Nikki13

Salut Thanos, En fait le PC ne tourne plus correctement. Plusieurs problemes apparaissent. Le PC gele, Firexfox gele, Foxmail n'envoie plus de message a cause du port 465 souvent ou impossible de se connecter au serveur. Meme probleme sans firewall. Bref ca marche plus. Penses tu que lorsque j'aurais mis une nouvelle barette tout ces souccis vont disparaitre? A part Foxmail. Merci N.

Salut Thanos, Mon probleme de gele vient tres regulierement lorsque j'utilise notes, mais il vient aussi quand je suis sur internet. Oui j'ai installe Serv-U y'a pas mal de temps Voici le rapport de DiagHelp DiagHelp version v1.4 - http://www.malekal.com excute le 22/04/2008 à 21:17:44,29 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch E:\WINDOWS\prefetch\HPSWP_CLIPBOOK.EXE-2EC6F904.pf -->22/04/2008 20:57:44 E:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->22/04/2008 20:57:36 E:\WINDOWS\prefetch\FIND.EXE-0EEAD1A7.pf -->22/04/2008 20:57:24 E:\WINDOWS\prefetch\NTVDM.EXE-0A81AB7B.pf -->22/04/2008 20:57:22 E:\WINDOWS\prefetch\GZIP.EXE-205CC49E.pf -->22/04/2008 20:57:17 E:\WINDOWS\prefetch\SORT.EXE-19728AC5.pf -->22/04/2008 20:57:12 E:\WINDOWS\prefetch\REG.EXE-07FA5B3F.pf -->22/04/2008 20:56:34 E:\WINDOWS\prefetch\KPROCCHECK.EXE-143C177D.pf -->22/04/2008 20:56:30 E:\WINDOWS\prefetch\ASSIST.EXE-08DB5DB1.pf -->22/04/2008 20:56:19 E:\WINDOWS\prefetch\CATCHME.EXE-145E96DB.pf -->22/04/2008 20:55:59 E:\WINDOWS\System32\drivers\fwdrv.err -->21/04/2008 20:36:32 E:\WINDOWS\System32\drivers\vinyl97.sys -->27/06/2007 15:42:00 E:\WINDOWS\System32\drivers\khips.sys -->26/04/2007 10:21:34 E:\WINDOWS\System32\drivers\fwdrv.sys -->26/04/2007 10:21:30 E:\WINDOWS\System32\drivers\HPZius12.sys -->08/03/2007 06:20:50 E:\WINDOWS\System32\drivers\HPZipr12.sys -->08/03/2007 06:20:49 E:\WINDOWS\System32\drivers\HPZid412.sys -->08/03/2007 06:20:48 E:\WINDOWS\System32\mapisvc.inf -->08/09/2019 20:15:34 E:\WINDOWS\System32\nvapps.xml -->22/04/2008 21:16:56 E:\WINDOWS\System32\PerfStringBackup.INI -->22/04/2008 20:53:55 E:\WINDOWS\System32\perfh00C.dat -->22/04/2008 20:53:55 E:\WINDOWS\System32\perfh009.dat -->22/04/2008 20:53:55 E:\WINDOWS\System32\perfc00C.dat -->22/04/2008 20:53:55 E:\WINDOWS\System32\perfc009.dat -->22/04/2008 20:53:55 E:\WINDOWS\System32\wpa.dbl -->22/04/2008 20:42:13 E:\WINDOWS\System32\tmp.txt -->15/04/2008 19:43:18 E:\WINDOWS\System32\tmp.reg -->15/04/2008 19:43:18 E:\WINDOWS\System32\VACFix.exe -->12/04/2008 17:34:59 E:\WINDOWS\System32\IEDFix.exe -->12/04/2008 13:49:05 E:\WINDOWS\System32\LegitCheckControl.DLL -->20/03/2008 18:06:36 E:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->14/03/2008 11:15:54 E:\WINDOWS\System32\TEST.log -->24/02/2008 10:31:46 E:\WINDOWS\System32\SENT.log -->24/02/2008 10:28:48 E:\WINDOWS\System32\RECV.log -->24/02/2008 10:28:48 E:\WINDOWS\System32\javaws.exe -->22/02/2008 03:33:32 E:\WINDOWS\System32\javacpl.cpl -->22/02/2008 03:33:31 E:\WINDOWS\System32\javaw.exe -->22/02/2008 02:23:39 E:\WINDOWS\System32\java.exe -->22/02/2008 02:23:35 E:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->29/01/2008 21:01:24 E:\WINDOWS\System32\QuickTimeVR.qtx -->11/12/2007 11:57:06 E:\WINDOWS\System32\QuickTime.qts -->11/12/2007 11:57:06 E:\WINDOWS\System32\GDIPFONTCACHEV1.DAT -->23/11/2007 00:05:11 E:\WINDOWS\0.log -->22/04/2008 21:17:19 E:\WINDOWS\wiadebug.log -->22/04/2008 21:17:10 E:\WINDOWS\wiaservc.log -->22/04/2008 21:17:09 E:\WINDOWS\bootstat.dat -->22/04/2008 21:16:48 E:\WINDOWS\WindowsUpdate.log -->22/04/2008 20:49:56 E:\WINDOWS\SchedLgU.Txt -->21/04/2008 20:15:45 E:\WINDOWS\setupapi.log -->19/04/2008 15:04:51 E:\WINDOWS\ntbtlog.txt -->17/04/2008 18:01:27 E:\WINDOWS\MEMORY.DMP -->16/04/2008 20:50:27 E:\WINDOWS\setupact.log -->14/04/2008 19:50:47 E:\WINDOWS\TSC.ini -->13/04/2008 18:03:27 E:\WINDOWS\tsc.ptn -->13/04/2008 18:02:42 E:\WINDOWS\tsc.exe -->13/04/2008 18:02:39 E:\WINDOWS\vsapi32.dll -->13/04/2008 18:02:37 E:\WINDOWS\HCExtOutput.dll -->13/04/2008 18:02:37 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1716 Command line: E:\WINDOWS\Explorer.EXE Base Size Version Path 0x01000000 0xf9000 6.00.2800.1106 E:\WINDOWS\Explorer.EXE 0x77be0000 0x53000 7.00.2600.1106 E:\WINDOWS\system32\msvcrt.dll 0x77290000 0x69000 6.00.2800.1584 E:\WINDOWS\system32\SHLWAPI.dll 0x4f500000 0x81f000 6.00.2800.1580 E:\WINDOWS\system32\SHELL32.dll 0x770e0000 0x8b000 3.50.5016.0000 E:\WINDOWS\system32\OLEAUT32.dll 0x71500000 0xfd000 6.00.2800.1584 E:\WINDOWS\System32\BROWSEUI.dll 0x71700000 0x149000 6.00.2800.1584 E:\WINDOWS\System32\SHDOCVW.dll 0x5b090000 0x34000 6.00.2800.1106 E:\WINDOWS\System32\UxTheme.dll 0x78090000 0xe4000 6.00.2800.1579 E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll 0x77300000 0x8b000 5.82.2800.1106 E:\WINDOWS\system32\comctl32.dll 0x7a170000 0x81000 2001.12.4414.0053 E:\WINDOWS\System32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0042 E:\WINDOWS\System32\COMRes.dll 0x5b950000 0x72000 6.00.2800.1106 E:\WINDOWS\System32\themeui.dll 0x71ca0000 0x1b000 6.00.2600.0000 E:\WINDOWS\System32\ACTXPRXY.DLL 0x1a400000 0x7b000 6.00.2800.1474 E:\WINDOWS\system32\urlmon.dll 0x76ac0000 0x15000 3.00.9435.0000 E:\WINDOWS\System32\ATL.DLL 0x745e0000 0x2c6000 3.01.4000.2435 E:\WINDOWS\System32\msi.dll 0x76be0000 0x2b000 5.131.2600.0000 E:\WINDOWS\System32\WINTRUST.dll 0x76250000 0x8a000 5.131.2600.1123 E:\WINDOWS\system32\CRYPT32.dll 0x76010000 0x61000 6.00.8972.0000 E:\WINDOWS\System32\MSVCP60.DLL 0x63000000 0x97000 6.00.2800.1468 E:\WINDOWS\system32\WININET.dll 0x10000000 0xb000 1.01.0000.0000 E:\Program Files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll 0x74aa0000 0x43000 6.00.2800.1106 E:\WINDOWS\System32\webcheck.dll 0x007f0000 0x7000 9.80.0019.0000 E:\Program Files\Logitech\MouseWare\System\LgWndHk.dll 0x74a60000 0x9000 6.00.2600.0000 E:\WINDOWS\System32\BatMeter.dll 0x74a40000 0x7000 6.00.2600.0000 E:\WINDOWS\System32\POWRPROF.dll 0x723a0000 0x13000 6.00.2800.1106 E:\WINDOWS\System32\browselc.dll 0x00a70000 0x10000 8.00.0000.0456 E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x02630000 0x9b000 8.00.50727.0163 E:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll 0x32520000 0x12000 10.00.2609.0000 E:\Program Files\Microsoft Office\Office10\msohev.dll 0x029e0000 0x4c000 8.00.0000.0000 E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x70ee0000 0x7000 1.01.0000.3917 E:\WINDOWS\System32\asfsipc.dll 0x60980000 0x7000 3.01.4000.1823 E:\WINDOWS\System32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.6626 E:\WINDOWS\System32\wshext.dll 0x76340000 0x46000 6.00.2800.1106 E:\WINDOWS\system32\comdlg32.dll 0x59000000 0xe000 5.06.0000.6626 E:\WINDOWS\System32\wshFR.DLL 0x365a0000 0x16000 10.00.6313.0000 E:\PROGRA~1\MICROS~2\Office10\MCPS.