Redirection de pages web, log HT, virus ?Fermé

Question

Bonjour,

Lorsque je souhaite allé sur un site trouver par google ou autres, on me redirige vers d'autres sites qui n'ont aucun rapport avec ma recherche ( site type topsearch, bitin etc... ). Aussi j'ai remarqué que depuis peu, quand je clique sur un site trouvé par mon moteur de recherche, il y a une page qui affiche " NOT FOUND", pourtant le site existe vraiment. Du coup ma navigation internet et fortement perturbé. 
Avec ceci, de nombreuses fermetures d'explorer accompagne ce problème. 
J'ai deja fais une désinfection avec l'antivirus AVG. bien qu'il ai trouvé plusieurs virus, le problème persiste toujours... J'ai aussi deja tenté de réinstallé firefox. 

Voila le log Hijackthis si cela peut servir : 


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03:51, on 26/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Windows\System32undll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\System32\mspaint.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULA.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\system32\WerCon.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {01190129-60BE-4E8D-A935-6EFAF26EBA5f} - C:\Windows\System32\dispci32.dll (file missing)
O2 - BHO: (no name) - {0119012A-60BE-4E8D-A935-6EFAF26EBA5f} - C:\Windows\System32\CmdLineExt0332.dll (file missing)
O2 - BHO: (no name) - {019C54CE-377F-4A32-9531-4E6056880A70} - C:\Windows\System32\dispci32.dll (file missing)
O2 - BHO: (no name) - {02320255-60BE-4E8D-A935-6EFAF26EBA5f} - C:\Windows\System32\dispci32.dll (file missing)
O2 - BHO: (no name) - {02320256-60BE-4E8D-A935-6EFAF26EBA5f} - C:\Windows\System32\dispci32.dll (file missing)
O2 - BHO: (no name) - {036DC029-F6A1-457B-81DE-61369B1012Ca} - C:\Windows\System32\dispci32.dll (file missing)
O2 - BHO: (no name) - {046404AC-60BE-4E8D-A935-6EFAF26EBA5f} - C:\Windows\System32\dispci32.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SPC230NC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [SPC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1000 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Hireche')
O4 - S-1-5-21-2064053775-864123851-1056410832-1000 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Hireche')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 Startup: Notification de cadeaux MSN.lnk = C:\Users\Samy\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 User Startup: Notification de cadeaux MSN.lnk = C:\Users\Samy\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Samy')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: TrayMin230.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9b7a47dd0db68) (gupdate1c9b7a47dd0db68) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

Utilisateur anonyme · Answer

•	Bonjour 

•	Télécharge et installe : Malwarebyte’s Anti-Malware
•	(NB : S'il te manque"COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
•	A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
•	Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
•	Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
•	Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
•	A la fin du scan, clique sur Afficher les résultats
•	Coche tous les éléments détectés puis clique sur Supprimer la sélection
•	Enregistre le rapport
•	S'il t'est demandé de redémarrer, clique sur Yes
•	Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
•	Si tu as besoin d’aide regarde ce tutorial 
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

mounia93 · Answer

Merci pour ton intervention.

Voila le rapport : 

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3434
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18865

26/12/2009 18:54:18
mbam-log-2009-12-26 (18-54-18).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 397236
Temps écoulé: 2 hour(s), 7 minute(s), 20 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 57

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01190129-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01190129-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{019c54ce-377f-4a32-9531-4e6056880a70} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{019c54ce-377f-4a32-9531-4e6056880a70} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02320255-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{02320255-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02320256-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{02320256-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{036dc029-f6a1-457b-81de-61369b1012ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{036dc029-f6a1-457b-81de-61369b1012ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{046404ac-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{046404ac-60be-4e8d-a935-6efaf26eba5f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\morerelevantadvertisingprogram.morerelevantadvertisingprogram (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\morerelevantadvertisingprogram.morerelevantadvertisingprogram.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\premiereadvertisingplatform.premiereadvertisingplatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\premiereadvertisingplatform.premiereadvertisingplatform.1 (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{418d86be-7386-4f1a-83e0-53604adbda74} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{547395d9-934a-ced6-b851-f238c86079e5} (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e8d6551-f9a4-6d01-4d4b-bfd7673c0e3e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{547395d9-934a-ced6-b851-f238c86079e5} (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4e8d6551-f9a4-6d01-4d4b-bfd7673c0e3e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MoreRelevantAdvertisingProgram.dll (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\PremiereAdvertisingPlatform.dll (Adware.PlayMP3z) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Users\Hireche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images (Rogue.ControlCenter) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Backup\Mounia\Documents	mplus\Updater.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Backup\Mounia\Documents	mplus\utils\downmp3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\B57C.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\BA97.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\C746.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\45F.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\4D3F.tmp (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\5310.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\91B3.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\AAD2.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\AEF7.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\2138.tmp (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Local\Temp\79E6.tmp (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\uninstall.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\8B99.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\F67C.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\B52B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\B9AF.tmp (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\232F.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\51BF.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\5C81.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\8CE3.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\A2F4.tmp (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\A5E1.tmp (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\A71C.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Local\Temp\B32E.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\System32\A2CD.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\7038.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\A3B5.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\A609.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Users\Hireche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.pif (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Users\Samy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.pif (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\329.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\330.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\331.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\332.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\333.music.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\333.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\334.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\334.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\335.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\335.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\336.music4.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\336.music4.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\guide.html (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg1.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg10.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg2.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg3.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg4.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg5.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg6.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg7.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg8.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\faq\images\gimg9.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Windows\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Kenboss\AppData\Roaming\PC\settings.ini (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Utilisateur anonyme · Answer

• Télécharge rsit outil de diagnostic afin d'identifier les divers infections: http://images.malwareremoval.com/random/RSIT.exe
* Sous XP : double-cliquez sur RSIT.exe pour lancer l'outil. 
* Si vous êtes sous vista vous devez exécuter RSIT avec les droits d'administrateur, pour cela Clique droit sur RSIT et "Lancer en tant qu'administrateur"
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur 'Continue' à l'écran Disclaimer.
• Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
• Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.
( C:\RSIT\log.txt et C:\RSIT\info.txt )
• CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller

mounia93 · Answer

Ok
Voila le rapport "log" :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mounia at 2009-12-26 19:21:16
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 310 GB (67%) free of 465 GB
Total RAM: 2815 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:47, on 26/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32undll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULA.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Mounia\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Mounia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0119012A-60BE-4E8D-A935-6EFAF26EBA5f} - C:\Windows\System32\CmdLineExt0332.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SPC230NC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [SPC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: TrayMin230.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9b7a47dd0db68) (gupdate1c9b7a47dd0db68) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

Utilisateur anonyme · Answer

• Telecharge et install UsbFix par Chiquitine29
 (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
• Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisis "éxécuter en tant qu'administrateur" .
• Au menu principal choisis l'option " F " pour français et tape sur [entrée] . 
• Au second menu Choisis l'option " 2 " (suppression) et tape sur [entrée] 
• Laisse travailler l outil.
• Ensuite post le rapport UsbFix.txt qui apparaitra.
• Note : Le rapport UsbFix.txt est sauvegardé à la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) 
• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
          Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. 
          Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. 
• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

mounia93 · Answer

Merci

voila le rapport :


############################## | UsbFix V6.067 |

User : Mounia (Administrateurs) # PC-DE-HIRECHE
Update on 24/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:45:00 | 27/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual  CPU  E2200  @ 2.20GHz
Microsoft® Windows Vista™ Édition Familiale Premium  (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled
AV : Norton Internet Security 15.5.0.23 [ Enabled | (!) Outdated ]
FW : Norton Internet Security[ Enabled ]15.5.0.23

C:\ -> Disque fixe local # 453,76 Go (304,38 Go free) [HDD] # NTFS
D:\ -> Disque amovible
E:\ -> Disque amovible # 983,7 Mo (938,7 Mo free) [MOUNIA] # FAT
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque CD-ROM
I:\ -> Disque amovible

############################## | Processus actifs |

C:\Windows\System32\smss.exe 440
C:\Windows\system32\csrss.exe 588
C:\Windows\system32\wininit.exe 640
C:\Windows\system32\csrss.exe 652
C:\Windows\system32\services.exe 692
C:\Windows\system32\lsass.exe 712
C:\Windows\system32\lsm.exe 724
C:\Windows\system32\winlogon.exe 804
C:\Windows\system32\svchost.exe 912
C:\Windows\system32\svchost.exe 976
C:\Windows\System32\svchost.exe 1112
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1168
C:\Windows\system32\svchost.exe 1320
C:\Windows\system32\SLsvc.exe 1348
C:\Windows\system32\svchost.exe 1392
C:\Windows\system32\svchost.exe 1588
C:\Windows\System32\spoolsv.exe 1768
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe 1796
C:\Windows\system32	askeng.exe 1996
C:\Windows\system32\Dwm.exe 2024
C:\Windows\Explorer.EXE 288
C:\Windows\system32	askeng.exe 308
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 1488
C:\Windows\system32\svchost.exe 1052
C:\Windows\system32unonce.exe 2096
C:\Windows\system32\conime.exe 2280
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2588
C:\Program Files\AVG\AVG9\avgwdsvc.exe 2632
C:\Program Files\AVG\AVG9\avgfws9.exe 2664
C:\Program Files\Bonjour\mDNSResponder.exe 2680
C:\Windows\system32\drivers\CDAC11BA.EXE 2696
C:\Windows\system32\svchost.exe 2804
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 2852
C:\Windows\System32\svchost.exe 3004
C:\Windows\system32\IoctlSvc.exe 3136
C:\Windows\System32\svchost.exe 3244
C:\Program Files\AVG\AVG9\avgam.exe 3260
C:\Program Files\AVG\AVG9\avgnsx.exe 3288
C:\Windows\system32\svchost.exe 3404
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3428
C:\Windows\system32\svchost.exe 3556
C:\Windows\System32\svchost.exe 3612
C:\Program Files\AVG\AVG9\avgemc.exe 3784
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3892
C:\Windows\system32\WUDFHost.exe 3932
C:\Program Files\AVG\AVG9\avgcsrvx.exe 868
C:\Program Files\AVG\AVG9\avgchsvx.exe 2508
C:\Program Files\AVG\AVG9\avgrsx.exe 2500
C:\Program Files\AVG\AVG9\avgcsrvx.exe 2532
C:\Windows\system32\svchost.exe 1656
C:\Windows\system32\wbem\wmiprvse.exe 3016
C:\Program Files\AVG\AVG9\avgcsrvx.exe 4060

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-1046635626-3632065795-598488909-1000 
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1046635626-3632065795-598488909-1001 
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1046635626-3632065795-598488909-1002 
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2064053775-864123851-1056410832-1000 
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2064053775-864123851-1056410832-1001 
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2064053775-864123851-1056410832-1002 
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2064053775-864123851-1056410832-1003 
Supprimé ! C:\$Recycle.Bin\S-1-5-21-276161996-2988908801-3348705192-500 
Supprimé ! E:\filesystem\pagefile.exe 
Supprimé ! E:\filesystem 

################## | Registre |

Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDesktop"  
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"  
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"  
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"  
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoViewContextMenu"  

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{2be1ef75-eee9-11dd-a286-806e6f6e6963}\Shell\AutoRun\Command  
Supprimé ! HKCU\...\Explorer\MountPoints2\{baaa5ddb-b450-11de-80f4-0021971d648e}\Shell\AutoRun\Command  

################## | Listing des fichiers présent |

[18/09/2006 22:43|--a------|24] C:\autoexec.bat 
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr 
[15/08/2008 02:40|-ra-s----|8192] C:\BOOTSECT.BAK 
[19/09/2009 16:23|--a------|1219] C:\Centre de solutions HP.lnk 
[08/11/2009 14:33|--a------|1323] C:\cleannavi.txt 
[18/09/2006 22:43|--a------|10] C:\config.sys 
[?|?|?] C:\hiberfil.sys 
[24/12/2008 16:35|--a------|317] C:\MDL 2.0 Debug.txt 
[?|?|?] C:\pagefile.sys 
[01/09/2009 14:19|--a------|921632] C:\SPC230NC.DAT 
[27/12/2009 20:47|--a------|5211] C:\UsbFix.txt 
[01/10/2009 08:06|---h-----|12288] E:\~WRL0001.tmp 
[15/12/2009 21:37|--a------|11264] E:\Repas de NOEL.doc 
[18/12/2009 15:19|--a------|16256] E:\diagnostic export.docx 
[18/12/2009 21:15|--a------|49798] E:\Setup_FreeConverter.exe 
[18/08/2009 08:02|--a------|6996749] E:\T.I.- Hurt (ft alfamega & busta rhymes)(ATL-Music).mp3 
[18/08/2009 07:58|--a------|7205755] E:\T.I_ft_Justin_Timberlake_-_Dead_and_Gone.mp3 
[22/12/2009 14:45|--a------|1618] E:\BOOTEX.LOG 
[23/12/2009 16:31|--a------|22006276] E:\shs 24.11.09.WMA 
[26/12/2009 13:48|--a------|294714] E:\Stades du developpement psychoaffectif de l enfant.pdf 
[13/04/2001 21:54|--a------|42496] E:\Cours sara-Stade pregenitaux.doc 
[27/12/2009 20:25|--a------|12800] E:\Lettre de motiv r‚orientation.doc 

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.  
# E:\autorun.inf -> Dossier créé par UsbFix.  

################## | Cracks / Keygens / Serials |

Utilisateur anonyme · Answer

1/
•  Télécharge CCleaner :  https://www.ccleaner.com/ccleaner/download
•  Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
•  Lors de l'installation choisis bien "français" en langue .
•  avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.
•  (attention à l'installation penser à DECOCHER l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).
•  Un tuto ( aide ): http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
•  Utilisation:
•  ! déconnecte toi et ferme toutes applications en cours !
•  va dans "nettoyeur" : fais -analyse- puis -nettoyage
•  va dans "registre": fais -chercher les erreurs- et -réparer toutes les erreurs- 
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
•  ( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ...)
******************************************************************************
2/
Post un nouveau rapport rsit.a++

mounia93 · Answer

Voila le rapport rsit : 

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mounia at 2009-12-28 20:35:23
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 312 GB (67%) free of 465 GB
Total RAM: 2815 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:37:49, on 28/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Windows\System32undll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32undll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Packard Bell\GOOGLE_EULA\EULA.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Mounia\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Mounia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0119012A-60BE-4E8D-A935-6EFAF26EBA5f} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SPC230NC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [SPC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1000 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Hireche')
O4 - S-1-5-21-2064053775-864123851-1056410832-1000 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Hireche')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 Startup: Notification de cadeaux MSN.lnk = C:\Users\Samy\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 User Startup: Notification de cadeaux MSN.lnk = C:\Users\Samy\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Samy')
O4 - S-1-5-21-2064053775-864123851-1056410832-1002 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Samy')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: TrayMin230.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9b7a47dd0db68) (gupdate1c9b7a47dd0db68) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

Utilisateur anonyme · Answer

*  Télécharge OtmoveIT (de Old_Timer) sur ton Bureau
      http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/  (de OldTimer) sur ton Bureau
* Double-clique sur OTMoveIt.exe pour le lancer.
 * Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
 * copie  la liste en gras ci-dessous et colle la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.




:files
 C:\Windows\system32\9Ho0G.vbs     
C:\Windows\system32\VjIgPtS.vbs     
C:\Windows\system32\1847018195     
 C:\51a8b23f567399d3d6b4     
 C:\Windows\system32\pQSCw.vbs     
  C:\Windows\system32\xoyS3EyjIdm9NyW.vbs     
  C:\Windows\system32\duqd5.vbs     
  C:\Windows\system32\Xpkc4.vbs     
  C:\Windows\system32\hnI6wCfqzoOfqPD.vbs     
  C:\Windows\system32\A413.tmp     
  C:\Windows\system32\A2CE.tmp     
 C:\Windows\system32\A2A5.tmp     
  C:\Windows\system32\TLZBQ.vbs     
  C:\Windows\system32\NqraMR2.vbs     
 C:\Windows\system32\H15yTlz9mVaYT.vbs     
 C:\Windows\system32\oyLAELtzimD3V.vbs     
 C:\Windows\system32\TUcS0jX57C5EBim.vbs     
  C:\Windows\system32\INQPgsCezyoMQPO.vbs     
 C:\Windows\system32\emPlK.vbs     
  C:\Windows\system32\U2HzcFH.vbs     
  C:\Windows\system32\Qz85AuzPhGGoyDB.vbs     
  C:\Windows\system32\rEjunkvEaTZAw.vbs     
 C:\Windows\system32\A377.tmp     
  C:\Windows\system32\A369.tmp     
  C:\Windows\system32\VY9Q1.vbs     
C:\Windows\system32\VhUGQ7lNjhJRMgg.vbs     
C:\Windows\system32\2Xvw5Iah75yHN.vbs     
 C:\Windows\system32\KpZxLrIhU71jJ.vbs     
C:\Windows\system32\A3E3.tmp     
C:\Windows\system32\A3CB.tmp     
C:\Windows\system32\A3A4.tmp     
 C:\Windows\system32\0HV6h.vbs     
 C:\Windows\system32\A3B8.tmp     
  C:\Windows\system32\A356.tmp     
 C:\Windows\system32\A34F.tmp     
C:\Windows\system32\9Wv3FgIahOWyT.vbs     
C:\Windows\system32\ak1ICrDbGMmjG.vbs     
C:\Windows\system32\MDBznIX2Ty925.vbs     
  C:\Windows\system32\TZiH82xd576PvDL.vbs     
C:\Windows\system32\0l9Aq.vbs     
  C:\Windows\system32\B174.tmp     
 C:\Windows\system32\AA07.tmp     
  C:\Windows\system32\A343.tmp     
  C:\Windows\system32\zoxPcyee8PE7c.vbs     
 C:\Windows\system32\gad94dQ.vbs     
  C:\Windows\system32\2fbdRloMHQCej.vbs     
  C:\Windows\system32\Pa4Ty0Vp4V1iX.vbs     
  C:\Windows\system32\0iFUlRqOoYl87tk.vbs     
 C:\Windows\system32\TarShDO.vbs     
 C:\Windows\system32\gQznr.vbs     
  C:\Windows\system32\AXzWb.vbs     
 C:\Windows\system32\60pJbg5znBGOGfW.vbs     
 C:\Windows\system32\kbSyDOS.vbs     
  C:\Windows\system32\YdRqf.vbs     
  C:\Windows\system32\ysXOBE9xY84ZX.vbs     
 C:\Windows\system32\eLTEWYe.vbs     
 C:\Windows\system32\A37D.tmp     
  C:\Windows\system32\A2DD.tmp     
  C:\Windows\system32\R12EwdI.vbs     
 C:\Windows\system32\aK75kxXCa7wgw.vbs     
  C:\Windows\system32\k1frRPkD1T6XRVO.vbs     
  C:\Windows\system32\A454.tmp     
C:\Windows\system32\A3B4.tmp     
  C:\Windows\system32\A33E.tmp     
  C:\Windows\system32\A29F.tmp     
 C:\Windows\system32\ofRrTvz4pm91H.vbs     
  C:\Windows\system32\w8wi3uP.vbs     
 C:\Windows\system32\TbIgMi06C0YQP.vbs     
 C:\Windows\system32\Y39QQdpzneA2N.vbs     
  C:\Windows\system32\aUEsz.vbs     
  C:\Windows\system32\9TOoq.vbs     
 C:\Windows\system32\pXgJc.vbs     





:commands
[emptytemp]
[reboot]



-----------------------------

 * clique sur MoveIt! pour lancer la suppression.
* Le résultat apparaitra dans le cadre "Results".
* Clique sur Exit pour fermer.
* Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
 * Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.

mounia93 · Answer

J'ai eu un probleme, le logiciel s'est peut etre bloqué je ne sais pas, mais en tout cas je l'ai laissé agir pendant plus de deux heures, j'ai cliqué sur Exit, il ne s'est pas fermé. J'ai donc éteint le PC par le bouton. Par contre il a agit sur tous les fichiers, d'apres ce qu'il a été écrit. Et le rapport est introuvable! Dois-je recommencer?

Utilisateur anonyme · Answer

Non Pour vérifier post un nouveau rapport rsit

mounia93 · Answer

Voila le rapport RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mounia at 2009-12-30 22:19:40
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 381 GB (82%) free of 465 GB
Total RAM: 2815 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:20:07, on 30/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32undll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Packard Bell\GOOGLE_EULA\EULA.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\Philips\SPC230NC\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Mounia\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Mounia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0119012A-60BE-4E8D-A935-6EFAF26EBA5f} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SPC230NC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [SPC_Monitor] C:\Windows\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Hireche')
O4 - HKUS\S-1-5-21-2064053775-864123851-1056410832-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Hireche')
O4 - S-1-5-21-2064053775-864123851-1056410832-1000 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Hireche')
O4 - S-1-5-21-2064053775-864123851-1056410832-1000 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Hireche')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: TrayMin230.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL,C:\WINDOWS\SYSTEM32\DIMSJOB32.DLL C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9b7a47dd0db68) (gupdate1c9b7a47dd0db68) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

Utilisateur anonyme · Answer

/!\ A l'attention de ceux qui passent sur ce sujet /!\ 
Le logiciel qui suit n'est pas à utiliser à la légère et peut faire des dégâts s'il est mal utilisé ! Ne le faites que si un helpeur du forum qui connait bien cet outil vous l'a recommandé. 

/!\ Désactive tous tes logiciels de protection /!\ 

• Télécharge combofix(de sUBs) sur ton Bureau. 
• Double-clique sur ComboFix.exe afin de le lancer. 
• Il va te demander d'installer la console de récupération : accepte. (important en cas de problème)
• Ne touche à rien pendant le scan. 
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse. 
#Si combofix ne veut pas se lancer renommes le en ccm.exe et éxécutes le en mode sans échec .
Tutoriel officiel de Combofix : http://www.bleepingcomputer.com/combofix/fr/comment-utiliser¬-combofix

Redirection de pages web, log HT, virus ?

13 réponses

Discussions similaires

Newsletters