Perte de FPS en Jeu-Log Hijackthis

[Julian84]

Salut à tous

 

Ca fait à peu près 2-3 jours que je tourne aux environs de 15-35 FPS sur Counter Strike Source, c'est vraiment pas fluide

ALors qu'avant j'avais une moyenne de 140FPS ou du moins 80-90

Voici ma config

 

=> Q6600 2.4Ghz

=> 9800GTX

 

Donc ma config n'est pas en cause

 

On m'a dit que c'était du a la poussière sur les composants ou un trojan dans mon PC...

 

Mon log HJT

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:34:42, on 27/12/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Search Settings\SearchSettings.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

C:\Program Files\Xfire\xfire.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\conime.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Hennuy Suzanne\Desktop\HiJackThis.exe

C:\Windows\system32\DllHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundTray] C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules Dualpix Chat and Show\Camservice.exe /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [FractalWP] C:\Program Files\FractalWP\FractalWP.exe -min

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: SetPointII.lnk = ?

O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Traduire (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 11315 bytes

 

 

 

 

 

Si c'est possible, virer des dossiers ou applications inutiles

 

Merci d'avance

Modifié le 17 janvier 2009 par Julian84

[Thanos]

salut

 

Le pc est effectivement infecté: utilise le programme suivant >>

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

• Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  
• Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  
• Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  
• Sélectionne "Exécuter un examen complêt"
  
• Clique sur "Rechercher"
  
• L'analyse démarre, le scan est relativement long, c'est normal.
  
• A la fin de l'analyse, un message s'affiche :

  L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  
• Ferme tes navigateurs.
  
• Si des malwares ont été détectés, clique sur Afficher les résultats.
  Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
  

[Julian84]

Wahou

 

Après 1h20 voici le rapport

 

=> Il m'a supprimé un Trojan.gen dans appdata/roaming...

 

Malwarebytes' Anti-Malware 1.31

Version de la base de données: 1550

Windows 6.0.6001 Service Pack 1

 

27/12/2008 21:19:06

mbam-log-2008-12-27 (21-19-06).txt

 

Type de recherche: Examen complet (C:\|D:\|)

Eléments examinés: 195807

Temps écoulé: 1 hour(s), 20 minute(s), 23 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 1

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\Users\Julian\AppData\Roaming\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Modifié le 27 décembre 2008 par Julian84

[Thanos]

ok: il na pas trouvé grand chose à se mettre sous la dent! Il y a autre chose à supprimer: poste moi le rapport suivant stp >>

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit
  

 

hi coolman

Modifié le 27 décembre 2008 par Thanos

[Julian84]

Logfile of random's system information tool 1.05 (written by random/random)

Run by Hennuy Suzanne at 2008-12-27 22:59:02

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1

System drive C: has 43 GB (18%) free of 235 GB

Total RAM: 3070 MB (63% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:59:26, on 27/12/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\AASP\1.00.40\aaCenter.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Search Settings\SearchSettings.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

C:\Program Files\Xfire\xfire.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Hennuy Suzanne\Desktop\RSIT.exe

C:\Program Files\trend micro\Hennuy Suzanne.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundTray] C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules Dualpix Chat and Show\Camservice.exe /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [FractalWP] C:\Program Files\FractalWP\FractalWP.exe -min

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: SetPointII.lnk = ?

O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Traduire (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 11794 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-04-30 1372160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-08-30 455960]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-21 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]

IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-21 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{95daa571-4def-4a6d-97d8-98a346672a24} - SYSTRAN Toolbar - C:\Windows\system32\mscoree.dll [2008-01-21 282112]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-06-06 1261568]

"SoundTray"=C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe [2007-05-21 49152]

"Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]

"CPU Power Monitor"=C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-09-06 626688]

"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]

"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-27 1261336]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-21 136600]

"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe []

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-07-17 55824]

"Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2007-07-18 1687824]

"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2007-07-18 2094352]

"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 1848648]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-11-12 13675040]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-11-12 92704]

"CamserviceHD"=C:\Program Files\Hercules\Hercules Dualpix Chat and Show\Camservice.exe [2007-12-11 73728]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"FractalWP"=C:\Program Files\FractalWP\FractalWP.exe -min []

"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-04-30 22058792]

"AdobeBridge"= []

"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetpointII.exe

 

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

Outil de notification Live Search.lnk - C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