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 848 Command line: winlogon.exe Base Size Version Path 0x01000000 0x7c000 \??\E:\WINDOWS\system32\winlogon.exe 0x77be0000 0x53000 7.00.2600.1106 E:\WINDOWS\system32\msvcrt.dll 0x76250000 0x8a000 5.131.2600.1123 E:\WINDOWS\system32\CRYPT32.dll 0x4f500000 0x81f000 6.00.2800.1580 E:\WINDOWS\system32\SHELL32.dll 0x77290000 0x69000 6.00.2800.1584 E:\WINDOWS\system32\SHLWAPI.dll 0x77300000 0x8b000 5.82.2800.1106 E:\WINDOWS\system32\COMCTL32.dll 0x007b0000 0x32000 3.520.9042.0000 E:\WINDOWS\System32\ODBC32.dll 0x76340000 0x46000 6.00.2800.1106 E:\WINDOWS\system32\comdlg32.dll 0x78090000 0xe4000 6.00.2800.1579 E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll 0x1f850000 0x18000 3.520.7713.0000 E:\WINDOWS\System32\odbcint.dll 0x76b70000 0x20000 6.00.2800.1605 E:\WINDOWS\System32\SHSVCS.dll 0x76be0000 0x2b000 5.131.2600.0000 E:\WINDOWS\System32\WINTRUST.dll 0x5b090000 0x34000 6.00.2800.1106 E:\WINDOWS\System32\uxtheme.dll 0x77000000 0xd4000 2001.12.4414.0042 E:\WINDOWS\System32\COMRes.dll 0x770e0000 0x8b000 3.50.5016.0000 E:\WINDOWS\system32\OLEAUT32.dll 0x7a170000 0x81000 2001.12.4414.0053 E:\WINDOWS\System32\CLBCATQ.DLL Le volume dans le lecteur E n'a pas de nom. Le numéro de série du volume est 7C97-A538 Répertoire de E:\WINDOWS\system 10/09/1999 14:06 4 672 wowpost.exe 1 fichier(s) 4 672 octets 0 Rép(s) 6 893 674 496 octets libres Le volume dans le lecteur E n'a pas de nom. Le numéro de série du volume est 7C97-A538 Répertoire de E:\WINDOWS\system32 07/09/2002 02:00 4 096 csrss.exe 1 fichier(s) 4 096 octets 0 Rép(s) 6 893 674 496 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur E n'a pas de nom. Le numéro de série du volume est 7C97-A538 Répertoire de E:\WINDOWS\Downloaded Program Files 19/04/2008 15:04 <REP> . 19/04/2008 15:04 <REP> .. 21/08/2007 14:37 124 208 ascstubie.dll 21/08/2007 14:25 395 ascstubie.inf 11/07/2004 01:03 65 desktop.ini 14/10/1997 18:52 697 DirectAnimation Java Classes.osd 17/04/2005 18:17 217 Download3342.inf 25/08/2003 18:12 1 096 iuctl.inf 07/01/2007 12:55 2 305 kavwebscan.inf 16/03/2005 13:34 7 407 lang.ini 20/03/2008 15:10 367 LegitCheckControl.inf 18/07/2007 14:49 12 592 libcomm.dll 14/03/2005 15:38 126 live.ini 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 01/06/2006 03:57 1 331 oscan8.inf 14/03/2005 15:58 7 073 scanoptions.tsi 11/06/2007 13:21 5 021 swflash.inf 30/06/2003 22:41 1 689 WMV9VCM.inf 30/07/2007 20:24 293 wuweb.inf 02/11/2005 18:01 1 777 xscan.inf 18 fichier(s) 167 821 octets Total des fichiers listés : 18 fichier(s) 167 821 octets 2 Rép(s) 6 893 674 496 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000001 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-22 21:19:11 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 220 - kpf4gui.exe 256 - svchost.exe 280 - wdfmgr.exe 480 - nod32kui.exe 508 - iTunesHelper.ex 528 - wuauclt.exe 596 - EM_EXEC.EXE 824 - csrss.exe 848 - winlogon.exe 892 - services.exe 904 - lsass.exe 976 - alg.exe 1076 - DKService.exe 1084 - svchost.exe 1192 - svchost.exe 1212 - nod32krn.exe 1344 - iPodService.exe 1440 - svchost.exe 1452 - svchost.exe 1680 - ServUDaemon.exe 1716 - explorer.exe 1804 - spoolsv.exe 1868 - ServUDaemon.exe 1984 - SNDSrvc.exe 2008 - kpf4ss.exe 2756 - kpf4gui.exe 3140 - cmd.exe Total number of processes = 28 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D4000 - \WINDOWS\system32\ntoskrnl.exe 806D3000 - \WINDOWS\system32\hal.dll F7987000 - \WINDOWS\system32\KDCOM.DLL F7897000 - \WINDOWS\system32\BOOTVID.dll F7444000 - d343bus.sys F7418000 - ACPI.sys F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F7487000 - pci.sys F7497000 - isapnp.sys F74A7000 - ohci1394.sys F74B7000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS F7A4F000 - pciide.sys F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F74C7000 - MountMgr.sys F73F9000 - ftdisk.sys F798B000 - dmload.sys F73D5000 - dmio.sys F770F000 - PartMgr.sys F74D7000 - VolSnap.sys F73BF000 - imagedrv.sys F73A8000 - \WINDOWS\System32\DRIVERS\SCSIPORT.SYS F7392000 - atapi.sys F798D000 - d343port.sys F737E000 - nvatabus.sys F74E7000 - disk.sys F74F7000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F736D000 - sr.sys F7507000 - PxHelp20.sys F7359000 - KSecDD.sys F72CF000 - Ntfs.sys F72A6000 - NDIS.sys F7517000 - sbp2port.sys F7717000 - nv_agp.sys F728C000 - Mup.sys F76A7000 - \SystemRoot\System32\DRIVERS\nic1394.sys F76F7000 - \SystemRoot\System32\DRIVERS\processr.sys F7058000 - \SystemRoot\System32\DRIVERS\usbohci.sys F62B3000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F779F000 - \SystemRoot\System32\DRIVERS\usbehci.sys F629C000 - \SystemRoot\System32\DRIVERS\NVENET.sys F7557000 - \SystemRoot\system32\drivers\nvax.sys F7567000 - \SystemRoot\System32\DRIVERS\imapi.sys F7577000 - \SystemRoot\System32\DRIVERS\cdrom.sys F7587000 - \SystemRoot\System32\DRIVERS\redbook.sys F627C000 - \SystemRoot\System32\DRIVERS\ks.sys F77A7000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys F5AF5000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys F5AE3000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F77FF000 - \SystemRoot\System32\DRIVERS\fdc.sys F6345000 - \SystemRoot\System32\DRIVERS\serial.sys F793F000 - \SystemRoot\System32\DRIVERS\serenum.sys F5AD0000 - \SystemRoot\System32\DRIVERS\parport.sys F6335000 - \SystemRoot\System32\DRIVERS\i8042prt.sys F7817000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F7BC3000 - \SystemRoot\System32\DRIVERS\audstub.sys F6325000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F7943000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F5ABA000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F6315000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F6305000 - \SystemRoot\System32\DRIVERS\raspptp.sys F7947000 - \SystemRoot\System32\DRIVERS\TDI.SYS F5A81000 - \SystemRoot\System32\DRIVERS\psched.sys F62F5000 - \SystemRoot\System32\DRIVERS\msgpc.sys F781F000 - \SystemRoot\System32\DRIVERS\ptilink.sys F7827000 - \SystemRoot\System32\DRIVERS\raspti.sys F79C7000 - \SystemRoot\System32\Drivers\RootMdm.sys F782F000 - \SystemRoot\System32\Drivers\Modem.SYS F5A54000 - \SystemRoot\System32\DRIVERS\rdpdr.sys F62E5000 - \SystemRoot\System32\DRIVERS\termdd.sys F7837000 - \SystemRoot\System32\DRIVERS\mouclass.sys