pcinfecté

merci pour tous ces liens, je vais le mettre dès cette semaine. Et en ce qui concerne mes infections? Pour toi c'est tout bon? Je n'ai plus qu'à mettre l'antivirus et tout rouleras comme au premier jour? S'il y a encore d'autres démarches à effectuer, n'hesites pas à me les dires.

Non, pas pour le moment mais je compte en mettre un très prochainement

ca a l'air d'être mieux maintenant peut etre comme tu dis precedemment il faudrait alleger le demarrage. J'ai peut être voulu aller trop vite et ca a buggé.

puis je quand même faire al manip decrite ci dessous: On pourra alléger le démarrage plus tard, si tu veux, ceci éliminera les restes d'infections. Relance HijackThis, clique sur "Do a system scan only" puis coche ceci et clique sur le bouton "Fix checked", en bas à gauche : Citation O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll (file missing) O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll (file missing) O20 - Winlogon Notify: awttqnlf - awttqnLf.dll (file missing)

ca rebuggue un max, IE et mozzila se bloquent et bloquent tout mon pc. Je suis obligé de l'eteindre en appuyant sur le bouton 3sec. l'ordi semble de nouveau "travailler en continu"

oh oui, cela va nettement mieux, j'arrive de nouveau à executer 2 taches en meme temps sans que le pc se bloque, sur internet, j'ai l'impression que les pages s'affichent plus vite. Y'a déjà beaucoup de mieux et surtout l'icone personal security a disparu du bureau. Voici comme demandé le nouveau rapport hijackthis fait après redémarrage. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:05, on 17/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\BOINC\boinctray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\BOINC\boincmgr.exe C:\Program Files\Auchan\Photogenie\dd.exe C:\Program Files\Neuf\Media Center\MediaCenter.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\Program Files\BOINC\boinc.exe C:\Documents and Settings\Richard\Bureau\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8800 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll (file missing) O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll (file missing) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [boinctray] "C:\Program Files\BOINC\boinctray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [boincmgr] "C:\Program Files\BOINC\boincmgr.exe" /a /s O4 - HKCU\..\Run: [Device Detection] C:\Program Files\Auchan\Photogenie\dd.exe O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: e-Backup 1.42 Scheduler.lnk = ? O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1264605864578 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_31.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O20 - Winlogon Notify: awttqnlf - awttqnLf.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Machine Debug Manager (MDM) - Pinnacle Systems GmbH - (no file) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe -- End of file - 9785 bytes

voici le rapport effectué par MBAM il a quand même trouvé 30fichiers infectés!!!! Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3749 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.11 17/02/2010 09:54:26 mbam-log-2010-02-17 (09-54-26).txt Type de recherche: Examen rapide Eléments examinés: 132198 Temps écoulé: 10 minute(s), 56 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 3 Fichier(s) infecté(s): 28 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e524163-8d00-46f3-b239-1f42d48c8ed0} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servises (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Documents and Settings\All Users\Application Data\SEC (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\PersonalSecUninstall (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\HelpAssistant\Bureau\Setup_257.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\Richard\Bureau\Setup_257.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temp\94.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temp\95.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temp\98.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temp\hinply.dll (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temp\nmRp.dll (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temp\Wnnk.dll (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\Richard\Local Settings\temp\nmRp.dll (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temporary Internet Files\Content.IE5\00FWGV29\eHff2d50beV0100f070006R2abd9f65102Tb456c347201l000cK24041e1930dP000301080[1 ] (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Local Settings\Temporary Internet Files\Content.IE5\OC4HQE0N\eHff2d50beV03005f35002R8dca5a93102Tb4544371Q000002fa901801F0020000aJ0700060 1l000cK9a2e2b5130dP000301080[1] (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\Richard\Local Settings\Temporary Internet Files\Content.IE5\00FWGV29\eHff2d50beV0100f070006R2abd9f65102Tb456c347201l000cK24041e1930dP000301080[1 ] (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\system32\spool\prtprocs\w32x86\12E.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec\Computer Scan.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec\Help.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec\Personal Security.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec\Registration.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec\Security Center.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec\Settings.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\PersonalSec\Update.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\PersonalSecUninstall\Uninstall.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Bureau\Personal Security.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\Richard\Bureau\Personal Security.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllcache\beep.sys (Fake.Beep.sys) -> Quarantined and deleted successfully. C:\WINDOWS\system32\oldvap.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant\Application Data\Microsoft\Internet Explorer\Quick Launch\PersonalSec.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\Richard\Application Data\Microsoft\Internet Explorer\Quick Launch\PersonalSec.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\restore.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

salut à tous, j'ai un ordinateurqui est multi infecté, il rame depuis longtemps, m'envoies sur des sites peu recommandables lorsque je clique sur des liens (recherche google par exemple) et en plus de tout, je sais qu'il y a personal Security installé sur ce pc. j'aimerais de l'aide pour enlever personal security et degrossir le noeudde pb qu'est mon pc. Voici le rapport Hijackthis.log que j'ai fait. En esperant qu'une ame charitable, experte et patiente veuille bien m'aider. Merci par avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:11, on 17/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\BOINC\boinctray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\BOINC\boincmgr.exe C:\Program Files\Auchan\Photogenie\dd.exe C:\Program Files\Neuf\Media Center\MediaCenter.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\Program Files\BOINC\boinc.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe C:\Program Files\Outlook Express\msimn.exe C:\Documents and Settings\Richard\Bureau\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8800 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll (file missing) O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll (file missing) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [boinctray] "C:\Program Files\BOINC\boinctray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [boincmgr] "C:\Program Files\BOINC\boincmgr.exe" /a /s O4 - HKCU\..\Run: [Device Detection] C:\Program Files\Auchan\Photogenie\dd.exe O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: e-Backup 1.42 Scheduler.lnk = ? O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1264605864578 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_31.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O20 - Winlogon Notify: awttqnlf - awttqnLf.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\Extrafilm Designer FR\EFUploadSrv.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Machine Debug Manager (MDM) - Unknown owner - (no file) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe -- End of file - 9832 bytes