Forum Clubic

Ordinateurs infectés par de multiples virus

Bonsoirs depuis un moment mon ordinateur est d’une lenteur terrifiante et pire depuis plus d’une semaine lors du démarrage 3 fenetre noir s’affichent voila 1 exemple :
C:\windows\System 32\bad3.èxe
Le processeur NTVDM à rencontré une instruction non autorisée
CS:059d IP:0408OP:63726565 6e
Choisisssez “fermer” pour mettre fin à l’application

un copain ma dit que j’avais un virus et ma dit de faire un scan ,ce que j’ai fait: 18 virus détecté et là je viens vous demandé de l’aide si possible.en attendand bonne soirée

Bonsoir

Je vous conseil d’utiliser HijackThis et me donner le rapport ici

et télécharger ComboFix pour fixer les virus

Bonne chance

bonjour voila le rapport de ComboFix:

ComboFix 10-08-26.04 - Compaq_Propriétaire 27/08/2010 17:21:00.3.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.446.225 [GMT 2:00]
Lancé depuis: c:\documents and settings\Compaq_Propriétaire\Bureau\ComboFix.exe
AV: BitDefender 9 Professional Plus On-access scanning disabled (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender 9 Professional Plus disabled {4055920F-2E99-48A8-A270-4243D2B8F242}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\FF\chrome.manifest
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul
c:\program files\Dealio Toolbar\FF\chrome\content\login.js
c:\program files\Dealio Toolbar\FF\chrome\content\login.xul
c:\program files\Dealio Toolbar\FF\chrome\content\parser.js
c:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css
c:\program files\Dealio Toolbar\FF\chrome\skin\separator.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\target.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\Dealio Toolbar\FF\components\config.ini
c:\program files\Dealio Toolbar\FF\components\dealioToolbarFF.dll
c:\program files\Dealio Toolbar\FF\components\IFBHOHelperWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\components\IFBHOWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\install.rdf
c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\program files\QUAD Utilities\QUAD RegistryCleaner\program.log
c:\program files\QUAD Utilities\QUAD RegistryCleaner\QUAD RegistryCleaner.exe
c:\program files\QUAD Utilities\QUAD RegistryCleaner\Styles\Vista.cjstyles
c:\program files\Search Settings
c:\program files\Search Settings\FF\chrome.manifest
c:\program files\Search Settings\FF\chrome\content\plugin.js
c:\program files\Search Settings\FF\chrome\content\plugin.xul
c:\program files\Search Settings\FF\chrome\content\protection.js
c:\program files\Search Settings\FF\chrome\content\utils.js
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\program files\Search Settings\FF\components\IFBHOSearch.xpt
c:\program files\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\program files\Search Settings\FF\components\IFHelperPreferences.xpt
c:\program files\Search Settings\FF\components\SearchSettingsFF.dll
c:\program files\Search Settings\FF\install.rdf
c:\program files\Search Settings\SeARchsettings.dll
c:\program files\Search Settings\SearchSettings.exe
c:\program files\Search Settings\SearchSettingsRes409.dll
c:\windows\autorun.inf
c:\windows\Downloaded Program Files\Install.inf
c:\windows\system32\bad1.exe
c:\windows\system32\bad2.exe
c:\windows\system32\bad3.exe
c:\windows\system32\Ijl11.dll
c:\windows\system32\msmsgs.exe
c:\windows\system32\Thumbs.db
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-07-27 au 2010-08-27 ))))))))))))))))))))))))))))))))))))
.

2010-08-27 15:02 . 2010-08-27 15:09 -------- d-----w- c:\program files\Softonic_France
2010-08-26 18:43 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-26 18:43 . 2010-08-26 18:43 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2010-08-26 18:43 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-19 15:28 . 2010-06-30 13:01 -------- d-----w- c:\program files\Ask.com
2010-08-19 15:25 . 2010-08-19 16:19 -------- d-----w- c:\program files\LimeWire
2010-08-15 21:20 . 2010-08-15 21:20 -------- d-----w- c:\program files\CCleaner
2010-08-09 21:22 . 2010-08-15 22:05 -------- d-----w- c:\program files\PokerStars.FR