F7BCC000 - \SystemRoot\System32\DRIVERS\swenum.sys F5A32000 - \SystemRoot\System32\DRIVERS\update.sys F38E1000 - \SystemRoot\System32\Drivers\NDProxy.SYS F38D1000 - \SystemRoot\System32\DRIVERS\usbhub.sys F7A4B000 - \SystemRoot\System32\DRIVERS\USBD.SYS F1F16000 - \SystemRoot\system32\drivers\nvapu.sys F1EF5000 - \SystemRoot\system32\drivers\portcls.sys F38C1000 - \SystemRoot\system32\drivers\drmk.sys F1E10000 - \SystemRoot\system32\drivers\nvmcp.sys F1DFF000 - \SystemRoot\system32\drivers\nvarm.sys F79E3000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F3544000 - \SystemRoot\System32\Drivers\Null.SYS F79E5000 - \SystemRoot\System32\Drivers\Beep.SYS EDE48000 - \SystemRoot\System32\drivers\vga.sys F79E7000 - \SystemRoot\System32\Drivers\mnmdd.SYS F79E9000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys EBCB3000 - \SystemRoot\system32\drivers\fwdrv.sys EDE40000 - \SystemRoot\System32\Drivers\Msfs.SYS EDE38000 - \SystemRoot\System32\Drivers\Npfs.SYS EE3FF000 - \SystemRoot\System32\DRIVERS\rasacd.sys ED7F2000 - \SystemRoot\System32\DRIVERS\ipsec.sys EBC61000 - \SystemRoot\System32\DRIVERS\tcpip.sys EBC21000 - \SystemRoot\System32\Drivers\SYMTDI.SYS EBC04000 - \??\E:\Program Files\Symantec\SYMEVENT.SYS EBBDF000 - \SystemRoot\System32\DRIVERS\netbt.sys ED7E2000 - \SystemRoot\System32\DRIVERS\netbios.sys EBBB5000 - \SystemRoot\System32\DRIVERS\rdbss.sys EBB4A000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys EBB39000 - \SystemRoot\system32\drivers\khips.sys ED7D2000 - \SystemRoot\System32\Drivers\Fips.SYS ED7C2000 - \SystemRoot\System32\DRIVERS\wanarp.sys ED7B2000 - \SystemRoot\System32\DRIVERS\arp1394.sys ED8FA000 - \SystemRoot\System32\DRIVERS\hidusb.sys ED7A2000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS EDE20000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS ED57D000 - \SystemRoot\System32\DRIVERS\LHidFlt2.Sys ED8F6000 - \SystemRoot\System32\DRIVERS\mouhid.sys ED792000 - \SystemRoot\System32\DRIVERS\LMouFlt2.Sys ED782000 - \SystemRoot\System32\Drivers\Cdfs.SYS EBB25000 - \SystemRoot\System32\Drivers\dump_nvatabus.sys F79EF000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys ED8DE000 - \SystemRoot\System32\drivers\Dxapi.sys ED8DA000 - \SystemRoot\System32\watchdog.sys BFF80000 - \SystemRoot\System32\drivers\dxg.sys ED452000 - \SystemRoot\System32\drivers\dxgthk.sys BF9C3000 - \SystemRoot\System32\nv4_disp.dll BADDF000 - \SystemRoot\System32\drivers\afd.sys F7254000 - \SystemRoot\System32\drivers\ws2ifsl.sys F5A92000 - \SystemRoot\System32\DRIVERS\ndisuio.sys BA554000 - \SystemRoot\system32\drivers\wdmaud.sys ECE2C000 - \SystemRoot\system32\drivers\sysaudio.sys BA4B7000 - \SystemRoot\System32\DRIVERS\mrxdav.sys ED093000 - \SystemRoot\System32\Drivers\ParVdm.SYS BA415000 - \??\E:\WINDOWS\System32\drivers\amon.sys BA49F000 - \SystemRoot\System32\drivers\aspi32.sys BA376000 - \SystemRoot\System32\DRIVERS\srv.sys B98E2000 - \SystemRoot\System32\DRIVERS\ipnat.sys F7AB4000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 129 Liste des programmes installes 32 Bit HP CIO Components Installer Ad-Aware SE Personal Adobe Flash Player 9 ActiveX Adobe Flash Player Plugin Adobe Photoshop Album 2.0 Edition Découverte Adobe Reader 8.1.2 - Français Ahead Nero Burning ROM AIO_Scan Apple Software Update AVS Video Converter 3.5.1.210 BufferChm C5200 C5200_doccd c5200_Help Cards_Calendar_OrderGift_DoMorePlugout CCleaner (remove only) Copy Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations] Correctif Windows XP - Article Base de Connaissances 834707 Correctif Windows XP - KB822603 Correctif Windows XP - KB823182 Correctif Windows XP - KB824105 Correctif Windows XP - KB824141 Correctif Windows XP - KB825119 Correctif Windows XP - KB826939 Correctif Windows XP - KB828035 Correctif Windows XP - KB828741 Correctif Windows XP - KB833987 Correctif Windows XP - KB835732 Correctif Windows XP - KB837001 Correctif Windows XP - KB839645 Correctif Windows XP - KB840315 Correctif Windows XP - KB840374 Correctif Windows XP - KB840987 Correctif Windows XP - KB841356 Correctif Windows XP - KB841533 Correctif Windows XP - KB841873 Correctif Windows XP - KB842773 Correctif Windows XP - KB871250 Correctif Windows XP - KB873339 Correctif Windows XP - KB873376 Correctif Windows XP - KB883357 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB890175 Correctif Windows XP - KB891711 CustomerResearchQFolder DAEMON Tools dBpowerAMP WMA V9.1 Codec Destination Component DeviceDiscovery DeviceManagementQFolder Direct Show Ogg Vorbis Filter (remove only) Diskeeper Lite DiViDiX Génération Codecs Full V1.7 Final DivxToDVD 0.5.2 DocProc DocProcQFolder Easy MP3 Converter 1.27 eMusic - 50 Free MP3 offer ERUNT 1.1j eSupportQFolder Fax FlashFXP Flickr Uploadr 2.5.0.15 Free - Kit de connexion FreeGo 3 GSpot 2.21 Fr GSpot Codec Information Appliance HijackThis 1.99.1 hkSFV (remove only) HP Customer Participation Program 9.0 HP Imaging Device Functions 9.0 HP OCR Software 9.0 HP Photosmart All-In-One Software 9.0 HP Photosmart Essential 2.5 HP Photosmart Essential 2.5 HP Smart Web Printing HP Solution Center 9.0 HP Update HPPhotoSmartPhotobookWebPack1 HPProductAssistant HPSSupply ISO Commander 1.4 (remove only) IsoBuster 1.8 iTunes J2SE Runtime Environment 5.0 Update 11 Java 2 Runtime Environment, SE v1.4.1_01 Java Web Start Java 6 Update 5 Kaspersky Online Scanner KC Softwares K-MP3 KC Softwares VideoInspector Language Pack for Ad-aware 6 Language pack for Ad-Aware SE Lavasoft Reghance 2.1 Lecteur Windows Media 10 Logitech MouseWare 9.80 Ma-Config.com plugin Malwarebytes' Anti-Malware MarketResearch Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Data Access Components KB870669 Microsoft Money Microsoft Office XP Professional avec FrontPage Microsoft Visual C++ 2005 Redistributable Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mozilla Firefox (2.0.0.14) Mpeg Layer3 Codec FHG-Radium v1.063 NOD32 antivirus system NVIDIA Drivers NvMixer Outlook Express Q837009 Panda TotalScan PanoStandAlone PC Inspector File Recovery PHOTOfunSTUDIO -viewer- Platform ProphetView Tester PS_AIO_02_ProductContext PS_AIO_02_Software PS_AIO_02_Software_min PSSWCORE QuickTime RealPlayer Roxio Express Labeler 3 SAGEM F@st 800-840 Scan Serv-U SiSoftware Sandra Professionnel 2005.SR2a (Win64/32/CE) SolutionCenter SpywareBlaster v3.5.1 Status Sunbelt Personal Firewall Symantec Network Drivers Update Toolbox TrayApp TZ Connection Booster 2.6 Uniblue SpeedUpMyPC 3 UnloadSupport VIA Gestionnaire de périphériques de plate-forme VideoToolkit01 VirtualDub 1.6.2 Fr VobSub v2.23 (Remove Only) VSO Inspector 1.1.2 WebFldrs XP WebReg Winamp Winamp Toolbar WIndows 98se Mass Driver Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Media Format Runtime WinPatrol WinPcap 4.0 alpha1 WinRAR archiver XnView 1.50.1 xp-AntiSpy 3.93 XviD MPEG-4 Video Codec Le volume dans le lecteur E n'a pas de nom. Le numéro de série du volume est 7C97-A538 Répertoire de E:\Program Files 17/04/2008 18:37 <REP> . 17/04/2008 18:37 <REP> .. 11/02/2008 20:42 <REP> Adobe 23/02/2006 20:51 <REP> Ahead 18/11/2007 12:32 <REP> Apple Software Update 24/01/2005 19:53 <REP> audiograbber 29/01/2005 15:52 <REP> AVSMedia 17/09/2005 08:11 <REP> BillP Studios 24/02/2008 19:01 <REP> CCleaner 23/02/2006 20:51 <REP> Common Files 14/04/2008 20:30 <REP> Copy Serv U 22/12/2006 07:28 <REP> DirectX9 11/07/2004 09:23 <REP> D-Tools 16/05/2005 19:41 <REP> Easy MP3 Converter 13/04/2008 20:51 <REP> Enigma Software Group 20/01/2008 10:32 <REP> ERUNT 10/02/2008 19:52 <REP> Eset 09/01/2005 14:58 <REP> Executive Software 21/03/2008 20:13 <REP> Fichiers communs 24/05/2006 20:38 <REP> FlashFXP 01/12/2007 17:02 <REP> Flickr Uploadr 17/02/2008 20:23 <REP> Foxmail 14/05/2006 21:39 <REP> Free.fr 25/05/2006 18:23 <REP> FreeGo 11/07/2004 02:38 <REP> Gabest 25/07/2004 10:11 <REP> GDiVX Player 04/08/2004 20:54 <REP> Google 23/01/2005 11:33 <REP> GSpot 29/01/2005 15:05 <REP> GSpot221 11/07/2004 10:07 <REP> GuerillaSoft 19/01/2008 21:06 <REP> hardwaredetection 13/07/2004 19:32 <REP> Hercules 26/12/2007 19:00 <REP> Hewlett-Packard 14/04/2008 21:05 <REP> HijackThis 11/07/2004 09:15 <REP> hkSFV 26/12/2007 19:07 <REP> HP 21/03/2008 20:13 <REP> IKEA HomePlanner 21/03/2008 20:12 <REP> IKEA HomePlannerch 16/05/2005 19:56 <REP> Illustrate 22/11/2007 23:57 <REP> Internet Explorer 12/01/2008 12:07 <REP> iPod 21/01/2005 20:13 <REP> iRiver 25/07/2004 09:41 <REP> ISO Commander 12/01/2008 12:07 <REP> iTunes 21/03/2008 20:07 <REP> Java 11/07/2004 01:42 <REP> Java Web Start 25/05/2006 19:41 <REP> Kazaa 29/01/2005 15:50 <REP> KC Softwares 11/07/2004 01:12 <REP> Kerio 31/05/2005 19:52 <REP> Lavasoft 11/07/2004 10:16 <REP> Lavasoft RegHance 19/01/2008 21:31 <REP> Logitech 22/03/2008 14:56 <REP> ma-config.com 16/04/2008 19:12 <REP> Malwarebytes' Anti-Malware 12/07/2004 22:42 <REP> Mediafour 11/07/2004 01:04 <REP> microsoft frontpage 28/11/2004 11:17 <REP> Microsoft Money 2005 11/07/2004 12:29 <REP> Microsoft Office 25/09/2004 12:06 <REP> MONEY 11/07/2004 01:02 <REP> Movie Maker 22/04/2008 21:00 <REP> Mozilla Firefox 04/03/2006 15:41 <REP> MP3Gain 22/01/2005 14:39 <REP> Mp3tag 11/07/2004 01:00 <REP> MSN 11/07/2004 01:00 <REP> MSN Gaming Zone 17/01/2005 22:43 <REP> MusicBrainz Tagger 16/05/2005 20:27 <REP> Musicmatch 11/07/2004 02:14 <REP> NetMeeting 06/09/2006 19:34 <REP> Network Associates 17/09/2005 08:31 <REP> Norton AntiVirus 14/07/2004 13:33 <REP> NVIDIA Corporation 14/07/2004 13:27 <REP> Nvidia1 31/07/2004 10:05 <REP> Outlook Express 01/08/2007 19:03 <REP> Panasonic 17/04/2008 18:37 <REP> Panda Security 14/07/2004 15:26 <REP> PC Inspector File Recovery 12/01/2008 12:06 <REP> QuickTime 20/02/2005 11:19 <REP> Ratajik Software 04/08/2004 19:20 <REP> Real 30/01/2005 21:24 <REP> Rippackv3 02/01/2008 14:01 <REP> Roxio 11/07/2004 01:02 <REP> Services en ligne 22/04/2008 21:17 <REP> Serv-U 07/09/2005 19:19 <REP> SiSoftware 11/07/2004 11:12 <REP> Smart Projects 20/01/2008 19:28 <REP> SpywareBlaster 15/04/2008 20:00 <REP> Sunbelt Software 17/09/2005 08:35 <REP> Symantec 15/09/2005 18:36 <REP> SymNetDrv 29/11/2004 20:02 <REP> TZ Connection Booster 22/03/2008 19:59 <REP> Uniblue 19/01/2008 22:01 <REP> VIA 29/01/2005 18:17 <REP> VirtualDub 22/07/2006 10:57 <REP> VSO 19/01/2008 20:43 <REP> Winamp 18/11/2007 10:37 <REP> Winamp Toolbar 18/11/2007 12:32 <REP> Windows Media Player 11/07/2004 01:00 <REP> Windows NT 25/05/2006 18:23 <REP> WinPcap 11/07/2004 02:27 <REP> WinRAR 11/07/2004 01:04 <REP> xerox 11/07/2004 02:42 <REP> XnView 18/02/2005 20:29 <REP> xp-AntiSpy 30/01/2005 21:25 <REP> XviD 0 fichier(s) 0 octets 104 Rép(s) 6 893 719 552 octets libres Le volume dans le lecteur E n'a pas de nom. Le numéro de série du volume est 7C97-A538 Répertoire de E:\Program Files\fichiers communs 21/03/2008 20:13 <REP> . 21/03/2008 20:13 <REP> .. 11/02/2008 20:43 <REP> Adobe 11/07/2004 11:31 <REP> Ahead 11/07/2004 12:30 <REP> Designer 26/12/2007 18:59 <REP> Hewlett-Packard 26/12/2007 19:00 <REP> HP 25/02/2007 21:01 <REP> InstallShield 24/02/2006 22:23 <REP> Java 19/01/2008 21:31 <REP> Logitech 25/05/2006 19:37 <REP> Microsoft Shared 11/07/2004 01:01 <REP> MSSoap 14/07/2004 13:29 <REP> NVIDIA Shared 15/05/2006 21:14 <REP> ODBC 18/11/2007 10:49 <REP> Real 11/07/2004 01:02 <REP> Services 11/07/2004 01:54 <REP> SpeechEngines 02/01/2008 14:02 <REP> SureThing Shared 23/02/2006 20:51 <REP> Symantec Shared 11/07/2004 02:10 <REP> System 18/11/2007 10:50 <REP> xing shared 0 fichier(s) 0 octets 21 Rép(s) 6 893 715 456 octets libres Le volume dans le lecteur E n'a pas de nom. Le numéro de série du volume est 7C97-A538 Répertoire de E:\Program Files\fichiers communs\Microsoft Shared\Web Folders 11/07/2004 12:30 <REP> . 11/07/2004 12:30 <REP> .. 11/07/2004 12:30 <REP> 1033 11/07/2004 12:30 <REP> 1036 28/02/2004 17:00 1 327 104 MSONSEXT.DLL 28/02/2004 17:00 58 784 MSOSV.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 28/02/2004 17:00 401 462 MSVCP60.DLL 28/02/2004 17:00 69 632 PKMAXCTL.DLL 28/02/2004 17:00 872 448 PKMCDO.DLL 28/02/2004 17:00 159 744 PKMCORE.DLL 28/02/2004 17:00 106 496 PKMFORMS.DLL 28/02/2004 17:00 684 032 PKMRES.DLL 28/02/2004 17:00 28 672 PKMSSTLB.DLL 28/02/2004 17:00 40 960 PKMTEMPL.DLL 28/02/2004 17:00 24 576 PKMTRACE.DLL 28/02/2004 17:00 86 016 PKMWS.DLL 28/02/2004 17:00 237 568 PROMDEMO.DLL 28/02/2004 17:00 184 320 SECMGR.DLL 28/02/2004 17:00 323 584 VAIDDMGR.DLL 28/02/2004 17:00 32 768 VAIMEM.DLL 18 fichier(s) 4 888 136 octets 4 Rép(s) 6 893 715 456 octets libres Le volume dans le lecteur E n'a pas de nom. Le numéro de série du volume est 7C97-A538 Répertoire de E:\Program Files\common files 23/02/2006 20:51 <REP> . 23/02/2006 20:51 <REP> .. 15/05/2006 19:21 <REP> Motive 0 fichier(s) 0 octets 3 Rép(s) 6 893 715 456 octets libres c:\Nos Documents\Nico\Kozo.exe ****** Fin du rapport DiagHelp PS => J'ai du rebooter mechamment mon PC car rien ne tourner lors du 1er test de Diaghelp. Par contre j'ai perdu tous mes parametrages sur Firefox, notamment mais dossier et shortcut.... Merci pour ton aide N.

Salut Thanos, Je vais donc rajouter une barrette histoire de booster mon PC. Est ce que les problemes de gel peuvent venir de la? J'ai desactive le service Nvidia mais le Norton Tool ne tourne toujours pas ! PS : le ctrl A bloc toujours les fichiers txt, c'est bizarre

Salut Thanos, Effectivement le PC semble beaucoup plus fluide et je n'ai pas note de lenteur comme je pouvais en avoir auparavant. Ca veut donc dire que je devrais peut etre faire un petit nettoyage de printemps sur mon ordi? de maniere reguliere si je veux eviter des problemes de lenteur ou de "gel"? Je n'ai pas genere de rapport nomme extra, je me suis peut etre trompe dans la manip. Seulement un fichir main a ete genere dont voici le contenu : PS => Je viens juste d'avoir un petit probleme en voulant copier le contenu du.txt. Quand je l'ouvre et que je fais ctrl+A, le fichier gel et ne repond plus, je suis oblige de le fermer pour le reouvrir. Bref voici le rapport: Deckard's System Scanner v20071014.68 Run by Nikki on 2008-04-20 21:21:19 Computer is in Normal Mode. -------------------------------------------------------------------------------- Total Physical Memory: 480 MiB (512 MiB recommended). -- HijackThis (run as Nikki.exe) ----------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 21:21:34, on 20/04/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\Program Files\D-Tools\daemon.exe E:\Program Files\Eset\nod32kui.exe E:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe E:\Program Files\Logitech\MouseWare\system\em_exec.exe E:\Program Files\Executive Software\DiskeeperLite\DKService.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\System32\nvsvc32.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\iPod\bin\iPodService.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\WINDOWS\System32\wuauclt.exe E:\Documents and Settings\Nikki\Bureau\dss(2).exe C:\123\HIJACK~1\Nikki.exe E:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - Startup: ERUNT AutoBackup.lnk = E:\Program Files\ERUNT\AUTOBACK.EXE O8 - Extra context menu item: &Winamp Toolbar Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O15 - Trusted Zone: http://*.windowsupdate.microsoft.com O15 - Trusted Zone: http://*.windowsupdate.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/049ca0e088e44d...RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206122086000 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcSandraSrv.exe O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - E:\Program Files\Serv-U\ServUDaemon.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: stllssvr - MicroVision Development, Inc. - E:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe -- Files created between 2008-03-20 and 2008-04-20 ----------------------------- 2008-04-20 21:18:36 0 dr-h----- E:\Documents and Settings\Nikki\Recent 2008-04-17 18:37:41 0 d-------- E:\Program Files\Panda Security 2008-04-16 19:12:03 0 d-------- E:\Program Files\Malwarebytes' Anti-Malware 2008-04-15 20:15:58 0 d-------- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-04-15 20:15:56 0 d-------- E:\WINDOWS\System32\Kaspersky Lab 2008-04-15 20:00:56 0 d-------- E:\Program Files\Sunbelt Software 2008-04-14 19:52:00 0 d-------- E:\Documents and Settings\All Users\Application Data\Avira 2008-04-13 20:51:06 0 d-------- E:\Program Files\Enigma Software Group 2008-04-13 19:39:31 3436 --a------ E:\WINDOWS\System32\tmp.reg 2008-04-13 19:39:17 25600 --a------ E:\WINDOWS\System32\WS2Fix.exe 2008-04-13 19:39:17 289144 --a------ E:\WINDOWS\System32\VCCLSID.exe <Not Verified; S!Ri; > 2008-04-13 19:39:17 86528 --a------ E:\WINDOWS\System32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix> 2008-04-13 19:39:17 288417 --a------ E:\WINDOWS\System32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2008-04-13 19:39:17 53248 --a------ E:\WINDOWS\System32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility> 2008-04-13 19:39:17 82432 --a------ E:\WINDOWS\System32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix> 2008-04-13 19:39:17 51200 --a------ E:\WINDOWS\System32\dumphive.exe 2008-04-13 19:31:53 0 d-------- E:\Documents and Settings\Nikki\Application Data\Malwarebytes 2008-04-13 19:31:46 0 d-------- E:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-04-13 18:00:18 0 d-------- E:\WINDOWS\AU_Temp 2008-03-22 20:01:21 0 d-------- E:\Documents and Settings\Nikki\Application Data\Uniblue 2008-03-22 19:59:53 0 d-------- E:\Program Files\Uniblue 2008-03-22 14:56:39 0 d-------- E:\Program Files\ma-config.com 2008-03-22 14:56:39 0 d-------- E:\Documents and Settings\Nikki\Application Data\ma-config.com 2008-03-22 12:47:17 0 d--hs---- E:\WINDOWS\ftpcache 2008-03-22 12:45:35 0 d-------- E:\Documents and Settings\Nikki\Application Data\U3 2008-03-21 19:59:08 0 d-------- E:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-03-21 19:58:17 0 d-------- E:\WINDOWS\System32\PreInstall 2008-03-21 19:55:28 0 d-------- E:\WINDOWS\System32\SoftwareDistribution -- Find3M Report --------------------------------------------------------------- 2008-04-20 21:20:57 468072 --a------ E:\WINDOWS\System32\perfh00C.dat 2008-04-20 21:20:57 75266 --a------ E:\WINDOWS\System32\perfc00C.dat 2008-04-20 21:19:45 0 d-------- E:\Program Files\Serv-U 2008-04-16 19:14:48 18512 --a------ E:\Documents and Settings\Nikki\Application Data\GDIPFONTCACHEV1.DAT 2008-04-15 19:55:53 0 d--h----- E:\Program Files\InstallShield Installation Information 2008-04-14 20:30:47 0 d-------- E:\Program Files\Copy Serv U 2008-04-13 18:59:40 0 d-------- E:\Documents and Settings\Nikki\Application Data\HPAppData 2008-04-13 18:02:37 1163344 --a------ E:\WINDOWS\vsapi32.dll <Not Verified; Trend Micro Inc.; VSAPI> 2008-04-13 18:02:37 71749 --a------ E:\WINDOWS\HCExtOutput.dll 2008-04-13 18:02:36 86094 --a------ E:\WINDOWS\BPMNT.dll <Not Verified; Trend Micro Inc.; VSAPI> 2008-03-21 20:13:19 0 d-------- E:\Program Files\Fichiers communs 2008-03-21 20:13:15 0 d-------- E:\Program Files\IKEA HomePlanner 2008-03-21 20:12:58 0 d-------- E:\Program Files\IKEA HomePlannerch 2008-03-21 20:07:47 0 d-------- E:\Program Files\Java 2008-02-25 20:35:09 0 d-------- E:\Documents and Settings\Nikki\Application Data\Adobe 2008-02-24 19:01:11 0 d-------- E:\Program Files\CCleaner 2008-01-20 15:29:49 111292 --a------ E:\WINDOWS\hpqins13.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] 02/03/2007 17:52 1298024 -ra------ E:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] 02/03/2007 17:52 177768 -ra------ E:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 04/10/2007 22:06 1135968 --a------ E:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= E:\Program Files\Winamp Toolbar\winamptb.dll [04/10/2007 22:06 1135968] [-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools-1033"="E:\Program Files\D-Tools\daemon.exe" [15/12/2003 18:56] "nod32kui"="E:\Program Files\Eset\nod32kui.exe" [18/05/2005 13:54] "iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [11/12/2007 13:10] "Logitech Utility"="Logi_MwX.Exe" [11/12/2003 10:50 E:\WINDOWS\LOGI_MWX.EXE] "SunJavaUpdateSched"="E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25] "NvCplDaemon"="E:\WINDOWS\System32\NvCpl.dll" [22/10/2006 13:22] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Uniblue SpeedUpMyPC"="" [] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "ALUAlert"=E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ClearRecentDocsOnExit"=1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt hpqcxs08 hpqddsvc -- End of Deckard's System Scanner: finished at 2008-04-20 21:22:42 ------------ Thanos, je me repete un peu mais un enorme merci. N.

Salut Thanos, J'ai donc suivi tes conseilles. Par contre impossible de faire fonctionner Norton Tool. Pas grave. Sinon voici le rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 14:32:52, on 19/04/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\Program Files\D-Tools\daemon.exe E:\Program Files\Eset\nod32kui.exe E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe E:\Program Files\Logitech\MouseWare\system\em_exec.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\WINDOWS\System32\rundll32.exe E:\Program Files\Executive Software\DiskeeperLite\DKService.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\System32\nvsvc32.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\iPod\bin\iPodService.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe E:\Program Files\Mozilla Firefox\firefox.exe C:\123\hijackthis\HijackThis.exe E:\WINDOWS\System32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\wianmpa.exe O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AudioDeck] E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [hpqSRMon] E:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - Startup: ERUNT AutoBackup.lnk = E:\Program Files\ERUNT\AUTOBACK.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Winamp Toolbar Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O15 - Trusted Zone: http://*.windowsupdate.microsoft.com O15 - Trusted Zone: http://*.windowsupdate.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/049ca0e088e44d...RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206122086000 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcSandraSrv.exe O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - E:\Program Files\Serv-U\ServUDaemon.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: stllssvr - MicroVision Development, Inc. - E:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe A la question : Comment fonctionne le pc ? des alertes de ton antivirus ? *Le PC gele tres souvent et je suis oblige de le rebooter a la mano tres regulierement. Par exemple j'ai du rebooter 3 fois pour repondre a ce post.. Rebooter 2 fois pour copier le rapport HijackThis etc... * Sinon mon anti-virus ne bronche pas. Thanos, encore un grand merci pour ton aide. N.

Salut Thanos, Encore merci pour ton aide precieuse. Cette fois ci j'ai pas mal galerer pour faire ce que tu m'as conseiller. 1) Voici les fichiers que j'ai sucre lors du passage de MalwareByte's. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Service (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Secure Browsing (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\videoPl.chl (Trojan.Zlob) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\some (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\start (Trojan.Zlob) -> Quarantined and deleted successfully. 2) Question importante: lorsque tu as utilisé l'option 2 de SmitFraudFix, à la question : "Voulez-vous nettoyer le registre ?", as tu tapé O (oui) ?? Je ne pense pas! 3) Nouveau rapport MalwareByte's Malwarebytes' Anti-Malware 1.11 Version de la base de données: 639 Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|) Eléments examinés: 83702 Temps écoulé: 25 minute(s), 50 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) 4) Norton_Removal_Tool A priori ca ne marche pas. Il se lance et puis.... plus rien. Je vais teneter a nouveau car il se peut que je sois un peu impatient. 5) Rapport de Panda J'ai du le faire tourner 5 fois car a chaque fois que je cliquer sur rapport, mon ordinateur et/ou le reseau gelait. Le rapport me semble inquietant, pas toi? ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-04-19 09:34:09 PROTECTIONS: 1 MALWARE: 31 SUSPECTS: 0 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== NOD32 Antivirus 2.50.16 No Yes ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00119805 Application/ServUBased.A HackTools No 0 No No C:\Ext\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\Serv U\pdxrhsu5.rar[susetup.exe][sERVUDAEMON.EXE] 00119805 Application/ServUBased.A HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083073.exe[sERVUDAEMON.EXE] 00134905 Application/Servu.A HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083068.exe[sERVUTRAY.EXE] 00134906 Application/Servu.A HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083068.exe[sERVUPERFCOUNT.DLL] 00134908 Application/ServUBased.A HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083068.exe[sERVUDAEMON.EXE] 00138763 Application/ServUBased.A HackTools No 0 No No C:\Ext\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\Serv U\pdxrhsu5.rar[susetup.exe][sERVUTRAY.EXE] 00138763 Application/ServUBased.A HackTools No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083075.exe 00138763 Application/ServUBased.A HackTools No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083076.exe 00138763 Application/ServUBased.A HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083073.exe[sERVUTRAY.EXE] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.casalemedia.com/] 00139535 Application/Processor HackTools No 0 Yes No E:\Deckard\System Scanner\backup\DOCUME~1\Nikki\LOCALS~1\Temp\Rar$EX00.235\SmitfraudFix\Process.exe 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0082036.exe 00139535 Application/Processor HackTools No 0 Yes No C:\123\Smitfraudfix\SmitfraudFix\SmitfraudFix\Process.exe 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0084235.exe 00139535 Application/Processor HackTools No 0 Yes No E:\WINDOWS\system32\Process.exe 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0084263.exe 00139535 Application/Processor HackTools No 0 Yes No C:\123\Smitfraudfix\SmitfraudFix.zip[smitfraudFix/Process.exe] 00149116 Cookie/Ccbill TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.ccbill.com/] 00159564 Cookie/WUpd TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.revenue.net/] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.xiti.com/] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Cookies\nikki@xiti[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.xiti.com/] 00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[fe.lea.lycos.fr/] 00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[fe.lea.lycos.fr/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[ad.yieldmanager.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.bs.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.bs.serving-sys.com/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookiesnew.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookiesnew.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.weborama.fr/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookiesnew.txt[.weborama.fr/] 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[server.iad.liveperson.net/hc/9567765] 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[server.iad.liveperson.net/] 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[server.iad.liveperson.net/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.zedo.com/] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.adultfriendfinder.com/] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.adultfriendfinder.com/] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.adultfriendfinder.com/] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.adultfriendfinder.com/] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[searchportal.information.com/] 00248324 Application/ServUBased.A HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083073.exe 00248324 Application/ServUBased.A HackTools No 0 No No C:\Ext\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\Serv U\pdxrhsu5.rar[susetup.exe] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[.atwola.com/] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.atwola.com/] 00517584 Application/SuperFast HackTools No 0 Yes No E:\Deckard\System Scanner\backup\DOCUME~1\Nikki\LOCALS~1\Temp\Rar$EX00.235\SmitfraudFix\restart.exe 00517584 Application/SuperFast HackTools No 0 Yes No C:\123\Smitfraudfix\SmitfraudFix\SmitfraudFix\restart.exe 00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083071.exe 00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0082038.exe 00517584 Application/SuperFast HackTools No 0 Yes No C:\123\Smitfraudfix\SmitfraudFix.zip[smitfraudFix/restart.exe] 00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0084265.exe 00915503 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083072.exe 01196325 Cookie/Enhance TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.enhance.com/] 01196326 Cookie/GoClick TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.goclick.com/] 01196326 Cookie/GoClick TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies-1.txt[.goclick.com/] 02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No E:\Deckard\System Scanner\backup\DOCUME~1\Nikki\LOCALS~1\Temp\Rar$EX00.235\SmitfraudFix\Reboot.exe 02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0082037.exe 02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\123\Smitfraudfix\SmitfraudFix.zip[smitfraudFix/Reboot.exe] 02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0083070.exe 02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\123\Smitfraudfix\SmitfraudFix\SmitfraudFix\Reboot.exe 02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0084264.exe 02899253 Cookie/AntiSpyKit TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Application Data\Mozilla\Firefox\Profiles\2ce9nmxa.default\cookies.txt[antispykit.com/] 02899253 Cookie/AntiSpyKit TrackingCookie No 0 Yes No E:\Documents and Settings\Nikki\Cookies\nikki@antispykit[2].txt 02914031 Adware/Netproject Adware No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0081026.dll 02914031 Adware/Netproject Adware No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0081013.dll 02914032 Adware/Netproject Adware No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0081031.exe 02914032 Adware/Netproject Adware No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0081012.exe 02914034 Adware/Netproject Adware No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0081030.exe 02914510 Adware/Netproject Adware No 0 Yes No E:\System Volume Information\_restore{819801F3-ADB9-41D0-B8DB-818AA9D2CD45}\RP530\A0081027.exe ;=============================================================================== ================================================================================= =================== SUSPECTS Location ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== Thanos encore 1000 merci pour ton aide et ton temps

Salut Thanos, Encore 1000 merci pour ton aide. Voici donc les rapports PS => J'ai sucre des fichiers suite a MalwareByte's comme indique dans le Post. ------------------------------------------------------------------------------------------------------- MalwareByte's Malwarebytes' Anti-Malware 1.11 Version de la base de données: 636 Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|) Eléments examinés: 83143 Temps écoulé: 25 minute(s), 34 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> No action taken. HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Service (Trojan.Zlob) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Secure Browsing (Trojan.Zlob) -> No action taken. HKEY_CLASSES_ROOT\videoPl.chl (Trojan.Zlob) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\some (Trojan.Zlob) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\start (Trojan.Zlob) -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) --------------------------------------------------------------------------------------------------------- DSS Deckard's System Scanner v20071014.68 Run by Nikki on 2008-04-16 20:16:06 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- -- Last 5 Restore Point(s) -- 54: 2008-04-16 18:04:53 UTC - RP533 - Deckard's System Scanner Restore Point 53: 2008-04-15 18:00:55 UTC - RP532 - Installed Sunbelt Personal Firewall. 52: 2008-04-15 17:55:52 UTC - RP531 - Removed Kerio Personal Firewall 51: 2008-04-13 11:14:05 UTC - RP530 - Point de vérification système 50: 2008-04-10 18:38:20 UTC - RP529 - Point de vérification système -- First Restore Point -- 1: 2008-01-19 17:28:27 UTC - RP480 - Point de vérification système Backed up registry hives. Performed disk cleanup. Total Physical Memory: 480 MiB (512 MiB recommended). -- HijackThis (run as Nikki.exe) ----------------------------------------------- Unable to find log (file not found); running clone. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-04-16 20:18:06 Platform: Windows XP Service Pack 1 (5.01.2600) MSIE: Internet Explorer (6.00.2800.1106) Boot mode: Normal Running processes: E:\WINDOWS\system32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\explorer.exe E:\WINDOWS\system32\spoolsv.exe E:\Program Files\D-Tools\daemon.exe E:\Program Files\Eset\nod32kui.exe E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe E:\Program Files\HP\HP Software Update\hpwuSchd2.exe E:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe E:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe E:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\WINDOWS\system32\rundll32.exe E:\Program Files\Executive Software\DiskeeperLite\DKService.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\iPod\bin\iPodService.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe E:\WINDOWS\system32\wuauclt.exe E:\WINDOWS\system32\notepad.exe E:\Documents and Settings\Nikki\Bureau\dss(2).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\wianmpa.exe O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AudioDeck] E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [hpqSRMon] E:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: ERUNT AutoBackup.lnk = E:\Program Files\ERUNT\AUTOBACK.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Winamp Toolbar Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe O10 - Unknown file in Winsock LSP: imon.dllO10 - Unknown file in Winsock LSP: imon.dllO15 - Trusted Zone: http://*.windowsupdate.microsoft.com (HKCU) O15 - Trusted Zone: https://*.windowsupdate.microsoft.com (HKCU) O15 - Trusted Zone: http://windowsupdate.com (HKCU) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} () - O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/049ca0e088e44d...RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206122086000 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} () - http://v4.windowsupdate.microsoft.com/CAB/...8178.7116666667 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - E:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - E:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL O20 - Winlogon Notify: WRNotifier - E:\WINDOWS\System32\WRLogonNTF.dll (file missing) O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcSandraSrv.exe O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - E:\Program Files\Serv-U\ServUDaemon.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: stllssvr - MicroVision Development, Inc. - E:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe -- End of file - 11809 bytes -- HijackThis Fixed Entries (C:\123\HIJACK~1\backups\) ------------------------- backup-20080415-194916-770 O18 - Filter: text/html - (no CLSID) - (no file) backup-20080415-194916-853 O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - E:\Program Files\NetProject\sbmdl.dll (file missing) -- File Associations ----------------------------------------------------------- .reg - regfile - shell\open\command - regedit.exe "%1" %* .scr - scrfile - shell\open\command - "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 d343bus - e:\windows\system32\drivers\d343bus.sys R0 d343port - e:\windows\system32\drivers\d343port.sys R0 Imagedrv - e:\windows\system32\drivers\imagedrv.sys <Not Verified; Ahead Software AG and its licensors; NERO IMAGEDRIVE> R2 AMON - e:\windows\system32\drivers\amon.sys <Not Verified; Eset; NOD32 Antivirus System> S2 ADILOADER (General Purpose USB Driver (adildr.sys)) - e:\windows\system32\drivers\adildr.sys (file missing) S3 adiusbae (USB ADSL LAN Adapter) - e:\windows\system32\drivers\adiusbae.sys (file missing) S3 fbxusb (Carte réseau virtuelle FreeBox USB) - e:\windows\system32\drivers\fbxusb32.sys <Not Verified; FreeBox SA; Carte réseau virtuelle FreeBox USB pour Windows 2000/XP> S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - e:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows> S3 NPF (NetGroup Packet Filter Driver) - e:\windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver> S3 Pcouffin (Low level access layer for CD devices) - e:\windows\system32\drivers\pcouffin.sys (file missing) S3 w800bus (Sony Ericsson W800 driver (WDM)) - e:\windows\system32\drivers\w800bus.sys <Not Verified; MCCI; Sony Ericsson W800> S3 w800mdfl (Sony Ericsson W800 USB WMC Modem Filter) - e:\windows\system32\drivers\w800mdfl.sys <Not Verified; MCCI; Sony Ericsson W800 USB WMC Modem Filter Driver> S3 w800mdm (Sony Ericsson W800 USB WMC Modem Drivers) - e:\windows\system32\drivers\w800mdm.sys <Not Verified; MCCI; Sony Ericsson W800 USB WMC Modem> S3 w800mgmt (Sony Ericsson W800 USB WMC Device Management Drivers) - e:\windows\system32\drivers\w800mgmt.sys <Not Verified; MCCI; Sony Ericsson W800 USB WMC Device Management> S3 w800obex (Sony Ericsson W800 USB WMC OBEX Interface Drivers) - e:\windows\system32\drivers\w800obex.sys <Not Verified; MCCI; Sony Ericsson W800 USB WMC OBEX Interface> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Diskeeper - e:\program files\executive software\diskeeperlite\dkservice.exe <Not Verified; Executive Software International, Inc.; Diskeeper Disk Defragmenter> R2 Serv-U (Serv-U FTP Server) - e:\program files\serv-u\servudaemon.exe S4 rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - "e:\program files\winpcap\rpcapd.exe" -d -f "e:\program files\winpcap\rpcapd.ini" <Not Verified; CACE Technologies; Remote Packet Capture Daemon> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-03-29 19:03:57 270 --a------ E:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job 2008-03-22 20:00:31 392 --a------ E:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job 2007-11-18 11:21:20 284 --a------ E:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2008-03-16 and 2008-04-16 ----------------------------- 2008-04-16 20:05:59 0 dr-h----- E:\Documents and Settings\Nikki\Recent 2008-04-16 19:12:03 0 d-------- E:\Program Files\Malwarebytes' Anti-Malware 2008-04-15 20:15:58 0 d-------- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-04-15 20:15:56 0 d-------- E:\WINDOWS\System32\Kaspersky Lab 2008-04-15 20:00:56 0 d-------- E:\Program Files\Sunbelt Software 2008-04-14 19:52:00 0 d-------- E:\Documents and Settings\All Users\Application Data\Avira 2008-04-13 20:51:06 0 d-------- E:\Program Files\Enigma Software Group 2008-04-13 19:39:31 3436 --a------ E:\WINDOWS\System32\tmp.reg 2008-04-13 19:39:17 25600 --a------ E:\WINDOWS\System32\WS2Fix.exe 2008-04-13 19:39:17 289144 --a------ E:\WINDOWS\System32\VCCLSID.exe <Not Verified; S!Ri; > 2008-04-13 19:39:17 86528 --a------ E:\WINDOWS\System32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix> 2008-04-13 19:39:17 288417 --a------ E:\WINDOWS\System32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2008-04-13 19:39:17 53248 --a------ E:\WINDOWS\System32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility> 2008-04-13 19:39:17 82432 --a------ E:\WINDOWS\System32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix> 2008-04-13 19:39:17 51200 --a------ E:\WINDOWS\System32\dumphive.exe 2008-04-13 19:31:53 0 d-------- E:\Documents and Settings\Nikki\Application Data\Malwarebytes 2008-04-13 19:31:46 0 d-------- E:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-04-13 18:00:18 0 d-------- E:\WINDOWS\AU_Temp 2008-03-22 20:01:21 0 d-------- E:\Documents and Settings\Nikki\Application Data\Uniblue 2008-03-22 19:59:53 0 d-------- E:\Program Files\Uniblue 2008-03-22 14:56:39 0 d-------- E:\Program Files\ma-config.com 2008-03-22 14:56:39 0 d-------- E:\Documents and Settings\Nikki\Application Data\ma-config.com 2008-03-22 12:47:17 0 d--hs---- E:\WINDOWS\ftpcache 2008-03-22 12:45:35 0 d-------- E:\Documents and Settings\Nikki\Application Data\U3 2008-03-21 19:59:08 0 d-------- E:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-03-21 19:58:17 0 d-------- E:\WINDOWS\System32\PreInstall 2008-03-21 19:55:28 0 d-------- E:\WINDOWS\System32\SoftwareDistribution -- Find3M Report --------------------------------------------------------------- 2008-04-16 20:17:40 468072 --a------ E:\WINDOWS\System32\perfh00C.dat 2008-04-16 20:17:40 75266 --a------ E:\WINDOWS\System32\perfc00C.dat 2008-04-16 20:13:30 0 d-------- E:\Program Files\Serv-U 2008-04-16 19:14:48 18512 --a------ E:\Documents and Settings\Nikki\Application Data\GDIPFONTCACHEV1.DAT 2008-04-15 19:55:53 0 d--h----- E:\Program Files\InstallShield Installation Information 2008-04-14 20:30:47 0 d-------- E:\Program Files\Copy Serv U 2008-04-13 18:59:40 0 d-------- E:\Documents and Settings\Nikki\Application Data\HPAppData 2008-04-13 18:02:37 1163344 --a------ E:\WINDOWS\vsapi32.dll <Not Verified; Trend Micro Inc.; VSAPI> 2008-04-13 18:02:37 71749 --a------ E:\WINDOWS\HCExtOutput.dll 2008-04-13 18:02:36 86094 --a------ E:\WINDOWS\BPMNT.dll <Not Verified; Trend Micro Inc.; VSAPI> 2008-03-21 20:13:19 0 d-------- E:\Program Files\Fichiers communs 2008-03-21 20:13:15 0 d-------- E:\Program Files\IKEA HomePlanner 2008-03-21 20:12:58 0 d-------- E:\Program Files\IKEA HomePlannerch 2008-03-21 20:07:47 0 d-------- E:\Program Files\Java 2008-02-25 20:35:09 0 d-------- E:\Documents and Settings\Nikki\Application Data\Adobe 2008-02-24 19:01:11 0 d-------- E:\Program Files\CCleaner 2008-02-17 20:23:16 0 d-------- E:\Program Files\Foxmail 2008-01-20 15:29:49 111292 --a------ E:\WINDOWS\hpqins13.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] 02/03/2007 17:52 1298024 -ra------ E:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] 02/03/2007 17:52 177768 -ra------ E:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 04/10/2007 22:06 1135968 --a------ E:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= E:\Program Files\Winamp Toolbar\winamptb.dll [04/10/2007 22:06 1135968] [-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools-1033"="E:\Program Files\D-Tools\daemon.exe" [15/12/2003 18:56] "nod32kui"="E:\Program Files\Eset\nod32kui.exe" [18/05/2005 13:54] "NvCplDaemon"="E:\WINDOWS\System32\NvCpl.dll" [22/10/2006 13:22] "WinampAgent"="E:\Program Files\Winamp\wianmpa.exe" [] "TkBellExe"="E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [18/11/2007 10:48] "HP Software Update"="E:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11/03/2007 22:34] "QuickTime Task"="E:\Program Files\QuickTime\QTTask.exe" [11/12/2007 11:56] "iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [11/12/2007 13:10] "Logitech Utility"="Logi_MwX.Exe" [11/12/2003 10:50 E:\WINDOWS\LOGI_MWX.EXE] "NVMixerTray"="E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [20/12/2004 18:12] "nwiz"="nwiz.exe" [22/10/2006 13:22 E:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="E:\WINDOWS\System32\NvMcTray.dll" [22/10/2006 13:22] "AudioDeck"="E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe" [09/08/2007 16:48] "hpqSRMon"="E:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [22/08/2007 17:31] "Adobe Reader Speed Launcher"="E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16] "SunJavaUpdateSched"="E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Uniblue SpeedUpMyPC"="" [] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "ALUAlert"=E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ClearRecentDocsOnExit"=1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt hpqcxs08 hpqddsvc -- End of Deckard's System Scanner: finished at 2008-04-16 20:19:57 ------------

Salut Thanos, Avant toute chose je tiens a te remercier pour ton aide, c'est tres sympa de ta part et ca m'enleve une bonne epine du pied. J'ai donc suivi tes intructions : 1) SmitFrauDix 2) Supprimer Kerio pour le reinstaller 3) Kapersky => Il trouve 16 virus et 51 fichiersinfectes, malheureusement quand je clique sur generation du rapport, mon PC gele et je n'ai plus qu'a le rebooter. Je tente de le faire tourner une 3eme fois ce soir, car ca prend 2 heures pour scanner mon PC, et mets le rapport sur le forum. 4)HijackThis Par contre, j'ai l'impression que mon PC est un peu plus instable dans la mesure ou mpn PC gele souvent. Par exemple pour copier le Rapoort SmartFrauDix j'ai du rebooter le pC car je ne pouvais rien ouvrir et obtenais un ecran bleu. Est ce que ca peut etre une coincidence Une nouvelle fois un grand merci pour tout aide N. Voici donc, ---------Le Rapport SmitFrauDix----------------- SmitFraudFix v2.314 Rapport fait à 19:43:17,09, 15/04/2008 Executé à partir de C:\123\Smitfraudfix\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» E:\ »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\Nikki »»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\Nikki\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» E:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="E:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin ----------------------- Le Rapport de Kapersky -------------------- Je te l'envoi ce soir ----------------------Nouveau Rapport HijackThis -------------------- Logfile of HijackThis v1.99.1 Scan saved at 06:01:51, on 16/04/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\Program Files\D-Tools\daemon.exe E:\Program Files\Eset\nod32kui.exe E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe E:\Program Files\Logitech\MouseWare\system\em_exec.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\WINDOWS\System32\rundll32.exe E:\Program Files\Executive Software\DiskeeperLite\DKService.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\System32\nvsvc32.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\iPod\bin\iPodService.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe E:\WINDOWS\system32\NOTEPAD.EXE E:\WINDOWS\System32\wuauclt.exe C:\123\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\wianmpa.exe O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AudioDeck] E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [hpqSRMon] E:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - Startup: ERUNT AutoBackup.lnk = E:\Program Files\ERUNT\AUTOBACK.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Winamp Toolbar Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing) O15 - Trusted Zone: http://*.windowsupdate.microsoft.com O15 - Trusted Zone: http://*.windowsupdate.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/049ca0e088e44d...RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206122086000 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcSandraSrv.exe O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - E:\Program Files\Serv-U\ServUDaemon.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: stllssvr - MicroVision Development, Inc. - E:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe

Bonjour, Mon PC est infect par "le trojan Zlob". J'ai suivi les indications donnees. Voici le rapport de HiajckThis. Que dois-je fqire pour vraiment supprimer ce probleme. Par avance merci N. Logfile of HijackThis v1.99.1 Scan saved at 21:02:37, on 14/04/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\csrss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe E:\Program Files\Logitech\MouseWare\system\em_exec.exe E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe E:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\WINDOWS\System32\rundll32.exe E:\WINDOWS\System32\alg.exe E:\Program Files\Executive Software\DiskeeperLite\DKService.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\System32\nvsvc32.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Serv-U\ServUDaemon.exe E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\wdfmgr.exe E:\Program Files\iPod\bin\iPodService.exe E:\Program Files\Real\RealPlayer\RealPlay.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe E:\WINDOWS\System32\wuauclt.exe E:\Program Files\Real\RealPlayer\RealPlay.exe E:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - E:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - E:\Program Files\NetProject\sbmdl.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\wianmpa.exe O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AudioDeck] E:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [hpqSRMon] E:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [spyHunter Security Suite] E:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe O4 - Startup: ERUNT AutoBackup.lnk = E:\Program Files\ERUNT\AUTOBACK.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Winamp Toolbar Search - E:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - E:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing) O15 - Trusted Zone: http://*.windowsupdate.microsoft.com O15 - Trusted Zone: http://*.windowsupdate.com O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/049ca0e088e44d...RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206122086000 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O18 - Filter: text/html - (no CLSID) - (no file) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - E:\Program Files\Kerio\Personal Firewall\persfw.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - E:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR2a\RpcSandraSrv.exe O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - E:\Program Files\Serv-U\ServUDaemon.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - E:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe