\Program Files\Live-Player\sqlite3.dll C:\Program Files\Live-Player\uninst.exe C:\Users\pilliard\AppData\Local\live-player C:\Users\pilliard\AppData\Local\live-player\flv.swf C:\Users\pilliard\AppData\Local\live-player\liveplayer.s3db C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Conditions g‚n‚rales.url C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Confidentialit‚.url C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\D‚sinstaller.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Live-Player.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Website.url C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Conditions g‚n‚rales.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Confidentialit‚.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\InternetGameBox.lnk C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Website.lnk C:\Windows\Pack.epk C:\Windows\System32\nvs2.inf C:\Users\pilliard\AppData\Local\immoc.dat C:\Users\pilliard\AppData\Local\immoc.exe C:\Users\pilliard\AppData\Local\immoc_nav.dat C:\Users\pilliard\AppData\Local\immoc_navps.dat C:\Users\pilliard\AppData\Local\vxyrjixfh.dat C:\Users\pilliard\AppData\Local\vxyrjixfh_nav.dat C:\Users\pilliard\AppData\Local\vxyrjixfh_navps.dat C:\Users\pilliard\AppData\Local\vxyrjixfh_navup.dat ==> EGDACCESS <== [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 29/09/2008|10:19 - Option : [1] -----------\\ Fin du rapport a 10:19:54,83

Bonjour Norton m'a detecte un trojan zlob J'ai utilise Hi jackthis dont je vous envoie le rapport mais je ne sais pas qouoi faire apres si quelqu'un peut m'aider!!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:20:10, on 29/09/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\vVX1000.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe C:\Windows\RtHDVCpl.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Users\pilliard\AppData\Local\immoc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [vxyrjixfh] c:\users\pilliard\appdata\local\vxyrjixfh.exe vxyrjixfh O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe O4 - HKCU\..\Run: [immoc] "c:\users\pilliard\appdata\local\immoc.exe" immoc O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/s...te/certdgi1.cab O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www.photoweb.fr/telechargement/Photoweb_Uploader.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resou...NPUpldfr-fr.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/frame...geUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Game...ronGameHost.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{449AC132-DC57-4D2C-B5AE-8FCC28A59535}: NameServer = 205.188.146.145 O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 12825 bytes