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-26 20:44 . 2007-07-12 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-08-22 19:10 . 2009-04-26 19:54 -------- d-----w- c:\program files\Veetle
2010-08-17 10:32 . 2005-01-03 02:34 -------- d-----w- c:\program files\Fichiers communs\Java
2010-08-17 10:30 . 2005-01-03 03:02 -------- d-----w- c:\program files\Google
2010-08-17 10:25 . 2005-01-03 02:34 -------- d-----w- c:\program files\Java
2010-08-11 18:15 . 2004-11-23 21:26 554990 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-11 18:15 . 2004-11-23 21:26 102980 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-09 21:22 . 2009-06-22 14:32 -------- d-----w- c:\program files\PokerStars.NET
2010-08-05 19:03 . 2009-01-24 10:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-17 03:00 . 2010-04-18 10:54 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-04 18:06 . 2010-07-04 17:55 -------- d-----w- c:\program files\PartyFrance
2010-07-04 17:23 . 2009-09-07 20:26 -------- d-----w- c:\program files\Panda Security
2010-07-04 17:22 . 2008-06-22 10:14 -------- d-----w- c:\program files\AVS4YOU
2010-07-04 17:21 . 2005-01-03 02:42 -------- d–h--w- c:\program files\InstallShield Installation Information
2010-06-30 12:32 . 2004-08-05 18:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:25 . 2004-08-05 18:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-08-05 18:00 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 19:36 . 2010-06-23 19:36 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe
2010-06-23 19:36 . 2010-06-23 19:36 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe
2010-06-23 19:36 . 2010-06-23 19:36 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe
2010-06-23 19:36 . 2010-06-23 19:36 35646112 ----a-w- c:\documents and settings\All Users\Application Data\Installations{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_2.5.2FR.exe
2010-06-21 15:27 . 2004-08-05 18:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-05 18:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-08-05 18:00 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-08-05 18:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2008-09-04 17:06 . 2008-09-04 17:06 122880 -c–a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-05-30 11:49 . 2006-05-30 11:49 22 -csha-w- c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
“{ad55c869-668e-457c-b270-0cfb2f61116f}”= “c:\program files\livetvbar\tbliv1.dll” [2010-05-17 2515552]
“{89d18ea5-ab30-4324-8784-3f14c25bb66a}”= “c:\program files\FreeSavers2k\tbFre0.dll” [2010-05-29 2515552]
“{4daac69c-cba7-45e2-9bc8-1044483d3352}”= “c:\program files\Softonic_France\tbSoft.dll” [2010-06-13 2734688]

[HKEY_CLASSES_ROOT\clsid{ad55c869-668e-457c-b270-0cfb2f61116f}]

[HKEY_CLASSES_ROOT\clsid{89d18ea5-ab30-4324-8784-3f14c25bb66a}]

[HKEY_CLASSES_ROOT\clsid{4daac69c-cba7-45e2-9bc8-1044483d3352}]

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-06-13 17:10 2734688 ------w- c:\program files\Softonic_France\tbSoft.dll

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{89d18ea5-ab30-4324-8784-3f14c25bb66a}]
2010-05-29 23:43 2515552 ----a-w- c:\program files\FreeSavers2k\tbFre0.dll

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{ad55c869-668e-457c-b270-0cfb2f61116f}]
2010-05-17 09:36 2515552 ----a-w- c:\program files\livetvbar\tbliv1.dll

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-06-10 15:28 1233288 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
“{ad55c869-668e-457c-b270-0cfb2f61116f}”= “c:\program files\livetvbar\tbliv1.dll” [2010-05-17 2515552]
“{89d18ea5-ab30-4324-8784-3f14c25bb66a}”= “c:\program files\FreeSavers2k\tbFre0.dll” [2010-05-29 2515552]
“{D4027C7F-154A-4066-A1AD-4243D8127440}”= “c:\program files\Ask.com\GenericAskToolbar.dll” [2010-06-10 1233288]
“{4daac69c-cba7-45e2-9bc8-1044483d3352}”= “c:\program files\Softonic_France\tbSoft.dll” [2010-06-13 2734688]

[HKEY_CLASSES_ROOT\clsid{ad55c869-668e-457c-b270-0cfb2f61116f}]

[HKEY_CLASSES_ROOT\clsid{89d18ea5-ab30-4324-8784-3f14c25bb66a}]

[HKEY_CLASSES_ROOT\clsid{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid{4daac69c-cba7-45e2-9bc8-1044483d3352}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
“{AD55C869-668E-457C-B270-0CFB2F61116F}”= “c:\program files\livetvbar\tbliv1.dll” [2010-05-17 2515552]
“{89D18EA5-AB30-4324-8784-3F14C25BB66A}”= “c:\program files\FreeSavers2k\tbFre0.dll” [2010-05-29 2515552]
“{D4027C7F-154A-4066-A1AD-4243D8127440}”= “c:\program files\Ask.com\GenericAskToolbar.dll” [2010-06-10 1233288]

[HKEY_CLASSES_ROOT\clsid{ad55c869-668e-457c-b270-0cfb2f61116f}]

[HKEY_CLASSES_ROOT\clsid{89d18ea5-ab30-4324-8784-3f14c25bb66a}]

[HKEY_CLASSES_ROOT\clsid{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NCLaunch”=“c:\windows\NCLAUNCH.EXe” [2006-04-24 40960]
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-04-04 68856]
“TomTomHOME.exe”=“c:\program files\TomTom HOME 2\TomTomHOMERunner.exe” [2009-11-13 247144]
“Connexion SFR 9props.exe”=“c:\program files\SFR\Kit\9props.exe” [2009-10-15 959808]
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe” [2006-11-03 204288]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
“Shockwave Updater”=“c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe” [2009-07-31 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NokiaMServer”=“c:\program files\Fichiers communs\Nokia\MPlatform\NokiaMServer” [X]
“EverioService”=“c:\program files\CyberLink\PCM4Everio\EverioService.exe” [2007-11-01 151552]
“NokiaMusic FastStart”=“c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe” [2009-11-06 2090272]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2010-06-20 35760]
“Adobe ARM”=“c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe” [2010-06-09 976832]
“SunJavaUpdateSched”=“c:\program files\Fichiers communs\Java\Java Update\jusched.exe” [2010-05-14 248552]

c:\documents and settings\Compaq_Propri?taire\Menu D?marrer\Programmes\D?marrage
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
Outil de d?tection de support PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-12-24 333088]

c:\documents and settings\All Users\Menu D?marrer\Programmes\D?marrage
Ovi Files Connector.lnk - c:\program files\Ovi Files\Ovi Files_agent.exe [2009-11-19 1447280]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
“{56F9679E-7826-4C84-81F3-532071A8BCC5}”= “c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll” [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@=“Driver”

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“AntiVirusOverride”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe”=
“c:\Program Files\CyberLink\PCM4Everio\PCM4Everio.exe”=
“c:\Program Files\CyberLink\PCM4Everio\EverioService.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“c:\Program Files\TVAnts\Tvants.exe”=
“c:\Program Files\Bonjour\mDNSResponder.exe”=
“c:\Program Files\iTunes\iTunes.exe”=
“c:\Program Files\Windows Live\Messenger\wlcsdk.exe”=
“c:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe”=
“c:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe”=
“c:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe”=
“c:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe”=
“c:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe”=
“c:\Program Files\Windows Live\Messenger\msnmsgr.exe”=
“c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”=
“c:\Program Files\Shareaza\Shareaza.exe”=

R1 FNETDEVI;FNETDEVI;c:\windows\system32\drivers\FNETDEVI.SYS [18/04/2010 12:55 19572]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [26/08/2010 20:43 38224]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [14/03/2010 18:27 583552]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14/04/2007 03:06 639224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenu du dossier ‘Tâches planifiées’

2010-07-06 c:\windows\Tasks\AppleSoftwareUpdate.job

  • c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-08-27 c:\windows\Tasks\Google Software Updater.job

  • c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-31 15:52]

2010-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

  • c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 21:01]

2010-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

  • c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 21:01]

2010-08-27 c:\windows\Tasks\HPpromotions journeysoftware.job

  • c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]

2010-08-27 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

  • c:\program files\Ask.com\UpdateTask.exe [2010-06-10 15:28]

2010-08-27 c:\windows\Tasks\User_Feed_Synchronization-{99A1717A-339F-4054-B124-428CEA8FF8A5}.job

  • c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = search.conduit.com…
    mWindow Title =
    uInternet Settings,ProxyOverride = localhost;*.local
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Add to Windows &Live Favorites - favorites.live.com…
    IE: Download with &Shareaza - c:\program files\Shareaza\RazaWebHook32.dll/3000
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: {{725EC34E-943C-4df6-B0B2-FBDE7F242276} - c:\program files\PartyFrance\PartyPokerFr\RunApp.exe
    IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
    Trusted Zone: canalplay.com
    Trusted Zone: canalplusactive.com
    DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - dl.google.com…
    DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - safe.tele2.com…
    FF - ProfilePath - c:\documents and settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\ar691trw.default
    FF - prefs.js: browser.search.defaulturl - search.conduit.com…
    FF - prefs.js: browser.search.selectedEngine - Live Search
    FF - prefs.js: browser.startup.homepage - fr.start3.mozilla.com…
    FF - prefs.js: keyword.URL - redirecterror.sfr.fr…
    FF - component: c:\documents and settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\ar691trw.default\extensions{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - component: c:\documents and settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\ar691trw.default\extensions{ad55c869-668e-457c-b270-0cfb2f61116f}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\ar691trw.default\extensions{ad55c869-668e-457c-b270-0cfb2f61116f}\components\RadioWMPCore.dll
    FF - component: c:\documents and settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\ar691trw.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
    FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
    FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
    FF - plugin: c:\program files\Veetle\Player\npvlc.dll
    FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
    FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: keyword.URL - redirecterror.sfr.fr…
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“ui.use_native_colors”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.auth.force-generic-ntlm”, false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“svg.smil.enabled”, false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref”, true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.renego_unrestricted_hosts”, “”);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.treat_unsafe_negotiation_as_broken”, false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.require_safe_negotiation”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name”, “chrome://browser/locale/browser.properties”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description”, “chrome://browser/locale/browser.properties”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“plugins.update.notifyUser”, false);
.

        • ORPHELINS SUPPRIMES - - - -

BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
HKLM-Run-Ovi Files Update - c:\program files\Ovi Files\updater.exe
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
AddRemove-HijackThis - c:\documents and settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CAU2GHCK\HijackThis.exe
AddRemove-idehje - c:\documents and settings\compaq_propriétaire\local settings\application data\idehje.exe


catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2010-08-27 17:57
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0


.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”="@c:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@=“c:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe”

[HKEY_LOCAL_MACHINE\software\Classes\CLSID{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”

[HKEY_LOCAL_MACHINE\software\Classes\Interface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
“Version”=“1.0”

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ؕ€|ÿÿÿÿ•€|ù•9~*]
“C040110900063D11C8EF10054038389C”=“C?\WINDOWS\system32\FM20ENU.DLL”
.
--------------------- DLLs chargées dans les processus actifs ---------------------

              • ‘winlogon.exe’(572)
                c:\windows\system32\Ati2evxx.dll
                .
                Heure de fin: 2010-08-27 18:07:24
                ComboFix-quarantined-files.txt 2010-08-27 16:07

Avant-CF: 37 432 807 424 octets libres
Après-CF: 37 946 441 728 octets libres

    • End Of File - - EF9BD59609C53B900C1F2B77832DFDB8

:etonne2: désolé mais je n’ai peut etre pas fais la manip dans le bon ordre voila le rapport de HidjacKthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:59:40, on 27/08/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\SFR\Kit\9props.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Philips\Xcelera\Programs\AutoUpdateD.exe
C:\Program Files\Ovi Files\Ovi Files_agent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Philips\Xcelera\Programs\enconcertrms.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tbliv1.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: FreeSavers2k Toolbar - {89d18ea5-ab30-4324-8784-3f14c25bb66a} - C:\Program Files\FreeSavers2k\tbFre0.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: FreeSavers2k Toolbar - {89d18ea5-ab30-4324-8784-3f14c25bb66a} - C:\Program Files\FreeSavers2k\tbFre0.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tbliv1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tbliv1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: FreeSavers2k Toolbar - {89d18ea5-ab30-4324-8784-3f14c25bb66a} - C:\Program Files\FreeSavers2k\tbFre0.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O4 - HKLM…\Run: [EverioService] “C:\Program Files\CyberLink\PCM4Everio\EverioService.exe”
O4 - HKLM…\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM…\Run: [NokiaMusic FastStart] “C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe” /command:faststart
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [Adobe ARM] “C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe”
O4 - HKCU…\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [TomTomHOME.exe] “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe” -s
O4 - HKCU…\Run: [Connexion SFR 9props.exe] “C:\Program Files\SFR\Kit\9props.exe” /trayicon
O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -“Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 3.0.04506.648; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)” -“http://www3.jeux.com/jeux/jeux.php?VIDJeux=2006
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Ovi Files Connector.lnk = C:\Program Files\Ovi Files\Ovi Files_agent.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr…
O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com…
O8 - Extra context menu item: Download with &Shareaza - C:\Program… Files\Shareaza\RazaWebHook32.dll/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE…
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Compaq_Propriétaire\Mes documents\carvalho mes Documents\Privé\Titan Poker\casino.exe (file missing)
O9 - Extra ‘Tools’ menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Compaq_Propriétaire\Mes documents\carvalho mes Documents\Privé\Titan Poker\casino.exe (file missing)
O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Program Files\PartyFrance\PartyPokerFr\RunApp.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Program Files\PartyFrance\PartyPokerFr\RunApp.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra ‘Tools’ menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - appldnld.apple.com.edgesuite.net…
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com…
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - us.dl1.yimg.com…
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - host.cycore.net…
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.mail.live.com…
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - www.eset.eu…
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} (Google Gadget Control) - dl.google.com…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com…
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com…
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - upload.facebook.com…
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - safe.tele2.com…
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com…
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - messenger.zone.msn.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - platformdl.adobe.com…
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com…
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AutoUpdateD - Unknown owner - C:\Program Files\Philips\Xcelera\Programs\AutoUpdateD.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service d’administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: EnConcertRMS - Philips Medical Systems Nederland BV - C:\Program Files\Philips\Xcelera\Programs\enconcertrms.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c98af983dba20e) (gupdate1c98af983dba20e) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d’aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe


End of file - 17707 bytes


en tout cas je 'ai plus les 3 fenetres qui apparaisse au démarrage :clap: