fonneuve

bonsoir je vous adresse les documents demandés 1-Virus total: Fichier Setup_FreeConverter.exe reçu le 2008.02.25 15:19:06 (CET) Situation actuelle: terminé Résultat: 5/32 (15.62%) Formaté Impression des résultats Antivirus Version Dernière mise à jour Résultat AhnLab-V3 - - - AntiVir - - TR/Agent.6952238 Authentium - - - Avast - - - AVG - - - BitDefender - - Trojan.Generic.73895 CAT-QuickHeal - - - ClamAV - - - DrWeb - - - eSafe - - - eTrust-Vet - - - Ewido - - - F-Prot - - - F-Secure - - - FileAdvisor - - - Fortinet - - - Ikarus - - not-a-virus:PSWTool.Win32.PWDump.2 Kaspersky - - - McAfee - - - Microsoft - - - NOD32v2 - - - Norman - - - Panda - - - Prevx1 - - Heuristic: Suspicious Self Modifying File Rising - - - Sophos - - - Sunbelt - - - Symantec - - - TheHacker - - - VBA32 - - - VirusBuster - - - Webwasher-Gateway - - Trojan.Agent.6952238 Information additionnelle MD5: 7380976765ab8383a19d8e9c4d5f70d7 SHA1: 62ebdeef7f5588db28eab03959ed8119bcd94afb SHA256: 20ea3880f371ea0fec7334939a71384fe3df38c3b7001bea6863e6853ef8af4c SHA512: 92f42877b46eb23f25c081c335e91e69fd89242e5cd12ee6aeb0edb024cd7b73bf50ce83e7fce217 5dd33dcfad7b924a150170a2f6ffcbdbce1213f33a04e772 2-MBAM n'a rien detecté voici le rapport: Malwarebytes' Anti-Malware 1.12 Database version: 775 Scan type: Quick Scan Objects scanned: 37696 Time elapsed: 3 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) 3-Nouveau rapport Hitjact: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:35:45, on 22/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\INCRED~1\bin\ImApp.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S190.tmp" /EF "HKCU" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 11727 bytes A tite d'info supplementaire _a) J'ai supprimé le fichier C:\Documents and Settings\Pierre\Mes documents\Nouveaux logiciels\Setup_FreeConverter.exe mais sans doute pas comme il faut _b) un nouveau scan avec spyware doctor me fait toujours apparaitre ce chenapn de Spyware Known Bad Site. Est 'il valable ce Doctor ?

bonjour J'ai donc desinstallé avast et installé antivir Voici le rapport du scan fait en mode sans echec Avira AntiVir Personal Report file date: jeudi 22 mai 2008 06:09 Scanning for 1282124 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: Administrateur Computer name: SN045612320243 Version information: BUILD.DAT : 8.1.00.296 16479 Bytes 29/04/2008 10:47:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 22/05/2008 03:58:14 AVSCAN.DLL : 8.1.1.0 53505 Bytes 22/05/2008 03:58:14 LUKE.DLL : 8.1.2.9 151809 Bytes 22/05/2008 03:58:15 LUKERES.DLL : 8.1.2.1 12033 Bytes 22/05/2008 03:58:15 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 03:58:16 ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 03:58:16 ANTIVIR3.VDF : 7.0.4.76 102400 Bytes 21/05/2008 03:58:16 Engineversion : 8.1.0.46 AEVDF.DLL : 8.1.0.5 102772 Bytes 22/05/2008 03:58:17 AESCRIPT.DLL : 8.1.0.33 266618 Bytes 22/05/2008 03:58:17 AESCN.DLL : 8.1.0.18 119156 Bytes 22/05/2008 03:58:17 AERDL.DLL : 8.1.0.20 418165 Bytes 22/05/2008 03:58:17 AEPACK.DLL : 8.1.1.5 364918 Bytes 22/05/2008 03:58:17 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 22/05/2008 03:58:17 AEHEUR.DLL : 8.1.0.29 1253750 Bytes 22/05/2008 03:58:17 AEHELP.DLL : 8.1.0.14 115063 Bytes 22/05/2008 03:58:17 AEGEN.DLL : 8.1.0.21 303477 Bytes 22/05/2008 03:58:16 AEEMU.DLL : 8.1.0.6 430451 Bytes 22/05/2008 03:58:16 AECORE.DLL : 8.1.0.29 168311 Bytes 22/05/2008 03:58:16 AVWINLL.DLL : 1.0.0.7 14593 Bytes 22/05/2008 03:58:14 AVPREF.DLL : 8.0.0.1 25857 Bytes 22/05/2008 03:58:14 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVREG.DLL : 8.0.0.0 30977 Bytes 22/05/2008 03:58:14 AVARKT.DLL : 1.0.0.23 307457 Bytes 22/05/2008 03:58:13 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 22/05/2008 03:58:13 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/05/2008 03:58:16 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 22/05/2008 03:58:16 NETNT.DLL : 8.0.0.1 7937 Bytes 22/05/2008 03:58:15 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 22/05/2008 03:58:10 RCTEXT.DLL : 8.0.32.0 86273 Bytes 22/05/2008 03:58:10 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, A:, E:, F:, G:, H:, D:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: jeudi 22 mai 2008 06:09 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'swdsvc.exe' - '1' Module(s) have been scanned Scan process 'svcntaux.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 13 processes with 13 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD2 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD3 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Master boot sector HD4 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'A:\' [iNFO] In the drive 'A:\' no data medium is inserted! Boot sector 'E:\' [iNFO] In the drive 'E:\' no data medium is inserted! Boot sector 'F:\' [iNFO] In the drive 'F:\' no data medium is inserted! Boot sector 'G:\' [iNFO] In the drive 'G:\' no data medium is inserted! Boot sector 'H:\' [iNFO] In the drive 'H:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( '43' files ). Starting the file scan: Begin scan in 'C:\' <HDD> C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\Pierre\Mes documents\Nouveaux logiciels\Setup_FreeConverter.exe [DETECTION] Is the Trojan horse TR/Agent.6952238 [WARNING] The file was ignored! Begin scan in 'A:\' Search path A:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'E:\' Search path E:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'F:\' Search path F:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'G:\' Search path G:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'H:\' Search path H:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'D:\' Search path D:\ could not be opened! Le périphérique n'est pas prêt. End of the scan: jeudi 22 mai 2008 06:51 Used time: 42:25 min The scan has been done completely. 6385 Scanning directories 417703 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 417702 Files not concerned 7346 Archives were scanned 6 Warnings 0 Notes

Merci voici le rapport demandé Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:04:54, on 21/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\PROGRA~1\INCRED~1\bin\ImApp.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\explorer.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\RunOnce: [NoTraceIndexDat] "C:\Documents and Settings\Pierre\Mes documents\MES LOGICIELS\NoTrace.exe" /IndexDatDelete O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S190.tmp" /EF "HKCU" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 12350 bytes

Bonjour. Je suis sous windows XP SP2 version familiale avec un PC de bureau PB I Media 6444 Périodiquement je fais une analyse avec Spyware Doctor et systématiquement apparait le spyware Known_Bad_Site indiqué à risque élevé ! Je le supprime donc avec le logiciel précité. Deux jours après le même spyvare est revenu et ainsi de suite... Par ailleurs je ne vois pas de conséquences facheuses si ce n'est _peut-être_une tendance à la paresse du PC et encore ? Pensez vous que ce géneur est dangereux et si c'est le cas que faire ? Merci pour votre aide

Bonjour je suis sous XP édition familiale SP2,matériel Packard Bell. Depuis quelque temps ,lorsque je veux visionner des photos avec "aperçu des images et des télécopies Windows " une fois sur deux,cette fenêtre se bloque sur l'image et je ne peux pas la fermer avec la croix rouge en haut à droite. Pour ce faire je dois passer par le Gestionnaire des taches et supprimer l'application concernée. Ce n'est pas grave mais ça doit cacher quelque malice probable à venir Que faire,SVP,pour arranger ce problème? Merci

bsr ok j'ai désactivé puis réactivé les points de restauration et voici les rapports demandés 1-Kasperski (RAS ) Thursday, January 24, 2008 6:12:25 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.98.0 Dernière mise à jour de la base antivirus Kaspersky : 24/01/2008 Enregistrements dans la base antivirus Kaspersky : 531323 Paramètres d'analyse Analyser avec la base antivirus suivante étendue Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail A:\ C:\ D:\ E:\ F:\ G:\ H:\ Statistiques de l'analyse Total d'objets analysés 79809 Nombre de virus trouvés 0 Nombre d'objets infectés 0 Nombre d'objets suspects 0 Durée de l'analyse 00:49:57 2_hitjact Logfile of HijackThis v1.99.1 Scan saved at 18:18:33, on 24/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file) O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\Dico TV5\MDTV5TB.dll O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SBE.tmp" /EF "HKCU" O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...214/mcfscan.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - (no file) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - (no file) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing) O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing) O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) je pense que tu avais raison a bientot

ok,merci ai-je bien compris ? une suite me permettant de supprimer les qqes bricoles qui m'infestent va m'être donnée ou bien dois je refaire un nouveau sujet ? Cordialement

bonjour bon ,alors je na fais plus rien en attendant les diagnostics et les ordonnances des experts sécurité. pour répondre à tes questions: mon PC se comporte bien et je peux faire ce que je lui demande (surf sur internet,travail de photos,courrier,pps,,impression....etc) quelques langueurs sans gravité de ci-delà. j'ai gardé avast pour le moment,mais s'il est vital de le supprimer,je le remplacerai par antivir. Voila;bonne journée et encore merci Pierre

hello je viens de virer qques cookies innoffensifs avec éwido,comme tu m'as dit. quand je parlais de restaurer je voulais dire refaire mon pc avec les master cd ...on repart a zéro et tout va bien jusqu'à la prochaine fois;je ne perds rien car je sauvegarde tous les 2 jours sur des D externes. mais avec des gars comme toi j'apprends des choses donc c'est du +++ Bon courage avec mon cas!

Bonjour et merci pour ton aide Pour répondre à ta question je n'ai pas de pb avec mon pc,saut que depuis qque jours je ne peux plus ouvrir "Options Internet "ce qui me gène; C'est pourquoi j'ai demandé une analyse.. Je viens de suivre à la lettre tes conseils ci-dessus sauf AVG antispyware qui ne veut pas s'ouvrir(Buffer overun ...) je t'adresse donc 1)le rapport Kaspersky: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Wednesday, January 23, 2008 12:56:06 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 23/01/2008 Kaspersky Anti-Virus database records: 527915 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 99704 Number of viruses found: 3 Number of infected objects: 11 Number of suspicious objects: 0 Duration of the scan process: 00:58:09 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Pierre\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Temp\Perflib_Perfdata_540.dat Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Temp\Perflib_Perfdata_f0.dat Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Pierre\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Pierre\ntuser.dat Object is locked skipped C:\Documents and Settings\Pierre\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\Media\Temp\Thumbnails\Storage.bin Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP142\A0037597.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP142\A0037597.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP142\A0037597.exe RarSFX: infected - 2 skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP153\A0038978.exe/file7 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP153\A0038978.exe Inno: infected - 1 skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP241\A0051277.exe Infected: Backdoor.Win32.Agent.duj skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP241\A0051278.exe Infected: Backdoor.Win32.Agent.duj skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP249\A0052644.dll Infected: not-a-virus:AdWare.Win32.MegaSearch.n skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP256\change.log Object is locked skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP56\A0007078.exe/data0007/data0159 Infected: not-a-virus:AdWare.Win32.MegaSearch.n skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP56\A0007078.exe/data0007 Infected: not-a-virus:AdWare.Win32.MegaSearch.n skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP56\A0007078.exe NSIS: infected - 2 skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{1DEE0B23-7436-45E3-BB5E-8E6875DA3E96}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped C:\WINDOWS\system32\config\OSession.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_50c.dat Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_51c.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. 2)le rapportAvs: AntiVir PersonalEdition Classic Report file date: mercredi 23 janvier 2008 14:15 Scanning for 835736 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Pierre Computer name: SN045612320243 Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55 ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04 ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13 AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 23 janvier 2008 14:15 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Starting master boot sector scan: Master boot sector HD0 [NOTE] No virus was found! Master boot sector HD1 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Master boot sector HD2 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Master boot sector HD3 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Master boot sector HD4 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '40' files ). Starting the file scan: Begin scan in 'C:\' <HDD> C:\pagefile.sys [WARNING] The file could not be opened! C:\qoobox\Quarantine\C\WINDOWS\system32\ddabc.dll.vir [DETECTION] Is the Trojan horse TR/Trash.Gen [iNFO] The file was deleted! End of the scan: mercredi 23 janvier 2008 14:46 Used time: 30:20 min The scan has been done completely. 6066 Scanning directories 318869 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 1 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 318868 Files not concerned 7390 Archives were scanned 3 Warnings 0 Notes 3)le rapport hitjact Logfile of HijackThis v1.99.1 Scan saved at 16:31:22, on 23/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file) O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\Dico TV5\MDTV5TB.dll O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SBE.tmp" /EF "HKCU" O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - (no file) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - (no file) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing) O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing) O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) voila ,si on ne peut rien faire, je restaurerai mon pc encore une fois merci

bonjour a vous deux b]Réponse à Pear[/b] j'ai appliqué mais ça ne marche pas Réponse à Pang la clé gpedit.msc est introuvable ! oui j'ai avast je viens d'envoyer un hitjact sur le forum idoine et maintenant..que vais je faire...?(BECAUD)

bonjour Je posséde XP SP2 version familiale avec un PC packard Bell je suis actuellement sur la partie "software"de ce même forum,afin d'essayer de supprimer les " restrictions en vigueur "qui m'empêchent d'ouvrir ,dans le panneau de configuration la rubrique "Options Internet ". Un de mes correspondants m'a suggéré de vérifier s'il n'y avait pas un virus ! j'ai fait entre temps des scans avec ad-aware,spybot,a-squared free et j'ai éliminé plusieurs choses dont" Win 32 trojandowloader.zlob "qui ne parait pas sympa". afin de m'assurer que ma machine est propre,je vous adresse le rapport hitjact suivant Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:31:20, on 22/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\a-squared Free\a2service.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx (file missing) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing) O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\Dico TV5\MDTV5TB.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SBE.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing) O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing) O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 11277 bytes pouvez vous avoir la gentillesse de me dire si tout est normal ? merci

bonjour je viens de faire l'analye de A HKEY_CURRENT_USER Software,Policies,Microsoft, Internet Explorer et n'apparait que "control panel" dans lequel est écrit "valeur non définie "... Dans HKEY_LOCAL_MACHINE il n'y a pas internet explorer.. Dons mon problème reste entier . Serait-ce un virus ? à tout hasard j'ai appliqué ad-aware ,search and destroy,a squared-free et tout nettoyé,puis une analyse en ligne avec hitjact ou n'apparait rien de méchant !! alors je ne sais plus quoi faire quel est votre avis ? un grand merci

bonjour merci pour votre aide ,mais je ne suis pas tres expert dans le registre...comment entrer dans les cles que vous me proposez ? Merci

Bonjour Je suis sous Windows SP2 et depuis quelque temps je ne peux plus ouvrir ,à partir du panneau de configuration,le volet "options internet " Qund j'essaie a partir d'IE 7 "outils_ options internet" apparait le texte suivant "...restriction en vigueur sur cet ordinateur. Contacter votre administrateur système..." C'est moi l'administrateur mais...je ne sais pas quoi faire et mes recherches sur les forums ne m'ont rien donné Qui pourrait me renseigner pour réactiver cette option ? Merci

re impeccable Je vous remercie vivement ,toi et Appolo ,pour toute l'aide que vous m'avez apportée afin de me sortir de ce mauvais pas. C'est tellement amusant de suivre vos conseils que j'ai envie de recommencer encore merci et au revoir PS comment on fait pour mettre "réglé" ?

re j'ai supprimé le premier point mais je n'ai pa vu 'formater"dans Virus Total. seulement ce qui suit File shell32.dll received on 11.29.2007 16:22:26 (CET) Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED Result: 0/32 (0%) Loading server information... Your file is queued in position: ___. Estimated start time is between ___ and ___ . Do not close the window until scan is complete. The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result. If you are waiting for more than five minutes you have to resend your file. Your file is being scanned by VirusTotal in this moment, results will be shown as they're generated. Compact Print results Your file has expired or does not exists. Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished. Email: Antivirus Version Last Update Result AhnLab-V3 2007.11.29.0 2007.11.29 - AntiVir 7.6.0.34 2007.11.29 - Authentium 4.93.8 2007.11.29 - Avast 4.7.1074.0 2007.11.28 - AVG 7.5.0.503 2007.11.29 - BitDefender 7.2 2007.11.29 - CAT-QuickHeal 9.00 2007.11.29 - ClamAV 0.91.2 2007.11.29 - DrWeb 4.44.0.09170 2007.11.29 - eSafe 7.0.15.0 2007.11.29 - eTrust-Vet 31.3.5335 2007.11.29 - Ewido 4.0 2007.11.29 - FileAdvisor 1 2007.11.29 - Fortinet 3.14.0.0 2007.11.29 - F-Prot 4.4.2.54 2007.11.28 - F-Secure 6.70.13030.0 2007.11.29 - Ikarus T3.1.1.12 2007.11.29 - Kaspersky 7.0.0.125 2007.11.29 - McAfee 5173 2007.11.28 - Microsoft 1.3007 2007.11.29 - NOD32v2 2693 2007.11.29 - Norman 5.80.02 2007.11.28 - Panda 9.0.0.4 2007.11.28 - Prevx1 V2 2007.11.29 - Rising 20.20.22.00 2007.11.29 - Sophos 4.23.0 2007.11.29 - Sunbelt 2.2.907.0 2007.11.27 - Symantec 10 2007.11.29 - TheHacker 6.2.9.144 2007.11.28 - VBA32 3.12.2.5 2007.11.28 - VirusBuster 4.3.26:9 2007.11.29 - Webwasher-Gateway 6.6.2 2007.11.29 - Additional information File size: 8516608 bytes MD5: afcc9e31e725a79fb4acb819747f043d SHA1: 05cf007a6a0d0c8e5a2509ec036df9d7f0df0468 ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

bonsoir: voici les 2 rapports: 1_bit defender : //----------------------------------------------------------------- // // Produit BitDefender Free Edition v10 // Produit 10.2 // // Créé le: 29/11/2007 14:06:03 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\WINDOWS C:\Program Files Dossiers : 3194 Fichiers : 16295 Processus Mémoire analysés : 0 Archives : 0 Fichiers enpaquetés : 921 Virus trouvés : 0 Fichiers infectés : 0 Processus Mémoire infectés : 0 Fichiers suspects : 0 Alertes : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers déplacés : 0 Erreurs I/O : 2 Temps d'analyse :=00:08:39 Fichiers/seconde :31 Définitions virus : 957099 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 7 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [ ] Processus mémoire [ ] Analyser les archives [X] Analyser les fichiers enpaquetés [X] Analyser la messagerie Masque fichiers [X] Programmes [ ] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Mettre en quarantaine [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [X] Mettre en quarantaine [ ] Demander l'action Options d'analyse [X] Activer les alertes [ ] Activer l'heuristique [ ] Afficher tous les fichiers dans le journal [X] Fichier journal: C:\DOCUME~1\Pierre\LOCALS~1\Temp\1196341563.log Options d'analyse Spyware [X] Analyse contre les risques non-viraux [ ] Ecarter de l'analyse les dialers et les applications [ ] Clés de registres [ ] Cookies 2) Combo ComboFix 07-11-19.4C - Pierre 2007-11-29 14:19:28.8 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.42 [GMT 1:00] Running from: C:\Documents and Settings\Pierre\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Pierre\Bureau\CFScript.txt * Created a new restore point . ((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-29 )))))))))))))))))))))))))))))))))))) . 2007-11-29 14:16 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Bitdefender 2007-11-29 14:05 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2007-11-29 14:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender 2007-11-28 14:30 <REP> d-------- C:\Program Files\SAGEM 2007-11-28 13:55 61,440 --a------ C:\WINDOWS\system32\W32N50.dll 2007-11-28 13:55 16,292 --a------ C:\WINDOWS\system32\PCANDIS5.SYS 2007-11-27 18:19 <REP> d-------- C:\Program Files\Navilog1 2007-11-27 13:59 <REP> d-------- C:\Program Files\a-squared Free 2007-11-27 10:36 <REP> d-------- C:\WINDOWS\AU_Backup 2007-11-27 10:36 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-11-27 10:06 <REP> d-------- C:\WINDOWS\AU_Temp 2007-11-27 10:06 <REP> d-------- C:\WINDOWS\AU_Log 2007-11-27 10:06 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-11-27 09:50 143 --a------ C:\WINDOWS\system32\mcrh.tmp 2007-11-27 08:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-11-26 21:27 780,815 ---hs---- C:\WINDOWS\system32\kduqhkut.ini 2007-11-26 21:24 80,960 --a------ C:\WINDOWS\system32\itxlcfod.dll 2007-11-26 13:55 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-11-26 13:55 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2007-11-26 13:55 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-11-26 13:55 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-11-26 13:55 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-11-26 13:55 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-11-26 13:55 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-11-26 13:55 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-11-26 13:29 4,492 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-26 11:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-25 15:39 <REP> d-------- C:\Program Files\LimeWire 2007-11-25 15:37 <REP> d-------- C:\Documents and Settings\Pierre\.limewire 2007-11-24 21:53 <REP> d-------- C:\VundoFix Backups 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Bureau 2007-11-24 15:54 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver 2007-11-24 15:54 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec 2007-11-24 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-11-24 08:26 <REP> d-------- C:\Program Files\Lavasoft 2007-11-24 08:26 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Lavasoft 2007-11-23 17:07 <REP> d-------- C:\Program Files\Fichiers communs\SWF Studio 2007-11-23 16:39 <REP> d-------- C:\PROGRAMME 2007-11-23 14:15 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll 2007-11-23 14:12 37,376 --a------ C:\WINDOWS\system32\ljjighh.dll.vir 2007-11-23 14:10 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-11-23 14:00 <REP> d-------- C:\Multimedia Files 2007-11-23 13:15 <REP> d-------- C:\Program Files\cyberlab GmbH 2007-11-21 13:03 <REP> d-------- C:\Program Files\Dico TV5 2007-11-19 08:08 <REP> d-------- C:\Program Files\VoipBuster.com 2007-11-16 09:48 <REP> d-------- C:\Program Files\Free Audio Pack 2007-11-16 09:48 516,173 --a------ C:\WINDOWS\system32\MSVCP60D.DLL 2007-11-16 09:48 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX 2007-11-16 09:48 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL 2007-11-16 09:23 <REP> d-------- C:\Program Files\Audacity 2007-11-10 06:50 <REP> d-------- C:\WINDOWS\SHELLNEW 2007-11-10 06:50 <REP> d-------- C:\Program Files\Microsoft.NET 2007-11-10 06:48 <REP> dr-h----- C:\MSOCache 2007-10-31 09:51 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Canon 2007-10-30 15:58 <REP> d-------- C:\WINDOWS\$regcmp$ 2007-10-30 15:33 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Netscape . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-29 06:54 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-27 09:36 86,094 ----a-w C:\WINDOWS\BPMNT.dll 2007-11-27 09:36 71,749 ----a-w C:\WINDOWS\hcextoutput.dll 2007-11-27 09:36 267,845 ----a-w C:\WINDOWS\tsc.exe 2007-11-27 09:06 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL 2007-11-27 09:06 286,720 ----a-w C:\WINDOWS\PATCH.EXE 2007-11-26 18:11 --------- d-----w C:\Program Files\Java 2007-11-25 21:54 --------- d-----w C:\Program Files\eMule 2007-11-25 19:06 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Skype 2007-11-10 21:05 --------- d-----w C:\Program Files\Google 2007-11-10 18:36 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Ulead Systems 2007-10-25 17:13 --------- d-----w C:\Program Files\Convar 2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll 2007-10-18 16:00 --------- d-----w C:\Program Files\Registry Clean Expert 2007-10-18 15:57 --------- d-----w C:\Program Files\UltraDefrag 2007-10-14 05:34 --------- d-----w C:\Program Files\Wondershare 2007-10-13 18:10 --------- d-----w C:\Program Files\GeoVid 2007-10-13 18:10 --------- d-----w C:\Documents and Settings\Pierre\Application Data\GeoVid 2007-10-13 16:22 --------- d-----w C:\Program Files\Fichiers communs\GeoVid 2007-10-11 16:31 --------- d-----w C:\Program Files\Picasa2 2007-10-11 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime 2007-10-10 14:22 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Ahead 2007-10-08 11:00 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2007-10-08 10:59 --------- d-----w C:\Program Files\Logitech 2007-10-08 07:40 --------- d-----w C:\Program Files\DivX 2007-10-08 07:36 --------- d-----w C:\Program Files\Pinnacle 2007-10-08 07:36 --------- d-----w C:\Program Files\Microsoft SQL Server 2007-10-08 07:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle 2007-10-08 06:41 --------- d-----w C:\Program Files\Executive Software 2007-10-08 06:37 --------- d-----w C:\Program Files\Ahead 2007-10-08 06:32 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2007-10-08 06:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead 2007-10-08 06:25 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ArcSoft 2007-10-08 06:24 --------- d-----w C:\Program Files\Canon 2007-10-08 06:23 --------- d-----w C:\Program Files\ScanSoft 2007-10-08 06:23 --------- d-----w C:\Program Files\Fichiers communs\ScanSoft Shared 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ScanSoft 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanWizard 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir 2007-10-08 06:22 --------- d-----w C:\Program Files\ArcSoft 2007-10-07 15:37 --------- d-----w C:\Program Files\Skype 2007-10-07 15:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2007-10-07 08:16 --------- d-----w C:\Documents and Settings\Pierre\Application Data\vmntoolbar 2007-10-05 08:08 --------- d-----w C:\Program Files\Popims 2007-10-04 14:44 --------- d-----w C:\Program Files\XnView 2007-10-04 06:43 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems 2007-10-04 06:41 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ACD Systems 2007-10-03 12:04 --------- d-----w C:\Program Files\Seagrand 2007-10-03 11:58 --------- d-----w C:\Program Files\Tacmi 2007-10-03 11:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-10-03 11:28 --------- d-----w C:\Documents and Settings\Pierre\Application Data\AdobeUM 2007-10-03 06:30 --------- d-----w C:\Program Files\Beneton Software 2007-10-03 06:21 --------- d-----w C:\Program Files\Visicom Media 2007-10-02 17:36 --------- d-----w C:\Program Files\vmntoolbar 2007-10-02 16:45 --------- d-----w C:\Program Files\Image Converter and Editor 2007-10-02 11:13 --------- d-----w C:\Program Files\VirtualDub 2007-10-02 11:07 --------- d-----w C:\Documents and Settings\Pierre\Application Data\STOIK 2007-10-02 10:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2007-10-02 10:45 --------- d-----w C:\Program Files\Ulead Systems 2007-10-02 10:45 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2007-10-02 07:22 --------- d-----w C:\Program Files\Crawler 2007-10-02 07:10 --------- d-----w C:\Program Files\directx 2007-10-02 07:06 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2007-10-02 06:39 --------- d-----w C:\Program Files\AVSMedia 2007-10-01 12:21 --------- d-----w C:\Program Files\Maïdo Production 2007-10-01 11:23 --------- d-----w C:\Program Files\Beneton Movie GIF 2007-10-01 08:35 --------- d-----w C:\Documents and Settings\Pierre\Application Data\XnView 2007-10-01 07:59 --------- d-----w C:\Program Files\AnmSMP 2007-10-01 06:29 --------- d-----w C:\Program Files\RADVideo 2007-10-01 06:22 --------- d-----w C:\Program Files\Video mp3 Extractor 2007-10-01 06:19 --------- d-----w C:\Program Files\K-Lite Codec Pack 2007-10-01 06:13 --------- d-----w C:\Program Files\MSN Messenger 2007-10-01 06:05 --------- d-----w C:\Program Files\VS Revo Group 2007-10-01 05:45 --------- d-----w C:\Program Files\Free History Eraser 2007-10-01 05:23 --------- d-----w C:\Program Files\VirtualDubMOD 2007-10-01 05:22 --------- d-----w C:\Program Files\Media Player Classic 2007-10-01 05:22 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Media Player Classic 2007-10-01 05:21 --------- d-----w C:\Program Files\CDex 2007-10-01 05:18 --------- d-----w C:\Program Files\CCleaner 2007-09-30 16:03 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-09-30 09:46 --------- d-----w C:\Program Files\PhotoFiltre Studio 2007-09-30 09:46 --------- d-----w C:\Program Files\MSXML 4.0 2007-09-30 03:37 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Uniblue 2007-09-30 03:24 --------- d-----w C:\Program Files\IncrediMail 2007-09-30 03:16 --------- d-----w C:\Program Files\Alwil Software 2007-09-29 18:53 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2007-09-29 18:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2007-09-29 18:45 --------- d-----w C:\Program Files\Microsoft Works 2007-09-29 18:36 --------- d-----w C:\Program Files\Fichiers communs\AOL 2007-09-29 18:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2007-09-29 18:12 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2007-09-29 18:12 --------- d-----w C:\Program Files\Fichiers communs\Real 2007-09-29 18:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2007-09-29 18:11 --------- d-----w C:\Program Files\CyberLink 2007-09-29 18:09 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Symantec 2007-09-29 18:09 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Symantec 2007-09-29 18:06 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys 2007-09-29 18:06 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\You've Got Pictures Screensaver 2007-09-29 18:06 --------- d-----w C:\Program Files\Viewpoint 2007-09-29 18:06 --------- d-----w C:\Program Files\Real . ((((((((((((((((((((((((((((( snapshot@2007-11-25_ 6.58.55.26 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-21 01:05:46 71,749 ----a-w C:\WINDOWS\AU_Temp\1\27\hcextoutput.dll + 2007-11-21 01:05:46 267,845 ----a-w C:\WINDOWS\AU_Temp\1\27\tsc.exe + 2005-11-09 19:05:12 86,094 ----a-w C:\WINDOWS\AU_Temp\2\4\BPMNT.dll + 2007-06-12 17:49:28 1,163,344 ----a-w C:\WINDOWS\AU_Temp\2\4\vsapi32.dll + 1999-07-23 09:53:20 129,536 ----a-w C:\WINDOWS\AuHCcup1.dll + 2007-11-29 13:02:14 61,440 ----a-r C:\WINDOWS\Installer\{BDF62CC9-FE60-4F9D-8194-8EB7E6E1412D}\helpicon.exe + 2007-11-29 13:02:14 32,768 ----a-r C:\WINDOWS\Installer\{BDF62CC9-FE60-4F9D-8194-8EB7E6E1412D}\maintenance_icon.exe + 2007-11-29 13:02:14 22,486 ----a-r C:\WINDOWS\Installer\{BDF62CC9-FE60-4F9D-8194-8EB7E6E1412D}\register_icon.exe + 2007-11-29 13:02:14 57,344 ----a-r C:\WINDOWS\Installer\{BDF62CC9-FE60-4F9D-8194-8EB7E6E1412D}\texticon.exe + 2002-10-15 13:29:40 77,824 ----a-w C:\WINDOWS\loadhttp.dll + 2001-12-14 12:34:46 164,864 ----a-w C:\WINDOWS\patchw32.dll + 2005-11-02 17:07:12 99,328 ----a-w C:\WINDOWS\runtsckl.exe - 2007-09-24 20:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe + 2007-09-24 21:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe - 2007-09-24 20:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe + 2007-09-24 21:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe - 2007-09-24 21:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe + 2007-09-24 22:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe - 2004-08-05 12:00:00 112,128 ----a-w C:\WINDOWS\system32\mapi32.dll + 2004-03-31 12:28:00 131,072 ----a-w C:\WINDOWS\system32\mapi32.dll - 2002-01-05 13:48:16 974,848 ----a-w C:\WINDOWS\system32\mfc70.dll + 2002-01-05 02:48:16 974,848 ----a-w C:\WINDOWS\system32\mfc70.dll + 2002-01-05 02:36:38 964,608 ----a-w C:\WINDOWS\system32\mfc70u.dll - 2003-03-18 19:20:00 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll + 2003-03-18 20:20:00 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll - 2003-03-18 19:12:12 1,047,552 ----a-w C:\WINDOWS\system32\MFC71u.dll + 2003-03-18 20:12:12 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll - 2002-01-05 01:38:38 54,784 ----a-w C:\WINDOWS\system32\msvci70.dll + 2002-01-05 02:38:38 54,784 ----a-w C:\WINDOWS\system32\msvci70.dll - 2002-01-05 11:40:18 487,424 ------w C:\WINDOWS\system32\MSVCP70.DLL + 2002-01-05 02:40:20 487,424 ----a-w C:\WINDOWS\system32\msvcp70.dll - 2003-03-18 18:14:52 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll + 2003-03-18 19:14:52 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll - 2002-01-05 11:37:26 344,064 ------w C:\WINDOWS\system32\MSVCR70.DLL + 2002-01-05 01:37:28 344,064 ----a-w C:\WINDOWS\system32\msvcr70.dll - 2003-02-21 02:42:22 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll + 2003-02-21 03:42:22 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll + 2006-01-26 19:19:52 73,728 ----a-w C:\WINDOWS\system32\sockspy.dll + 2004-09-02 22:18:20 114,688 ----a-w C:\WINDOWS\system32\WLANUTL.dll + 2006-08-22 15:08:52 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll + 2007-01-31 13:50:32 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll + 2007-11-29 08:32:35 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_384.dat + 2007-11-29 08:32:29 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_50c.dat + 2004-09-16 15:24:44 159,744 ----a-w C:\WINDOWS\UninstWiFi.exe . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CEDDA62D-5FBE-4AB2-AE2E-5E069F444444}"= C:\Program Files\Dico TV5\MDTV5TB.dll [2007-09-11 17:19 802816] [HKEY_CLASSES_ROOT\clsid\{cedda62d-5fbe-4ab2-ae2e-5e069f444444}] [HKEY_CLASSES_ROOT\MDTV5Tb.IEToolBar.1] [HKEY_CLASSES_ROOT\TypeLib\{43C9998B-DB65-4F03-8C57-BBF146CCCCCC}] [HKEY_CLASSES_ROOT\MDTV5Tb.IEToolBar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-08 06:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-03-05 11:26 C:\WINDOWS\system32\nwiz.exe] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 19:04 C:\WINDOWS\SOUNDMAN.EXE] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10] "Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-08-27 18:22] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-11-10 16:06] "PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [2006-02-10 15:02] "PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-02-16 14:37] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 17:19] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 17:57] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 17:51] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-29 19:12] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-04-02 16:48] "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=sockspy.dll *Newly Created Service* - BDFDLL *Newly Created Service* - BDSS *Newly Created Service* - LIVESRV *Newly Created Service* - VSSERV *Newly Created Service* - XCOMM . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-29 14:25:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-29 14:29:27 C:\ComboFix2.txt ... 2007-11-29 09:35 C:\ComboFix3.txt ... 2007-11-29 09:24 . --- E O F ---

Bonjour Bruce Lee voici mon rapport: ComboFix 07-11-19.4C - Pierre 2007-11-29 9:32:57.7 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.172 [GMT 1:00] Running from: C:\Documents and Settings\Pierre\Bureau\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-29 )))))))))))))))))))))))))))))))))))) . 2007-11-28 14:30 <REP> d-------- C:\Program Files\SAGEM 2007-11-28 13:55 61,440 --a------ C:\WINDOWS\system32\W32N50.dll 2007-11-28 13:55 16,292 --a------ C:\WINDOWS\system32\PCANDIS5.SYS 2007-11-27 18:19 <REP> d-------- C:\Program Files\Navilog1 2007-11-27 13:59 <REP> d-------- C:\Program Files\a-squared Free 2007-11-27 10:36 <REP> d-------- C:\WINDOWS\AU_Backup 2007-11-27 10:36 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-11-27 10:06 <REP> d-------- C:\WINDOWS\AU_Temp 2007-11-27 10:06 <REP> d-------- C:\WINDOWS\AU_Log 2007-11-27 10:06 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-11-27 09:50 143 --a------ C:\WINDOWS\system32\mcrh.tmp 2007-11-27 08:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-11-26 21:27 780,815 ---hs---- C:\WINDOWS\system32\kduqhkut.ini 2007-11-26 21:24 80,960 --a------ C:\WINDOWS\system32\itxlcfod.dll 2007-11-26 13:55 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-11-26 13:55 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2007-11-26 13:55 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-11-26 13:55 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-11-26 13:55 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-11-26 13:55 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-11-26 13:55 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-11-26 13:55 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-11-26 13:29 4,492 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-26 11:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-25 15:39 <REP> d-------- C:\Program Files\LimeWire 2007-11-25 15:37 <REP> d-------- C:\Documents and Settings\Pierre\.limewire 2007-11-24 21:53 <REP> d-------- C:\VundoFix Backups 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Bureau 2007-11-24 15:54 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver 2007-11-24 15:54 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec 2007-11-24 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-11-24 08:26 <REP> d-------- C:\Program Files\Lavasoft 2007-11-24 08:26 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Lavasoft 2007-11-23 17:07 <REP> d-------- C:\Program Files\Fichiers communs\SWF Studio 2007-11-23 16:39 <REP> d-------- C:\PROGRAMME 2007-11-23 14:15 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll 2007-11-23 14:12 37,376 --a------ C:\WINDOWS\system32\ljjighh.dll.vir 2007-11-23 14:10 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-11-23 14:00 <REP> d-------- C:\Multimedia Files 2007-11-23 13:15 <REP> d-------- C:\Program Files\cyberlab GmbH 2007-11-21 13:03 <REP> d-------- C:\Program Files\Dico TV5 2007-11-19 08:08 <REP> d-------- C:\Program Files\VoipBuster.com 2007-11-16 09:48 <REP> d-------- C:\Program Files\Free Audio Pack 2007-11-16 09:48 516,173 --a------ C:\WINDOWS\system32\MSVCP60D.DLL 2007-11-16 09:48 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX 2007-11-16 09:48 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL 2007-11-16 09:23 <REP> d-------- C:\Program Files\Audacity 2007-11-10 06:50 <REP> d-------- C:\WINDOWS\SHELLNEW 2007-11-10 06:50 <REP> d-------- C:\Program Files\Microsoft.NET 2007-11-10 06:48 <REP> dr-h----- C:\MSOCache 2007-10-31 09:51 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Canon 2007-10-30 15:58 <REP> d-------- C:\WINDOWS\$regcmp$ 2007-10-30 15:33 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Netscape . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-29 06:54 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-27 09:36 86,094 ----a-w C:\WINDOWS\BPMNT.dll 2007-11-27 09:36 71,749 ----a-w C:\WINDOWS\hcextoutput.dll 2007-11-27 09:36 267,845 ----a-w C:\WINDOWS\tsc.exe 2007-11-27 09:06 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL 2007-11-27 09:06 286,720 ----a-w C:\WINDOWS\PATCH.EXE 2007-11-26 18:11 --------- d-----w C:\Program Files\Java 2007-11-25 21:54 --------- d-----w C:\Program Files\eMule 2007-11-25 19:06 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Skype 2007-11-10 21:05 --------- d-----w C:\Program Files\Google 2007-11-10 18:36 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Ulead Systems 2007-10-25 17:13 --------- d-----w C:\Program Files\Convar 2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll 2007-10-18 16:00 --------- d-----w C:\Program Files\Registry Clean Expert 2007-10-18 15:57 --------- d-----w C:\Program Files\UltraDefrag 2007-10-14 05:34 --------- d-----w C:\Program Files\Wondershare 2007-10-13 18:10 --------- d-----w C:\Program Files\GeoVid 2007-10-13 18:10 --------- d-----w C:\Documents and Settings\Pierre\Application Data\GeoVid 2007-10-13 16:22 --------- d-----w C:\Program Files\Fichiers communs\GeoVid 2007-10-11 16:31 --------- d-----w C:\Program Files\Picasa2 2007-10-11 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime 2007-10-10 14:22 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Ahead 2007-10-08 11:00 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2007-10-08 10:59 --------- d-----w C:\Program Files\Logitech 2007-10-08 07:40 --------- d-----w C:\Program Files\DivX 2007-10-08 07:36 --------- d-----w C:\Program Files\Pinnacle 2007-10-08 07:36 --------- d-----w C:\Program Files\Microsoft SQL Server 2007-10-08 07:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle 2007-10-08 06:41 --------- d-----w C:\Program Files\Executive Software 2007-10-08 06:37 --------- d-----w C:\Program Files\Ahead 2007-10-08 06:32 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2007-10-08 06:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead 2007-10-08 06:25 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ArcSoft 2007-10-08 06:24 --------- d-----w C:\Program Files\Canon 2007-10-08 06:23 --------- d-----w C:\Program Files\ScanSoft 2007-10-08 06:23 --------- d-----w C:\Program Files\Fichiers communs\ScanSoft Shared 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ScanSoft 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanWizard 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir 2007-10-08 06:22 --------- d-----w C:\Program Files\ArcSoft 2007-10-07 15:37 --------- d-----w C:\Program Files\Skype 2007-10-07 15:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2007-10-07 08:16 --------- d-----w C:\Documents and Settings\Pierre\Application Data\vmntoolbar 2007-10-05 08:08 --------- d-----w C:\Program Files\Popims 2007-10-04 14:44 --------- d-----w C:\Program Files\XnView 2007-10-04 06:43 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems 2007-10-04 06:41 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ACD Systems 2007-10-03 12:04 --------- d-----w C:\Program Files\Seagrand 2007-10-03 11:58 --------- d-----w C:\Program Files\Tacmi 2007-10-03 11:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-10-03 11:28 --------- d-----w C:\Documents and Settings\Pierre\Application Data\AdobeUM 2007-10-03 06:30 --------- d-----w C:\Program Files\Beneton Software 2007-10-03 06:21 --------- d-----w C:\Program Files\Visicom Media 2007-10-02 17:36 --------- d-----w C:\Program Files\vmntoolbar 2007-10-02 16:45 --------- d-----w C:\Program Files\Image Converter and Editor 2007-10-02 11:13 --------- d-----w C:\Program Files\VirtualDub 2007-10-02 11:07 --------- d-----w C:\Documents and Settings\Pierre\Application Data\STOIK 2007-10-02 10:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2007-10-02 10:45 --------- d-----w C:\Program Files\Ulead Systems 2007-10-02 10:45 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2007-10-02 07:22 --------- d-----w C:\Program Files\Crawler 2007-10-02 07:10 --------- d-----w C:\Program Files\directx 2007-10-02 07:06 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2007-10-02 06:39 --------- d-----w C:\Program Files\AVSMedia 2007-10-01 12:21 --------- d-----w C:\Program Files\Maïdo Production 2007-10-01 11:23 --------- d-----w C:\Program Files\Beneton Movie GIF 2007-10-01 08:35 --------- d-----w C:\Documents and Settings\Pierre\Application Data\XnView 2007-10-01 07:59 --------- d-----w C:\Program Files\AnmSMP 2007-10-01 06:29 --------- d-----w C:\Program Files\RADVideo 2007-10-01 06:22 --------- d-----w C:\Program Files\Video mp3 Extractor 2007-10-01 06:19 --------- d-----w C:\Program Files\K-Lite Codec Pack 2007-10-01 06:13 --------- d-----w C:\Program Files\MSN Messenger 2007-10-01 06:05 --------- d-----w C:\Program Files\VS Revo Group 2007-10-01 05:45 --------- d-----w C:\Program Files\Free History Eraser 2007-10-01 05:23 --------- d-----w C:\Program Files\VirtualDubMOD 2007-10-01 05:22 --------- d-----w C:\Program Files\Media Player Classic 2007-10-01 05:22 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Media Player Classic 2007-10-01 05:21 --------- d-----w C:\Program Files\CDex 2007-10-01 05:18 --------- d-----w C:\Program Files\CCleaner 2007-09-30 16:03 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-09-30 09:46 --------- d-----w C:\Program Files\PhotoFiltre Studio 2007-09-30 09:46 --------- d-----w C:\Program Files\MSXML 4.0 2007-09-30 03:37 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Uniblue 2007-09-30 03:24 --------- d-----w C:\Program Files\IncrediMail 2007-09-30 03:16 --------- d-----w C:\Program Files\Alwil Software 2007-09-29 18:53 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2007-09-29 18:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2007-09-29 18:45 --------- d-----w C:\Program Files\Microsoft Works 2007-09-29 18:36 --------- d-----w C:\Program Files\Fichiers communs\AOL 2007-09-29 18:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2007-09-29 18:12 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2007-09-29 18:12 --------- d-----w C:\Program Files\Fichiers communs\Real 2007-09-29 18:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2007-09-29 18:11 --------- d-----w C:\Program Files\CyberLink 2007-09-29 18:09 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Symantec 2007-09-29 18:09 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Symantec 2007-09-29 18:06 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys 2007-09-29 18:06 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\You've Got Pictures Screensaver 2007-09-29 18:06 --------- d-----w C:\Program Files\Viewpoint 2007-09-29 18:06 --------- d-----w C:\Program Files\Real . ((((((((((((((((((((((((((((( snapshot@2007-11-25_ 6.58.55.26 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-21 01:05:46 71,749 ----a-w C:\WINDOWS\AU_Temp\1\27\hcextoutput.dll + 2007-11-21 01:05:46 267,845 ----a-w C:\WINDOWS\AU_Temp\1\27\tsc.exe + 2005-11-09 19:05:12 86,094 ----a-w C:\WINDOWS\AU_Temp\2\4\BPMNT.dll + 2007-06-12 17:49:28 1,163,344 ----a-w C:\WINDOWS\AU_Temp\2\4\vsapi32.dll + 1999-07-23 09:53:20 129,536 ----a-w C:\WINDOWS\AuHCcup1.dll + 2002-10-15 13:29:40 77,824 ----a-w C:\WINDOWS\loadhttp.dll + 2001-12-14 12:34:46 164,864 ----a-w C:\WINDOWS\patchw32.dll + 2005-11-02 17:07:12 99,328 ----a-w C:\WINDOWS\runtsckl.exe - 2007-09-24 20:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe + 2007-09-24 21:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe - 2007-09-24 20:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe + 2007-09-24 21:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe - 2007-09-24 21:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe + 2007-09-24 22:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe + 2004-09-02 22:18:20 114,688 ----a-w C:\WINDOWS\system32\WLANUTL.dll + 2007-11-29 08:32:35 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_384.dat + 2007-11-29 08:32:29 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_50c.dat + 2004-09-16 15:24:44 159,744 ----a-w C:\WINDOWS\UninstWiFi.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CEDDA62D-5FBE-4AB2-AE2E-5E069F444444}"= C:\Program Files\Dico TV5\MDTV5TB.dll [2007-09-11 17:19 802816] [HKEY_CLASSES_ROOT\clsid\{cedda62d-5fbe-4ab2-ae2e-5e069f444444}] [HKEY_CLASSES_ROOT\MDTV5Tb.IEToolBar.1] [HKEY_CLASSES_ROOT\TypeLib\{43C9998B-DB65-4F03-8C57-BBF146CCCCCC}] [HKEY_CLASSES_ROOT\MDTV5Tb.IEToolBar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-08 06:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-03-05 11:26 C:\WINDOWS\system32\nwiz.exe] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 19:04 C:\WINDOWS\SOUNDMAN.EXE] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10] "Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-08-27 18:22] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-11-10 16:06] "PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [2006-02-10 15:02] "PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-02-16 14:37] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 17:19] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 17:57] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 17:51] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-29 19:12] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) R0 SI3112r;ATI-437A Serial ATA Controller;C:\WINDOWS\system32\DRIVERS\SI3112r.sys R3 USB28xxBGA;PCTV Hybrid Pro* Stick;C:\WINDOWS\system32\DRIVERS\emBDA.sys R3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-29 09:34:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-29 9:35:15 C:\ComboFix2.txt ... 2007-11-29 09:24 C:\ComboFix3.txt ... 2007-11-27 12:09 . --- E O F ---

bonsoir je ne comprends pas bien la reponse de Bruce Lee par rapport a mon courrier de 10h03 a+

bonjour je reponds d'abord à ton courrier d'hier 15h00 car hier matin,seul comme un grand,j'ai trouvé sur le net,un log gratuit nommé " a.squaredFree " qui m'a fait un ménage musclé,en apparence mieux que AVG antispyware,,(ça peux t'interesser) Il n'empeche que je viens de faire ce que tu m'as demandé hier et voici le rapport hijack dans lequel_au vu d'une analyse en ligne_il apparait que la ligne: 04-HKLM/../RUN{HOST PROCESS}...est dangereuse,fichtre !! donc 1)que dois je faire avec cette ligne.. 2)dois je appliquer tes consignes suivantes pour achever la guérison ? Enfin j'espère ne pas t'avoir blessé en voyant un autre forum et ,si c'est le cas ,je te fais des excuses tres sincères mais je suis toujours tellement pressé !! voici le rapport et à bientot Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:38:35, on 28/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: {5d3ea2c3-a92f-7e79-2a94-971cfc32a479} - {974a23cf-c179-49a2-97e7-f29a3c2ae3d5} - C:\WINDOWS\system32\adjwyuvs.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\Dico TV5\MDTV5TB.dll O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [3c2481ff] rundll32.exe "C:\WINDOWS\system32\iidhruqy.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 9315 bytes

bonjour je reponds d'abord à ton courrier d'hier 15h00 car hier matin,seul comme un grand,j'ai trouvé sur le net,un log gratuit nommé " a.squaredFree " qui m'a fait un ménage musclé,en apparence mieux que AVG antispyware,,(ça peux t'interesser) Il n'empeche que je viens de faire ce que tu m'as demandé hier et voici le rapport hijack dans lequel_au vu d'une analyse en ligne_il apparait que la ligne: 04-HKLM/../RUN{HOST PROCESS}...est dangereuse,fichtre !! donc 1)que dois je faire avec cette ligne.. 2)dois je appliquer tes consignes suivantes pour achever la guérison ? Enfin j'espère ne pas t'avoir blessé en voyant un autre forum et ,si c'est le cas ,je te fais des excuses tres sincères mais je suis toujours tellement pressé !! voici le rapport et à bientot Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:38:35, on 28/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: {5d3ea2c3-a92f-7e79-2a94-971cfc32a479} - {974a23cf-c179-49a2-97e7-f29a3c2ae3d5} - C:\WINDOWS\system32\adjwyuvs.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\Dico TV5\MDTV5TB.dll O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [3c2481ff] rundll32.exe "C:\WINDOWS\system32\iidhruqy.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 9315 bytes

bonjour tout avait l'air de bien marcher et bien non voici le rapport du scan avec anivir en mode sans échec puis un hitjack 1 rapport) AntiVir PersonalEdition Classic Report file date: lundi 26 novembre 2007 08:24 Scanning for 941961 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Pierre Computer name: SN045612320243 Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55 ANTIVIR2.VDF : 7.0.1.0 1393152 Bytes 23/11/2007 06:19:30 ANTIVIR3.VDF : 7.0.1.5 21504 Bytes 25/11/2007 06:19:30 AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 26/11/2007 06:19:30 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: lundi 26 novembre 2007 08:24 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '41' files ). Starting the file scan: Begin scan in 'C:\' <HDD> C:\pagefile.sys [WARNING] The file could not be opened! C:\qoobox\Quarantine\catchme2007-11-25_ 65804.35.zip [0] Archive type: ZIP --> mllmm.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [iNFO] The file was moved to '47be7b71.qua'! C:\qoobox\Quarantine\C\WINDOWS\system32\awtqq.dll.vir [DETECTION] Is the Trojan horse TR/Vundo.Gen [iNFO] The file was moved to '47be7b8c.qua'! C:\qoobox\Quarantine\C\WINDOWS\system32\mllmm.dll.vir [DETECTION] Is the Trojan horse TR/Trash.Gen [iNFO] The file was moved to '47b67b85.qua'! C:\qoobox\Quarantine\C\WINDOWS\system32\pmnlm.dll.vir [DETECTION] Is the Trojan horse TR/Vundo.Gen [iNFO] The file was moved to '47b87b8c.qua'! C:\WINDOWS\system32\ddabc.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003 [WARNING] The file could not be deleted! End of the scan: lundi 26 novembre 2007 08:59 Used time: 35:12 min The scan has been done completely. 5974 Scanning directories 344546 Files were scanned 5 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 4 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 344541 Files not concerned 7284 Archives were scanned 4 Warnings 0 Notes 2)hitjack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:07:49, on 26/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\PROGRA~1\INCRED~1\bin\ImApp.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {3A2224A0-B114-4491-9305-FD0E4B55FA1E} - C:\WINDOWS\system32\ljjighh.dll O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: {26acbb9e-008f-4bbb-4cb4-fc8e8ea6d6e7} - {7e6d6ae8-e8cf-4bc4-bbb4-f800e9bbca62} - C:\WINDOWS\system32\siwswbro.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: (no name) - {EA1D5C87-3185-4E0C-BAAC-E7071BE44962} - C:\WINDOWS\system32\ddabc.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\Dico TV5\MDTV5TB.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab O20 - Winlogon Notify: ljjighh - C:\WINDOWS\SYSTEM32\ljjighh.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 10141 bytes Au secours !!et mille mercis pour ton aide précieuse

bonsoir voici les deux rapports demandés 1)Combofix ComboFix 07-11-19.3 - Pierre 2007-11-25 20:11:46.4 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.78 [GMT 1:00] Running from: C:\Documents and Settings\Pierre\Bureau\combofix.exe Command switches used :: /v ljjighh . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\awtqq.dll C:\WINDOWS\system32\mlnmp.ini C:\WINDOWS\system32\mlnmp.ini2 C:\WINDOWS\system32\pmnlm.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-25 to 2007-11-25 )))))))))))))))))))))))))))))))))))) . 2007-11-25 15:39 <REP> d-------- C:\Program Files\LimeWire 2007-11-25 15:37 <REP> d-------- C:\Documents and Settings\Pierre\.limewire 2007-11-25 11:53 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-11-25 11:53 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-11-25 11:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-11-25 11:52 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-11-25 11:52 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2007-11-25 11:52 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-11-25 11:52 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-11-25 11:52 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-11-24 21:53 <REP> d-------- C:\VundoFix Backups 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-24 15:54 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris 2007-11-24 15:54 <REP> dr------- C:\Documents and Settings\Administrateur\Bureau 2007-11-24 15:54 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver 2007-11-24 15:54 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec 2007-11-24 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-11-24 12:55 120 --a------ C:\n.bat 2007-11-24 12:54 2,395 --a------ C:\Documents and Settings\Pierre\x.dat 2007-11-24 12:54 285 --a------ C:\Documents and Settings\Pierre\z.dat 2007-11-24 12:54 0 --a------ C:\z.dat 2007-11-24 12:54 0 --a------ C:\x.dat 2007-11-24 08:26 <REP> d-------- C:\Program Files\Lavasoft 2007-11-24 08:26 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Lavasoft 2007-11-24 08:25 776,012 ---hs---- C:\WINDOWS\system32\xfjljmdf.ini 2007-11-23 17:07 <REP> d-------- C:\Program Files\Fichiers communs\SWF Studio 2007-11-23 16:39 <REP> d-------- C:\PROGRAMME 2007-11-23 14:15 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll 2007-11-23 14:10 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-11-23 14:00 <REP> d-------- C:\Multimedia Files 2007-11-23 13:15 <REP> d-------- C:\Program Files\cyberlab GmbH 2007-11-23 13:15 297,472 --a------ C:\WINDOWS\uninst.exe 2007-11-21 13:03 <REP> d-------- C:\Program Files\Dico TV5 2007-11-19 08:08 <REP> d-------- C:\Program Files\VoipBuster.com 2007-11-16 09:48 <REP> d-------- C:\Program Files\Free Audio Pack 2007-11-16 09:48 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX 2007-11-16 09:48 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL 2007-11-16 09:23 <REP> d-------- C:\Program Files\Audacity 2007-11-10 06:50 <REP> d-------- C:\WINDOWS\SHELLNEW 2007-11-10 06:50 <REP> d-------- C:\Program Files\Microsoft.NET 2007-11-10 06:48 <REP> dr-h----- C:\MSOCache 2007-10-31 09:51 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Canon 2007-10-30 15:58 <REP> d-------- C:\WINDOWS\$regcmp$ 2007-10-30 15:33 <REP> d-------- C:\Program Files\Photodex Presenter 2007-10-30 15:33 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Netscape 2007-10-25 18:13 <REP> d-------- C:\Program Files\Convar 2007-10-25 18:13 516,784 -ra------ C:\WINDOWS\system32\XceedCry.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-25 19:06 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Skype 2007-11-25 17:13 --------- d-----w C:\Program Files\eMule 2007-11-10 21:05 --------- d-----w C:\Program Files\Google 2007-11-10 18:36 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Ulead Systems 2007-10-25 17:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-18 16:00 --------- d-----w C:\Program Files\Registry Clean Expert 2007-10-18 15:57 --------- d-----w C:\Program Files\UltraDefrag 2007-10-14 05:34 --------- d-----w C:\Program Files\Wondershare 2007-10-13 18:10 --------- d-----w C:\Program Files\GeoVid 2007-10-13 18:10 --------- d-----w C:\Documents and Settings\Pierre\Application Data\GeoVid 2007-10-13 16:22 --------- d-----w C:\Program Files\Fichiers communs\GeoVid 2007-10-11 16:31 --------- d-----w C:\Program Files\Picasa2 2007-10-11 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime 2007-10-10 14:22 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Ahead 2007-10-08 11:00 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2007-10-08 10:59 --------- d-----w C:\Program Files\Logitech 2007-10-08 10:08 --------- d-----w C:\Program Files\Java 2007-10-08 07:40 --------- d-----w C:\Program Files\DivX 2007-10-08 07:36 --------- d-----w C:\Program Files\Pinnacle 2007-10-08 07:36 --------- d-----w C:\Program Files\Microsoft SQL Server 2007-10-08 07:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle 2007-10-08 06:41 --------- d-----w C:\Program Files\Executive Software 2007-10-08 06:37 --------- d-----w C:\Program Files\Ahead 2007-10-08 06:32 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2007-10-08 06:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead 2007-10-08 06:25 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ArcSoft 2007-10-08 06:24 --------- d-----w C:\Program Files\Canon 2007-10-08 06:23 --------- d-----w C:\Program Files\ScanSoft 2007-10-08 06:23 --------- d-----w C:\Program Files\Fichiers communs\ScanSoft Shared 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ScanSoft 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanWizard 2007-10-08 06:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir 2007-10-08 06:22 --------- d-----w C:\Program Files\ArcSoft 2007-10-07 15:37 --------- d-----w C:\Program Files\Skype 2007-10-07 15:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2007-10-07 08:16 --------- d-----w C:\Documents and Settings\Pierre\Application Data\vmntoolbar 2007-10-05 08:08 --------- d-----w C:\Program Files\Popims 2007-10-04 14:44 --------- d-----w C:\Program Files\XnView 2007-10-04 06:43 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems 2007-10-04 06:41 --------- d-----w C:\Documents and Settings\Pierre\Application Data\ACD Systems 2007-10-03 12:04 --------- d-----w C:\Program Files\Seagrand 2007-10-03 11:58 --------- d-----w C:\Program Files\Tacmi 2007-10-03 11:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-10-03 11:28 --------- d-----w C:\Documents and Settings\Pierre\Application Data\AdobeUM 2007-10-03 06:30 --------- d-----w C:\Program Files\Beneton Software 2007-10-03 06:21 --------- d-----w C:\Program Files\Visicom Media 2007-10-02 17:36 --------- d-----w C:\Program Files\vmntoolbar 2007-10-02 16:45 --------- d-----w C:\Program Files\Image Converter and Editor 2007-10-02 11:13 --------- d-----w C:\Program Files\VirtualDub 2007-10-02 11:07 --------- d-----w C:\Documents and Settings\Pierre\Application Data\STOIK 2007-10-02 10:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2007-10-02 10:45 --------- d-----w C:\Program Files\Ulead Systems 2007-10-02 10:45 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2007-10-02 10:29 551 ---ha-w C:\os466477.bin 2007-10-02 07:22 --------- d-----w C:\Program Files\Crawler 2007-10-02 07:10 --------- d-----w C:\Program Files\directx 2007-10-02 07:06 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2007-10-02 07:03 578 ---ha-w C:\os357577.bin 2007-10-02 06:39 --------- d-----w C:\Program Files\AVSMedia 2007-10-01 12:21 --------- d-----w C:\Program Files\Maïdo Production 2007-10-01 11:23 --------- d-----w C:\Program Files\Beneton Movie GIF 2007-10-01 08:35 --------- d-----w C:\Documents and Settings\Pierre\Application Data\XnView 2007-10-01 07:59 --------- d-----w C:\Program Files\AnmSMP 2007-10-01 06:29 --------- d-----w C:\Program Files\RADVideo 2007-10-01 06:22 --------- d-----w C:\Program Files\Video mp3 Extractor 2007-10-01 06:19 --------- d-----w C:\Program Files\K-Lite Codec Pack 2007-10-01 06:13 --------- d-----w C:\Program Files\MSN Messenger 2007-10-01 06:05 --------- d-----w C:\Program Files\VS Revo Group 2007-10-01 05:45 --------- d-----w C:\Program Files\Free History Eraser 2007-10-01 05:23 --------- d-----w C:\Program Files\VirtualDubMOD 2007-10-01 05:22 --------- d-----w C:\Program Files\Media Player Classic 2007-10-01 05:22 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Media Player Classic 2007-10-01 05:21 --------- d-----w C:\Program Files\CDex 2007-10-01 05:18 --------- d-----w C:\Program Files\CCleaner 2007-09-30 16:03 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-09-30 09:46 --------- d-----w C:\Program Files\PhotoFiltre Studio 2007-09-30 09:46 --------- d-----w C:\Program Files\MSXML 4.0 2007-09-30 03:37 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Uniblue 2007-09-30 03:24 --------- d-----w C:\Program Files\IncrediMail 2007-09-30 03:16 --------- d-----w C:\Program Files\Alwil Software 2007-09-30 02:59 --------- d-----w C:\Program Files\SAGEM 2007-09-29 18:53 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2007-09-29 18:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2007-09-29 18:45 --------- d-----w C:\Program Files\Microsoft Works 2007-09-29 18:36 --------- d-----w C:\Program Files\Fichiers communs\AOL 2007-09-29 18:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2007-09-29 18:12 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2007-09-29 18:12 --------- d-----w C:\Program Files\Fichiers communs\Real 2007-09-29 18:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2007-09-29 18:11 --------- d-----w C:\Program Files\Dynamic Toolbar 2007-09-29 18:11 --------- d-----w C:\Program Files\CyberLink 2007-09-29 18:09 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Symantec 2007-09-29 18:06 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys 2007-09-29 18:06 --------- d-----w C:\Program Files\Viewpoint 2007-09-29 18:06 --------- d-----w C:\Program Files\Real 2007-09-29 18:06 --------- d-----w C:\Program Files\QuickTime 2007-09-29 18:06 --------- d-----w C:\Program Files\Learn2.com 2007-09-29 18:06 --------- d-----w C:\Program Files\Fichiers communs\Nullsoft 2007-09-29 18:06 --------- d-----w C:\Program Files\Fichiers communs\aolshare 2007-09-29 18:06 --------- d-----w C:\Documents and Settings\Pierre\Application Data\You've Got Pictures Screensaver . ((((((((((((((((((((((((((((( snapshot@2007-11-25_ 6.58.55.26 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-25 19:15:19 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_534.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3A2224A0-B114-4491-9305-FD0E4B55FA1E}] 2007-11-23 14:12 37376 --a------ C:\WINDOWS\system32\ljjighh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7e6d6ae8-e8cf-4bc4-bbb4-f800e9bbca62}] C:\WINDOWS\system32\siwswbro.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CEDDA62D-5FBE-4AB2-AE2E-5E069F444444}"= C:\Program Files\Dico TV5\MDTV5TB.dll [2007-09-11 17:19 802816] [HKEY_CLASSES_ROOT\clsid\{cedda62d-5fbe-4ab2-ae2e-5e069f444444}] [HKEY_CLASSES_ROOT\MDTV5Tb.IEToolBar.1] [HKEY_CLASSES_ROOT\TypeLib\{43C9998B-DB65-4F03-8C57-BBF146CCCCCC}] [HKEY_CLASSES_ROOT\MDTV5Tb.IEToolBar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-03-01 16:01] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-08 06:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-03-05 11:26 C:\WINDOWS\system32\nwiz.exe] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 19:04 C:\WINDOWS\SOUNDMAN.EXE] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10] "Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-08-27 18:22] "Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 19:01] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-12-05 11:25] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-11-10 16:06] "PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [2006-02-10 15:02] "PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-02-16 14:37] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 17:19] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 17:57] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 17:51] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-29 19:06] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-29 19:12] "Host Process"="C:\WINDOWS\Fonts\svchost.exe" [] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{3A2224A0-B114-4491-9305-FD0E4B55FA1E}"= C:\WINDOWS\system32\ljjighh.dll [2007-11-23 14:12 37376] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljjighh] ljjighh.dll 2007-11-23 14:12 37376 C:\WINDOWS\system32\ljjighh.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmnlm.dll . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-25 20:15:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-25 20:16:55 - machine was rebooted C:\ComboFix2.txt ... 2007-11-25 11:26 C:\ComboFix3.txt ... 2007-11-25 06:59 . --- E O F --- 2)hitjak Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:24:23, on 25/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\PROGRA~1\INCRED~1\bin\ImApp.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {3A2224A0-B114-4491-9305-FD0E4B55FA1E} - C:\WINDOWS\system32\ljjighh.dll O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: {26acbb9e-008f-4bbb-4cb4-fc8e8ea6d6e7} - {7e6d6ae8-e8cf-4bc4-bbb4-f800e9bbca62} - C:\WINDOWS\system32\siwswbro.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: TV5 - Dictionnaires - {CEDDA62D-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\Dico TV5\MDTV5TB.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab O20 - Winlogon Notify: ljjighh - C:\WINDOWS\SYSTEM32\ljjighh.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 10071 bytes