Xfire.lnk - C:\Program Files\Xfire\xfire.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="avgrsstx.dll"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79db8394-3544-11dd-8318-001d60d6e44c}]

shell\AutoRun\command - F:\Autorun.exe

 

 

======List of files/folders created in the last 1 months======

 

2008-12-27 19:57:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-12-25 19:36:20 ----D---- C:\Program Files\EdenSoftware

2008-12-21 18:47:48 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\2K Sports

2008-12-21 13:16:58 ----A---- C:\Windows\system32\deploytk.dll

2008-12-21 13:16:57 ----A---- C:\Windows\system32\javaws.exe

2008-12-21 13:16:57 ----A---- C:\Windows\system32\javaw.exe

2008-12-21 13:16:57 ----A---- C:\Windows\system32\java.exe

2008-12-20 20:39:49 ----D---- C:\Program Files\LimeWire

2008-12-20 19:54:52 ----D---- C:\Program Files\QuickTime

2008-12-20 19:08:33 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Desktopicon

2008-12-18 23:43:56 ----A---- C:\Windows\system32\mshtml.dll

2008-12-17 18:44:49 ----D---- C:\Program Files\Microsoft Silverlight

2008-12-17 18:44:34 ----D---- C:\Program Files\Microsoft Office Outlook Connector

2008-12-17 18:42:19 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2008-12-17 18:39:39 ----D---- C:\Program Files\Microsoft

2008-12-17 18:39:18 ----D---- C:\Program Files\Windows Live SkyDrive

2008-12-17 18:29:25 ----D---- C:\Program Files\Common Files\Windows Live

2008-12-12 15:40:15 ----A---- C:\Windows\system32\VB5DB.DLL

2008-12-12 11:58:34 ----A---- C:\Windows\system32\tzres.dll

2008-12-11 22:23:23 ----A---- C:\Windows\system32\Apphlpdm.dll

2008-12-11 22:23:22 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2008-12-11 22:21:33 ----A---- C:\Windows\system32\gdi32.dll

2008-12-11 22:20:26 ----A---- C:\Windows\system32\shell32.dll

2008-12-11 22:20:02 ----A---- C:\Windows\explorer.exe

2008-12-11 22:19:54 ----A---- C:\Windows\system32\urlmon.dll

2008-12-11 22:19:54 ----A---- C:\Windows\system32\ieframe.dll

2008-12-11 22:19:53 ----A---- C:\Windows\system32\wininet.dll

2008-12-11 22:19:52 ----A---- C:\Windows\system32\mstime.dll

2008-12-11 22:19:52 ----A---- C:\Windows\system32\iertutil.dll

2008-12-11 22:19:51 ----A---- C:\Windows\system32\jsproxy.dll

2008-12-11 22:19:46 ----A---- C:\Windows\system32\mf.dll

2008-12-11 22:19:45 ----A---- C:\Windows\system32\WMVCORE.DLL

2008-12-11 22:19:44 ----A---- C:\Windows\system32\WMNetMgr.dll

2008-12-11 22:19:44 ----A---- C:\Windows\system32\logagent.exe

2008-12-11 21:37:44 ----A---- C:\Windows\system32\xfcodec.dll

2008-12-06 21:51:52 ----D---- C:\Windows\system32\xlive

2008-12-06 21:51:51 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE

2008-12-06 20:55:13 ----D---- C:\Program Files\Rockstar Games

2008-12-06 18:16:47 ----A---- C:\Windows\ffmpeg.exe

2008-12-06 18:16:41 ----A---- C:\Windows\system32\OVCamUVC_Ext.dll

2008-12-06 18:16:33 ----D---- C:\Windows\system32\HWC HD

2008-12-06 18:16:33 ----D---- C:\Program Files\Hercules

2008-12-03 19:45:58 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Webcammax

2008-12-02 22:37:20 ----A---- C:\Windows\system32\sirenacm.dll

2008-12-01 22:43:44 ----A---- C:\Windows\system32\MSVCR70.DLL

2008-12-01 20:00:27 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Megaupload

2008-12-01 18:36:52 ----D---- C:\Program Files\Megaupload

2008-12-01 17:05:53 ----HD---- C:\ProgramData\CanonBJ

2008-11-28 20:07:03 ----A---- C:\Windows\nfsc_patch.ini

2008-11-28 19:58:36 ----D---- C:\ProgramData\Trymedia

 

======List of files/folders modified in the last 1 months======

 

2008-12-27 22:59:26 ----D---- C:\Windows\Temp

2008-12-27 22:59:09 ----D---- C:\Program Files\Trend Micro

2008-12-27 22:57:51 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Skype

2008-12-27 21:48:41 ----D---- C:\Program Files\Steam

2008-12-27 21:47:04 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\skypePM

2008-12-27 20:48:03 ----SHD---- C:\System Volume Information

2008-12-27 19:57:21 ----D---- C:\Windows\system32\drivers

2008-12-27 19:57:17 ----D---- C:\Program Files

2008-12-27 19:32:58 ----D---- C:\ProgramData\2DBoy

2008-12-27 19:26:42 ----SHD---- C:\Windows\Installer

2008-12-27 15:42:15 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Xfire

2008-12-27 00:33:17 ----D---- C:\Windows\Prefetch

2008-12-26 22:10:02 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\LimeWire

2008-12-26 19:26:31 ----AD---- C:\ProgramData\TEMP

2008-12-24 21:50:33 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Apple Computer

2008-12-23 18:52:20 ----RSD---- C:\Windows\Fonts

2008-12-23 13:56:21 ----D---- C:\Temp

2008-12-23 13:13:58 ----D---- C:\Program Files\AbiSuite2

2008-12-23 13:05:21 ----D---- C:\Program Files\Mozilla Firefox

2008-12-23 00:35:12 ----D---- C:\Windows\System32

2008-12-23 00:35:12 ----D---- C:\Windows\inf

2008-12-23 00:35:12 ----A---- C:\Windows\system32\PerfStringBackup.INI

2008-12-22 15:08:44 ----D---- C:\Program Files\Electronic Arts

2008-12-22 15:08:30 ----HD---- C:\Program Files\InstallShield Installation Information

2008-12-21 13:16:37 ----D---- C:\Program Files\Java

2008-12-21 12:09:03 ----D---- C:\ProgramData\TrackMania

2008-12-20 19:54:57 ----D---- C:\Program Files\Common Files\Apple

2008-12-18 23:44:19 ----D---- C:\Windows\winsxs

2008-12-18 23:44:09 ----D---- C:\Windows\system32\catroot2

2008-12-18 23:44:09 ----D---- C:\Windows\system32\catroot

2008-12-17 18:52:42 ----D---- C:\Windows\Microsoft.NET

2008-12-17 18:52:15 ----RSD---- C:\Windows\assembly

2008-12-17 18:44:34 ----D---- C:\Program Files\Common Files\System

2008-12-17 18:44:05 ----D---- C:\Program Files\Windows Live

2008-12-17 18:43:42 ----D---- C:\Windows

2008-12-17 18:40:38 ----D---- C:\Windows\SoftwareDistribution

2008-12-17 18:39:23 ----D---- C:\Program Files\Common Files\microsoft shared

2008-12-17 18:29:25 ----D---- C:\Program Files\Common Files

2008-12-17 18:29:12 ----SD---- C:\ProgramData\Microsoft

2008-12-17 18:28:44 ----SD---- C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft

2008-12-17 13:20:11 ----D---- C:\ProgramData\Xfire

2008-12-16 12:05:11 ----HD---- C:\$AVG8.VAULT$

2008-12-16 10:11:50 ----D---- C:\Program Files\Xfire

2008-12-12 15:30:17 ----RD---- C:\Users

2008-12-12 12:31:24 ----D---- C:\Windows\rescache

2008-12-12 12:07:37 ----D---- C:\Program Files\Windows Mail

2008-12-12 12:07:36 ----D---- C:\Windows\system32\fr-FR

2008-12-12 12:07:36 ----D---- C:\Windows\AppPatch

2008-12-12 12:06:37 ----D---- C:\ProgramData\Microsoft Help

2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe

2008-12-06 21:53:08 ----HD---- C:\ProgramData

2008-12-06 21:10:27 ----D---- C:\Program Files\Common Files\Steam

2008-12-06 18:11:41 ----D---- C:\Windows\Debug

2008-12-05 20:45:39 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\uTorrent

2008-12-03 15:27:59 ----D---- C:\ProgramData\NVIDIA

2008-12-03 14:35:15 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2008-12-03 14:35:15 ----D---- C:\Program Files\AGEIA Technologies

2008-12-02 18:10:28 ----A---- C:\Windows\NeroDigital.ini

2008-12-01 18:09:55 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Download Manager

2008-11-28 19:47:12 ----SD---- C:\Windows\Downloaded Program Files

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-18 12664]

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-08-30 97928]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-07-03 26824]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE; C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-11-22 1121536]

R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-07-18 342528]

R3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-07-17 34960]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-07-17 36240]

R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-11-12 7611360]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-05-24 246784]

S3 abds2hsb;abds2hsb; C:\Windows\system32\drivers\abds2hsb.sys []

S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []

S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []

S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]

S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]

S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]

S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]

S3 camfilt2;Hercules Filter Driver; C:\Windows\System32\Drivers\camfilt2.sys [2007-12-10 98304]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys [2008-08-20 85969]

S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-07-13 25280]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []

S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]

S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]

S3 RT61;D-Link Wireless Driver; C:\Windows\system32\DRIVERS\RT61.sys [2007-10-19 286208]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]

S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]

S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]

S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]

S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []

S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-06-07 86016]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]

R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-30 231704]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-11-12 207392]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]

R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-05 104944]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-21 33800]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-17 655624]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]

 

-----------------EOF-----------------

 

 

info.txt logfile of random's system information tool 2008-09-03 18:25:53

 

Uninstall list

 

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL

-->C:\Windows\UNNeroShowTime.exe /UNINSTALL

-->C:\Windows\UNNeroVision.exe /UNINSTALL

-->C:\Windows\UNRecode.exe /UNINSTALL

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x40c

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL

Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe

Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}

Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}

Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}

Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log

AI Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c

Allok MOV Converter 3.4.0423-->"C:\Program Files\Allok MOV Converter\unins000.exe"

Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}

Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL

AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"

Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}

Composants Internet Partagés de Westwood-->C:\Westwood\Internet\UnstllAP.EXE

Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}

er100LT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}

Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Host OpenAL (ADI)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x40c /remove

iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

LimeWire PRO 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"

Linksys Wireless-G PCI Network Adapter with SpeedBooster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAE4A00B-D290-4B65-8287-B82A80FC0619}\setup.exe" -l0x40c

Logitech GamePanel Software 2.00-->MsiExec.exe /X{948BE614-F37B-4A73-AD43-0245F23C110D}

Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG

Logitech SetPoint 5.00-->MsiExec.exe /I{D3120436-1358-4253-9EB2-257FFE8CE1D9}

Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

MetaProducts Download Express-->C:\Program Files\Download Express\dep.exe /UnInstall

Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Nero 7 Essentials-->MsiExec.exe /X{B28B351F-1232-46EA-85EF-B8EA91641036}

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}

Package de pilotes Windows - Philips Pinnacle Systems PCTV 3010ix, 7010ix (10/27/2006 1.0.3.3)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv716x.inf_38c010dc\pctv716x.inf

Package de pilotes Windows - Pinnacle Systems PCTV 100e/320e Audio (01/29/2007 5.7.0129.0)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctvempa.inf_04079692\pctvempa.inf

Package de pilotes Windows - Pinnacle Systems PCTV 100i,110i,300i,310i, MCE (11/22/2006 1.3.3.5)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv713xi.inf_1f75d240\pctv713xi.inf

Package de pilotes Windows - Pinnacle Systems PCTV 320cx (02/26/2007 3.0.3.3)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv320cx.inf_a2ee5007\pctv320cx.inf

Package de pilotes Windows - Pinnacle Systems PCTV 320cx Infrared receiver (11/03/2006 2.0.1)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv320cxir.inf_2d82cc35\pctv320cxir.inf

Package de pilotes Windows - Pinnacle Systems PCTV 70e/100e/160e/170e/320e/330e/800e (01/29/2007 5.7.0129.0)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctvempv.inf_55242ca7\pctvempv.inf

Package de pilotes Windows - Pinnacle Systems PCTV 71e (09/28/2006 6.9.28.4)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\af15bda.inf_a6f383a0\af15bda.inf

Package de pilotes Windows - Pinnacle Systems Pinnacle Systems PCTV 310c (06/02/2006 3.0.1.1)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv310cav.inf_eb9f3f58\pctv310cav.inf

Package de pilotes Windows - Pinnacle Systems Pinnacle Systems PCTV 310c (06/02/2006 3.0.1.1)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv310ctv.inf_ae7fa3fd\pctv310ctv.inf

PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"

Pinnacle PCTV MCE-->MsiExec.exe /X{FD54066C-59C6-475B-B8A0-A0D26969D8E2}

PSP Video 9 1.74-->C:\Program Files\pspvideo9\uninst.exe

QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}

Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}

Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}

Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}

Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe -runfromtemp -l0x040c -removeonly

Source Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/205

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"

TrackMania Nations Forever-->"C:\Program Files\Steam\steam.exe" steam://uninstall/11020

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Office 2007 (KB946691)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}

Video Converter 3-->C:\Program Files\Micro Application\Video Convertisseur\Uninstall.exe

VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe

WebCam for MSN Messenger-->Rundll32.exe setupapi,InstallHinfSection DefaultUnInstall 128 C:\Windows\INF\Athena.inf

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

 

Security center information

 

AV: AVG Anti-Virus Free

AS: AVG Anti-Virus Free (disabled)

AS: Windows Defender

 

Environment variables

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel

"PROCESSOR_REVISION"=0f0b

"NUMBER_OF_PROCESSORS"=4

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

 

-----------------EOF-----------------

[Thanos]

ok: la suite >

 

Commence par désactiver l'UAC comme ceci avant de continuer (réactive le une fois les opérations terminées)

C'est expliqué ici >> http://www.zebulon.fr/astuces/220-desactiv...dans-vista.html

 

1°) Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

 

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

 

O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)

 

O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

-Ferme tous les programmes et clique sur "Fix Checked"

 

2°) Après ca, élimine le dossier suivant >> C:\Program Files\Search Settings

 

3°) Rend toi sur cette page afin de télécharger le fichier kill.reg sur ton Bureau => http://senduit.com/86a748

Patiente une seconde: le téléchargement va se lancer automatiquement.

 

Double-clique sur le fichier: au message qui s'affiche, clique sur OK pour faire fusionner le fichier avec le registre. Elimine le fichier une fois l'opération effectuée.

 

Poste un nouveau rapport hijackthis

[Julian84]

Hop

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:42:28, on 27/12/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Hennuy Suzanne\Desktop\HiJackThis.exe

C:\Windows\explorer.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\DllHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll (file missing)

O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundTray] C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules Dualpix Chat and Show\Camservice.exe /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [FractalWP] C:\Program Files\FractalWP\FractalWP.exe -min

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: SetPointII.lnk = ?

O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Traduire (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 10971 bytes

 

 

Edit: Je vois tojours la ligne O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

 

Pourtant je l'ai bien fixée...

 

Erf :/

Modifié le 27 décembre 2008 par Julian84

[Thanos]

On va automatiser ça à l'aide de ce petit programme >

 

1°) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

• Lance l'installation du programme en exécutant le fichier téléchargé.
  
• Double-clique maintenant sur le raccourci de Toolbar-S&D.
  
• Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  
• Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  
• Poste le rapport généré. (C:\TB.txt)
  

2°) Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".

! Ne ferme pas la fenêtre lors de la suppression !

Un rapport sera généré, poste son contenu ici.

 

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.

Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."

Tape explorer puis valide.

 

Poste les deux rapports stp ainsi qu'un nouveau rapport hijackthis

[Julian84]

1°) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

 

* Lance l'installation du programme en exécutant le fichier téléchargé.

* Double-clique maintenant sur le raccourci de Toolbar-S&D.

* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.

* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

* Poste le rapport généré. (C:\TB.txt)

________________________________________

 

-----------\\ ToolBar S&D 1.1.0 XP/Vista

 

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1

X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz )

BIOS Date: 10/11/07 14:31:40 Ver: 08.00.12

USER : Julian ( Administrator )

BOOT : Normal boot

 

"C:\ToolBar SD" ( MAJ : 19-08-2008|15:08 )

Option : [1] ( dim. 28/12/2008| 0:27 )

 

[ UAC => 0 ]

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\Windows\\system32\\blank.htm"

"Search Page"="http://www.google.com"'>http://www.google.com"

"Start Page"="http://fr.msn.com/"'>http://fr.msn.com/"

"Search Bar"="http://www.google.com/ie"'>http://www.google.com/ie"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"'>http://go.microsoft.com/fwlink/?LinkId=75720"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\HENNUY~1\AppData\Local\VirtualStore\Program Files\GoPets Ltd\Effect\motion\effect_all firecracke.EMT

C:\Users\HENNUY~1\AppData\Roaming\Adobe\Adobe Photoshop CS4\Presets\Brushes\cracksandwalls.abr

C:\Users\HENNUY~1\Jeux\GTA San Andreas\data\Decision\Craig\crack1.ped

C:\Users\HENNUY~1\Logiciels\KeyGen EA Games 185 Jeux - By Yurexa.exe.rar

 

 

[ UAC => 1 ]

 

-----------\\ Fin du rapport a 0:27:59,82

 

_______________________________________

 

LE RAPPORT DE SUPPRESSION

 

 

-----------\\ ToolBar S&D 1.1.0 XP/Vista

 

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1

X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz )

BIOS Date: 10/11/07 14:31:40 Ver: 08.00.12

USER : Julian ( Administrator )

BOOT : Normal boot

 

"C:\ToolBar SD" ( MAJ : 19-08-2008|15:08 )

Option : [2] ( dim. 28/12/2008| 0:29 )

 

[ UAC => 1 ]

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\Windows\\system32\\blank.htm"

"Search Page"="http://www.google.com"

"Start Page"="http://fr.msn.com/"

"Search Bar"="http://www.google.com/ie"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\HENNUY~1\AppData\Local\VirtualStore\Program Files\GoPets Ltd\Effect\motion\effect_all firecracke.EMT

C:\Users\HENNUY~1\AppData\Roaming\Adobe\Adobe Photoshop CS4\Presets\Brushes\cracksandwalls.abr

C:\Users\HENNUY~1\Jeux\GTA San Andreas\data\Decision\Craig\crack1.ped

C:\Users\HENNUY~1\Logiciels\KeyGen EA Games 185 Jeux - By Yurexa.exe.rar

 

 

[ UAC => 1 ]

 

-----------\\ Fin du rapport a 0:30:12,79

 

 

 

HIJACKTHIS

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 0:31:55, on 28/12/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\AASP\1.00.40\aaCenter.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\ehome\ehshell.exe

C:\Windows\system32\conime.exe

C:\Windows\explorer.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\HENNUY~1\Desktop\HiJackThis.exe

C:\Windows\system32\DllHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundTray] C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules Dualpix Chat and Show\Camservice.exe /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [FractalWP] C:\Program Files\FractalWP\FractalWP.exe -min

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Hennuy Suzanne\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: SetPointII.lnk = ?

O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Traduire (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)

O13 - Gopher Prefix:

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 11364 bytes

Modifié le 27 décembre 2008 par Julian84

[Thanos]

ok: juste une correction à effectuer >>

 

Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

 

O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)

-Ferme tous les programmes et clique sur "Fix Checked"

 

Petite info concernant ceci >>

C:\Users\HENNUY~1\AppData\Local\VirtualStore\Program Files\GoPets Ltd\Effect\motion\effect_all firecracke.EMT

C:\Users\HENNUY~1\AppData\Roaming\Adobe\Adobe Photoshop CS4\Presets\Brushes\cracksandwalls.abr

C:\Users\HENNUY~1\Jeux\GTA San Andreas\data\Decision\Craig\crack1.ped

C:\Users\HENNUY~1\Logiciels\KeyGen EA Games 185 Jeux - By Yurexa.exe.rar

Ce qui suit n'est pas pour faire la morale, mais vise plutôt à te faire prendre conscience des risques liés à l'utilisation des cracks/Keygen/serials et des logiciels P2P!! Pour t'en convaincre, lis ces topics très clairs:

 

*Article de Malekal concernant les cracks => http://forum.malekal.com/viewtopic.php?f=33&t=893

*Article de Ogu sur les fausses idées concernant le peer to peer => (clique sur l'image).

 

Les infections véhiculées pas le peer to peer sont une menace réelle!! par exemple le vers Worm.Win32_Sumom-A qui est un ver de messagerie instantanée et de réseaux peer-to-peer,se met dans le dossier incoming/Shared afin d'être expédié à toutes les personnes qui partagent tes téléchargements...=> http://www.virustraq.com/info_virus/10134/details/

Maintenant que tu sais, c'est à toi de voir... est ce que ca vaut le coup de risquer une grosse infection(et mettre tes données en peril)? La plupart des logiciels payants ont un équivalent en freeware.

 

Donc je te conseille vivement de les suprimer!

 

Redémarre ton pc et constate s'il y a du changement