catetmic

Bon ben alors ça fonctionne toujours pas, poutant les parefeux des deux cotés sont débloqués.

ça ne fonctionne pas, mais je ne peux pas installer le correctif KB922120 parce qu'il faut une validation et........... je ne peux pas valider ma version XP. merci à tous de votre aide

Merci marcodel malheureusement je viens de suivre a la lettre ton tuto mais toujours rien

mon ordi portable ne trouve aucun autre ordi de même que dans l'autre sens ordi de salon vers ordi portable ?

Je vous remercie tous les deux de vous intéresser a mon problème. sur mon ordi de salon je fais un clic droit sur le dossier que je veux partager et je partage, jusque là ok, mais après comment je le récupère sur mon ordi portable ?

Merci pascal Mais par quel fruit du hasard l'autre ordi verrait le dossier partagé ????

Bonjour à tous voici mon souhait Je possède un ordi de salon sous Vista connecté a internet via une freebox et un ordi portable sous XP en wifi. je souhaiterais avoir accès a des fichiers présent sur mon ordi de salon via mon ordi portable j'espère avoir été clair dans mon explication assez simple. j'ai déja lu énormément de chose a ce sujet mais j'avoue que je n'y ai rien compris et j'ai trouvé les solutions trés compliquées. d'avance Merci de votre aide.

Merci beaucoup !!!! ça marche !!

Bonsoir ticlou la police des raccourcis et du menu contextuel est en italique, la police des onglets est en gras..

bonjour, depuis hier je ne sais pour quelle raison, ma police d'origine a changer. comment peut remettre la police d'origine ? j'ai déjà essayé de changer la taille, les paramètres d'affichage, personnalisation......... mais il n'y a rien pour la police. Merci pour votre aide voici ma config : http://ma-config.com/AfficheTempResume-4160.html Cordialement Mickaël

Salut merci beaucoup Thanos et a toi Toutoune pour votre aide sans oublier toute l'équipe . Amicalement.

Non je ne reçois plus d'alerte...ouf lorsque que j'active le par feu vista norton me conseille d'utiliser le sien faut il utiliser le par feu vista ou norton ? Merci.

Salut voici mon rapport. je ne veux pas désinstaller Norton je viens juste de le payer la mise a jour et le réinstaller StartupList report, 27/02/2008, 17:18:02 StartupList version: 1.52.2 Started from : C:\Users\neojunior\Desktop\HijackThis.EXE Detected: Windows Vista (WinNT 6.00.1904) Detected: Internet Explorer v7.00 (7.00.6000.16609) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\neojunior\Desktop\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Users\neojunior\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup] Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\Windows\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run RtHDVCpl = RtHDVCpl.exe eRecoveryService = SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" NvSvc = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit UVS11 Preload = C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot TrayServer = C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" Symantec PIF AlertEng = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ????r = swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\Windows\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\Windows\system32\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\Windows\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\Windows\INF\mswmp.inf,PerUserStub [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\Windows\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\Windows\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\Windows\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\Windows\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\Windows\Explorer\Explorer.exe: not present C:\Windows\System\Explorer.exe: not present C:\Windows\System32\Explorer.exe: not present C:\Windows\Command\Explorer.exe: not present C:\Windows\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: *Registry key not found* .shb: *Registry key not found* .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\Windows - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} (no name) - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -------------------------------------------------- Enumerating Task Scheduler jobs: At1.job Norton Internet Security - Analyse système complète - neojunior.job Norton Internet Security - Effectuer une analyse complète du système - neojunior.job -------------------------------------------------- Enumerating Download Program Files: [CKAVWebScan Object] InProcServer32 = C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll CODEBASE = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab [TotalScan Installer Class] InProcServer32 = C:\Windows\Downloaded Program Files\ascstubie.dll CODEBASE = http://www.nanoscan.com/as/cabs/ascstubie.cab [bDSCANONLINE Control] InProcServer32 = C:\Windows\DOWNLO~1\oscan8.ocx CODEBASE = http://download.bitdefender.com/resources/scan8/oscan8.cab [HouseCall Control] InProcServer32 = C:\Windows\DOWNLO~1\xscan53.ocx CODEBASE = http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab [Java Plug-in 1.6.0_03] InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_02] InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_03] InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_03] InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\Windows\system32\NLAapi.dll NameSpace #2: C:\Windows\System32\mswsock.dll NameSpace #3: C:\Windows\System32\winrnr.dll NameSpace #4: C:\Windows\system32\napinsp.dll NameSpace #5: C:\Windows\system32\pnrpnsp.dll NameSpace #6: C:\Windows\system32\pnrpnsp.dll Protocol #1: C:\Windows\system32\mswsock.dll Protocol #2: C:\Windows\system32\mswsock.dll Protocol #3: C:\Windows\system32\mswsock.dll Protocol #4: C:\Windows\system32\mswsock.dll Protocol #5: C:\Windows\system32\mswsock.dll Protocol #6: C:\Windows\system32\mswsock.dll Protocol #7: C:\Windows\system32\mswsock.dll Protocol #8: C:\Windows\system32\mswsock.dll Protocol #9: C:\Windows\system32\mswsock.dll Protocol #10: C:\Windows\system32\mswsock.dll Protocol #11: C:\Windows\system32\mswsock.dll Protocol #12: C:\Windows\system32\mswsock.dll Protocol #13: C:\Windows\system32\mswsock.dll Protocol #14: C:\Windows\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: system32\drivers\acpi.sys (system) adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (disabled) adpahci: \SystemRoot\system32\drivers\adpahci.sys (disabled) adpu160m: \SystemRoot\system32\drivers\adpu160m.sys (disabled) adpu320: \SystemRoot\system32\drivers\adpu320.sys (disabled) @%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Ancilliary Function Driver for Winsock: \SystemRoot\system32\drivers\afd.sys (system) Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start) aic78xx: \SystemRoot\system32\drivers\djsvs.sys (disabled) @%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start) aliide: \SystemRoot\system32\drivers\aliide.sys (disabled) AMD AGP Bus Filter Driver: \SystemRoot\system32\drivers\amdagp.sys (manual start) amdide: \SystemRoot\system32\drivers\amdide.sys (disabled) AMD K7 Processor Driver: \SystemRoot\system32\drivers\amdk7.sys (disabled) Pilote de processeur AMD K8: system32\DRIVERS\amdk8.sys (manual start) @%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) arc: \SystemRoot\system32\drivers\arc.sys (disabled) arcsas: \SystemRoot\system32\drivers\arcsas.sys (disabled) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Canal IDE: system32\drivers\atapi.sys (system) Ati External Event Utility: %SystemRoot%\system32\Ati2evxx.exe (autostart) @%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart) @%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart) @%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) blbdrive: \SystemRoot\system32\drivers\blbdrive.sys (disabled) Bowser: system32\DRIVERS\bowser.sys (manual start) Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\drivers\brfiltlo.sys (manual start) Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\drivers\brfiltup.sys (manual start) @%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\system32\drivers\brserid.sys (disabled) Brother WDM Serial driver: \SystemRoot\system32\drivers\brserwdm.sys (disabled) Brother MFC USB Fax Only Modem: \SystemRoot\system32\drivers\brusbmdm.sys (disabled) Brother MFC USB Serial WDM Driver: \SystemRoot\system32\drivers\brusbser.sys (manual start) Bluetooth Serial Communications Driver: \SystemRoot\system32\drivers\bthmodem.sys (disabled) Capture Device Service: "C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe" (autostart) catchme: \??\C:\Users\NEOJUN~1\AppData\Local\Temp\catchme.sys (manual start) Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart) Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart) CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) @%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Consumer IR Devices: \SystemRoot\system32\drivers\circlass.sys (disabled) Common Log (CLFS): System32\CLFS.sys (system) Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) Symantec Lic NetConnect service: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (autostart) cmdide: \SystemRoot\system32\drivers\cmdide.sys (disabled) COM Host: "C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe" (manual start) Microsoft Composite Battery Driver: \SystemRoot\system32\drivers\compbatt.sys (disabled) @comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Crcdisk Filter Driver: system32\drivers\crcdisk.sys (system) Transmeta Crusoe Processor Driver: \SystemRoot\system32\drivers\crusoe.sys (disabled) @%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) @oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart) Dfs Client Driver: System32\Drivers\dfsc.sys (system) @dfsrres.dll,-101: %SystemRoot%\system32\DFSR.exe (manual start) @%SystemRoot%\system32\dhcpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart) Pilote de disque: system32\drivers\disk.sys (system) @%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) @%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start) @%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start) Intel® PRO/1000 NDIS 6 Adapter Driver: system32\DRIVERS\E1G60I32.sys (manual start) @%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) ReadyBoost Caching Driver: System32\drivers\ecache.sys (system) Symantec Eraser Control driver: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (system) @%SystemRoot%\ehome\ehrecvr.exe,-101: %systemroot%\ehome\ehRecvr.exe (manual start) @%SystemRoot%\ehome\ehsched.exe,-101: %systemroot%\ehome\ehsched.exe (manual start) @%SystemRoot%\ehome\ehstart.dll,-101: %windir%\system32\svchost.exe -k LocalServiceNoNetwork (autostart) elxstor: \SystemRoot\system32\drivers\elxstor.sys (disabled) @%SystemRoot%\system32\emdmgmt.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) EraserUtilRebootDrv: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (manual start) eRecovery Service: C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (autostart) @%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart) @comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start) @%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) File Information FS MiniFilter: system32\drivers\fileinfo.sys (system) FileTrace: system32\drivers\filetrace.sys (manual start) Firebird Server - MAGIX Instance: C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (manual start) Pilote de lecteur de disquettes: system32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) @%SystemRoot%\system32\PresentationHost.exe,-3309: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (manual start) Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\drivers\gagp30kx.sys (manual start) @gpapi.dll,-112: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Google Updater Service: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (autostart) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio: system32\drivers\HdAudio.sys (manual start) Pilote de bus UAA Microsoft pour High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start) Microsoft Bluetooth HID Miniport: \SystemRoot\system32\drivers\hidbth.sys (disabled) Microsoft Infrared HID Driver: \SystemRoot\system32\drivers\hidir.sys (disabled) @%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) @%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) HpCISSs: \SystemRoot\system32\drivers\hpcisss.sys (disabled) HTTP: system32\drivers\HTTP.sys (manual start) i2omp: \SystemRoot\system32\drivers\i2omp.sys (disabled) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) Intel RAID Controller Vista: \SystemRoot\system32\drivers\iastorv.sys (disabled) @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start) Symantec Intrusion Prevention Driver: \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080221.003\IDSvix86.sys (system) iirsp: \SystemRoot\system32\drivers\iirsp.sys (disabled) @%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart) int15: \??\C:\Acer\Empowering Technology\eRecovery\int15.sys (autostart) Service for Realtek HD Audio (WDM): system32\drivers\RTKVHDA.sys (manual start) intelide: \SystemRoot\system32\drivers\intelide.sys (disabled) Intel Processor Driver: system32\DRIVERS\intelppm.sys (disabled) @%systemroot%\system32\IPBusEnum.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start) IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start) @%SystemRoot%\system32\iphlpsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart) IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start) IPMIDRV: \SystemRoot\system32\drivers\ipmidrv.sys (disabled) IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start) IR Bus Enumerator: system32\drivers\irenum.sys (manual start) PnP ISA/EISA Bus Driver: \SystemRoot\system32\drivers\isapnp.sys (disabled) Pilote iScsiPort: system32\DRIVERS\msiscsi.sys (manual start) Symantec IS Password Validation: "C:\Program Files\Norton Internet Security\isPwdSvc.exe" (manual start) ITEATAPI_Service_Install: \SystemRoot\system32\drivers\iteatapi.sys (disabled) ITERAID_Service_Install: \SystemRoot\system32\drivers\iteraid.sys (disabled) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Pilote HID de clavier: system32\DRIVERS\kbdhid.sys (system) @keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start) KSecDD: System32\Drivers\ksecdd.sys (system) @comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) @%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) @%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) LightScribeService Direct Disc Labeling Service: "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" (autostart) LiveUpdate: "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (manual start) LiveUpdate Notice Service Ex: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart) LiveUpdate Notice Service: "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll" (autostart) Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart) @%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart) LSI_FC: \SystemRoot\system32\drivers\lsi_fc.sys (disabled) LSI_SAS: \SystemRoot\system32\drivers\lsi_sas.sys (disabled) LSI_SCSI: \SystemRoot\system32\drivers\lsi_scsi.sys (disabled) UAC File Virtualization: \SystemRoot\system32\drivers\luafv.sys (autostart) @%SystemRoot%\ehome\ehres.dll,-15501: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) megasas: \SystemRoot\system32\drivers\megasas.sys (disabled) @%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Modem: system32\drivers\modem.sys (manual start) Service Pilote de fonction de classe Moniteur Microsoft: system32\DRIVERS\monitor.sys (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) Mount Point Manager: System32\drivers\mountmgr.sys (system) Microsoft Multi-Path Bus Driver: \SystemRoot\system32\drivers\mpio.sys (disabled) @%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start) @%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart) Mraid35x: \SystemRoot\system32\drivers\mraid35x.sys (disabled) WebDav Client Redirector Driver: \SystemRoot\system32\drivers\mrxdav.sys (manual start) SMB MiniRedirector Wrapper and Engine: system32\DRIVERS\mrxsmb.sys (manual start) SMB 1.x MiniRedirector: system32\DRIVERS\mrxsmb10.sys (manual start) SMB 2.0 MiniRedirector: system32\DRIVERS\mrxsmb20.sys (manual start) msahci: \SystemRoot\system32\drivers\msahci.sys (disabled) Microsoft Multi-Path Device Specific Module: \SystemRoot\system32\drivers\msdsm.sys (disabled) @comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start) Pilote de classe ISA/EISA: system32\drivers\msisadrv.sys (system) @%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (manual start) @%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Mup: System32\Drivers\mup.sys (system) @%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start) NativeWiFi Filter: system32\DRIVERS\nwifi.sys (manual start) NAVENG: \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080224.003\NAVENG.SYS (manual start) NAVEX15: \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080224.003\NAVEX15.SYS (manual start) NDIS System Driver: system32\drivers\ndis.sys (system) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) NetBIOS Interface: system32\DRIVERS\netbios.sys (system) NETBT: System32\DRIVERS\netbt.sys (system) @%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start) @%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start) @%SystemRoot%\system32\netprof.dll,-246: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled) nfrd960: \SystemRoot\system32\drivers\nfrd960.sys (disabled) @%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) NMIndexingService: "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" (disabled) @%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart) NSI proxy service: system32\drivers\nsiproxy.sys (system) Upper Class Filter Driver: system32\DRIVERS\NTIDrvr.sys (manual start) N-trig HID Tablet Driver: \SystemRoot\system32\drivers\ntrigdigi.sys (disabled) nvlddmkm: system32\DRIVERS\nvlddmkm.sys (manual start) nvraid: \SystemRoot\system32\drivers\nvraid.sys (disabled) nvstor: \SystemRoot\system32\drivers\nvstor.sys (disabled) nvstor32: system32\drivers\nvstor32.sys (system) NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\drivers\nv_agp.sys (manual start) IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start) IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start) Microsoft Office Diagnostics Service: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" (manual start) Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface): system32\DRIVERS\ohci1394.sys (manual start) Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start) @%SystemRoot%\system32\p2psvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) Pilote de port parallèle: system32\DRIVERS\parport.sys (manual start) Partition Manager: System32\drivers\partmgr.sys (system) Parvdm: system32\DRIVERS\parvdm.sys (autostart) @%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) Pilote de bus PCI: system32\drivers\pci.sys (system) pciide: system32\drivers\pciide.sys (system) pcmcia: \SystemRoot\system32\drivers\pcmcia.sys (disabled) PEAUTH: system32\drivers\peauth.sys (autostart) @%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start) @%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart) @%SystemRoot%\system32\p2psvc.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\system32\p2psvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (autostart) Miniport réseau étendu WAN (PPTP): system32\DRIVERS\raspptp.sys (manual start) Processor Driver: \SystemRoot\system32\drivers\processr.sys (disabled) @%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart) @%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start) @%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system) PSDFilter: system32\DRIVERS\psdfilter.sys (system) PSDNSERVER: system32\drivers\PSDNServ.sys (system) psdvdisk: system32\drivers\psdvdisk.sys (system) PxHelp20: System32\Drivers\PxHelp20.sys (system) QLogic Fibre Channel Miniport Driver: \SystemRoot\system32\drivers\ql2300.sys (disabled) QLogic iSCSI Miniport Driver: \SystemRoot\system32\drivers\ql40xx.sys (disabled) @%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start) R300: system32\DRIVERS\atikmdag.sys (manual start) Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system) @%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu WAN (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) @%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Redirected Buffering Sub Sysytem: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Terminal Server Device Redirector Driver: \SystemRoot\system32\drivers\rdpdr.sys (disabled) RDP Encoder Mirror Driver: system32\drivers\rdpencdd.sys (system) @%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) @regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start) @%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start) @oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart) Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart) @%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart) SBP-2 Transport/Protocol Bus Driver: \SystemRoot\system32\drivers\sbp2port.sys (disabled) @%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\schedsvc.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) @%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) @%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start) @%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (autostart) @%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: system32\DRIVERS\serenum.sys (manual start) Pilote de port série: system32\DRIVERS\serial.sys (system) Serial Mouse Driver: \SystemRoot\system32\drivers\sermouse.sys (disabled) @%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) SFF Storage Class Driver: \SystemRoot\system32\drivers\sffdisk.sys (disabled) SFF Storage Protocol Driver for MMC: \SystemRoot\system32\drivers\sffp_mmc.sys (manual start) SFF Storage Protocol Driver for SDBus: \SystemRoot\system32\drivers\sffp_sd.sys (manual start) High-Capacity Floppy Disk Drive: \SystemRoot\system32\drivers\sfloppy.sys (disabled) @%SystemRoot%\system32\ipnathlp.dll,-106: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) @%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SIS AGP Bus Filter: \SystemRoot\system32\drivers\sisagp.sys (manual start) SiSRaid2: \SystemRoot\system32\drivers\sisraid2.sys (disabled) SiSRaid4: \SystemRoot\system32\drivers\sisraid4.sys (disabled) @%SystemRoot%\system32\SLsvc.exe,-101: %SystemRoot%\system32\SLsvc.exe (autostart) @%SystemRoot%\system32\SLUINotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (system) @%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start) SPBBCDrv: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (system) @%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart) SRTSP: System32\Drivers\SRTSP.SYS (system) SRTSPL: System32\Drivers\SRTSPL.SYS (manual start) SRTSPX: System32\Drivers\SRTSPX.SYS (system) srv: System32\DRIVERS\srv.sys (manual start) srv2: System32\DRIVERS\srv2.sys (manual start) srvnet: System32\DRIVERS\srvnet.sys (manual start) @%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) @%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start) Symantec Core LC: C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe (manual start) Symantec AppCore Service: "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe" (autostart) Symc8xx: \SystemRoot\system32\drivers\symc8xx.sys (disabled) SYMDNS: \SystemRoot\System32\Drivers\SYMDNS.SYS (manual start) SymEvent: \??\C:\Windows\system32\Drivers\SYMEVENT.SYS (manual start) SYMFW: \SystemRoot\System32\Drivers\SYMFW.SYS (manual start) SYMIDS: \SystemRoot\System32\Drivers\SYMIDS.SYS (manual start) SYMNDISV: \SystemRoot\System32\Drivers\SYMNDISV.SYS (manual start) SYMREDRV: \SystemRoot\System32\Drivers\SYMREDRV.SYS (manual start) SYMTDI: \SystemRoot\System32\Drivers\SYMTDI.SYS (system) Sym_hi: \SystemRoot\system32\drivers\sym_hi.sys (disabled) Sym_u3: \SystemRoot\system32\drivers\sym_u3.sys (disabled) @%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\TabSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\tapisrv.dll,-10100: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start) @%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system) Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start) TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart) TDPIPE: system32\drivers\tdpipe.sys (manual start) TDTCP: system32\drivers\tdtcp.sys (manual start) @%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) @%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) @%SystemRoot%\System32\shsvcs.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) @%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start) Terminal Services Security Filter Driver: System32\DRIVERS\tssecsrv.sys (manual start) Pilote de carte miniport Microsoft Tun: system32\DRIVERS\tunmp.sys (manual start) Pilote de carte miniport Microsoft IPv6 Tunnel: system32\DRIVERS\tunnel.sys (manual start) Microsoft AGPv3.5 Filter: \SystemRoot\system32\drivers\uagp35.sys (manual start) udfs: system32\DRIVERS\udfs.sys (disabled) @%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start) Uli AGP Bus Filter: \SystemRoot\system32\drivers\uliagpkx.sys (manual start) uliahci: \SystemRoot\system32\drivers\uliahci.sys (disabled) UlSata: \SystemRoot\system32\drivers\ulsata.sys (disabled) ulsata2: \SystemRoot\system32\drivers\ulsata2.sys (disabled) Pilote d’énumérateur UMBus: system32\DRIVERS\umbus.sys (manual start) @%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) eHome Infrared Receiver (USBCIR): \SystemRoot\system32\drivers\usbcir.sys (disabled) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Pilote de concentrateur standard USB Microsoft: system32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: system32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (disabled) @%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start) vga: system32\DRIVERS\vgapnp.sys (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) VIA AGP Bus Filter: \SystemRoot\system32\drivers\viaagp.sys (manual start) VIA C7 Processor Driver: \SystemRoot\system32\drivers\viac7.sys (disabled) viaide: \SystemRoot\system32\drivers\viaide.sys (disabled) Pilote du Gestionnaire de volume: system32\drivers\volmgr.sys (system) Dynamic Volume Manager: System32\drivers\volmgrx.sys (system) Volumes de stockage: system32\drivers\volsnap.sys (system) vsmraid: \SystemRoot\system32\drivers\vsmraid.sys (disabled) @%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start) @%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Wacom Serial Pen HID Driver: \SystemRoot\system32\drivers\wacompen.sys (disabled) Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start) Remote Access IPv6 ARP Driver: system32\DRIVERS\wanarp.sys (system) @%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start) Microsoft Watchdog Timer Driver: \SystemRoot\system32\drivers\wd.sys (disabled) Kernel Mode Driver Frameworks service: system32\drivers\Wdf01000.sys (system) @%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k wdisvc (manual start) @%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start) @%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) @%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (manual start) @%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) @%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (autostart) @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (autostart) @%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart) @%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start) @%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start) Microsoft Windows Management Interface for ACPI: \SystemRoot\system32\drivers\wmiacpi.sys (disabled) @%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start) @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe" (manual start) @%SystemRoot%\system32\wpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) WpdUsb: system32\DRIVERS\wpdusb.sys (manual start) Winsock IFS driver: \SystemRoot\system32\drivers\ws2ifsl.sys (disabled) @%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart) @%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart) @%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart) WUDFRd: system32\DRIVERS\WUDFRd.sys (manual start) @%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller: system32\DRIVERS\yk60x86.sys (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: WebCheck: C:\Windows\system32\webcheck.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 50 043 bytes Report generated in 0,358 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only

Salut merci beaucoup de t'occuper de mon problème ComboFix 08-02-23.2 - neojunior 2008-02-26 19:57:03.5 - NTFSx86 Microsoft® Windows Vistaâ„¢ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.355 [GMT 1:00] Endroit: D:\Mes Documents\téléchargements\ComboFix.exe Command switches used :: D:\Mes Documents\téléchargements\CFScript.txt * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Program Files\Symantec\LiveUpdate\1.Settings.Default.LiveUpdate C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE C:\Program Files\Symantec\LiveUpdate\ALUNOTIFYRES.DLL C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvcRes.dll C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE C:\Program Files\Symantec\LiveUpdate\AUPDATERES.DLL C:\Program Files\Symantec\LiveUpdate\Lisezmoi.txt C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE C:\Program Files\Symantec\LiveUpdate\LUALL.EXE C:\Program Files\Symantec\LiveUpdate\LUALLRES.DLL C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe C:\Program Files\Symantec\LiveUpdate\LUCheck.exe C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE C:\Program Files\Symantec\LiveUpdate\LuConfig.EXE C:\Program Files\Symantec\LiveUpdate\ludirloc.dat C:\Program Files\Symantec\LiveUpdate\LUINFO.INF C:\Program Files\Symantec\LiveUpdate\LUInit.exe C:\Program Files\Symantec\LiveUpdate\LUInit.ini C:\Program Files\Symantec\LiveUpdate\LUINSDLL.DLL C:\Program Files\Symantec\LiveUpdate\LuInsRes.dll C:\Program Files\Symantec\LiveUpdate\LuPreCon.DLL C:\Program Files\Symantec\LiveUpdate\LuResult.txt C:\Program Files\Symantec\LiveUpdate\LUSETUP.EXE C:\Program Files\Symantec\LiveUpdate\LUUPDATE.EXE C:\Program Files\Symantec\LiveUpdate\MFC71.DLL C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_2.DLL C:\Program Files\Symantec\LiveUpdate\NotifyHA.exe C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_2.DLL C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_2.DLL C:\Program Files\Symantec\LiveUpdate\S32LIVE1.DLL C:\Program Files\Symantec\LiveUpdate\S32LUCP1RES.DLL C:\Program Files\Symantec\LiveUpdate\S32LUCP2.CPL C:\Program Files\Symantec\LiveUpdate\S32LUIS1.DLL C:\Program Files\Symantec\LiveUpdate\S32LUWI1.DLL C:\Program Files\Symantec\LiveUpdate\Settings.Default.LiveUpdate C:\Program Files\Symantec\LiveUpdate\SETUPRES.DLL C:\Program Files\Symantec\LiveUpdate\SymantecRootInstaller.exe C:\Program Files\Symantec\LiveUpdate\SymantecRootInstaller.log C:\Program Files\Symantec\LiveUpdate\SymantecRootInstallerRes.dll C:\Program Files\Symantec\LiveUpdate\UNRAR.DLL C:\Program Files\Symantec\S32EVNT1.DLL C:\Windows\System32\andt.sys C:\Windows\System32\Indt2.sys C:\Windows\System32\ndt2.sys C:\Windows\System32\routing.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Planificateur LiveUpdate automatique ((((((((((((((((((((((((((((( Fichiers créés 2008-01-26 to 2008-02-26 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-26 13:09 --------- d-----w C:\PROGRA~2\Google Updater 2008-02-25 19:22 86,094 ----a-w C:\Windows\BPMNT.dll 2008-02-25 19:22 71,749 ----a-w C:\Windows\hcextoutput.dll 2008-02-25 19:22 267,845 ----a-w C:\Windows\tsc.exe 2008-02-25 19:22 1,163,344 ----a-w C:\Windows\vsapi32.dll 2008-02-25 19:20 --------- d-----w C:\PROGRA~2\Symantec 2008-02-24 20:31 --------- d-----w C:\PROGRA~2\Kaspersky Lab 2008-02-24 12:30 --------- d-----w C:\Program Files\Lavalys 2008-02-24 11:43 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF 2008-02-24 11:43 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS 2008-02-24 11:43 10,740 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT 2008-02-24 11:43 --------- d-----w C:\Program Files\Norton Internet Security 2008-02-24 11:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-02-23 18:21 --------- d-----w C:\Program Files\adslTV 2008-02-23 16:47 --------- d-----w C:\Program Files\Hijackthis Version Française 2008-02-23 13:49 --------- d-----w C:\Program Files\Panda Security 2008-02-23 12:14 --------- d-----w C:\Users\neojunior\AppData\Roaming\Download Manager 2008-02-23 10:30 --------- d-----w C:\Users\neojunior\AppData\Roaming\Azureus 2008-02-19 19:43 --------- d-----w C:\Program Files\IncrediMail 2008-02-18 15:55 --------- d-----w C:\Program Files\FpTest 2008-02-17 14:58 --------- d-----w C:\Users\neojunior\AppData\Roaming\dvdcss 2008-02-16 17:28 --------- d-----w C:\PROGRA~2\DVD Shrink 2008-02-16 17:27 --------- d-----w C:\Program Files\DVD Shrink 2008-02-16 08:03 --------- d-----w C:\Program Files\Google 2008-02-13 16:49 194,560 ----a-w C:\Windows\System32\WebClnt.dll 2008-02-13 16:49 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys 2008-02-13 16:46 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys 2008-02-13 16:46 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe 2008-02-13 16:46 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe 2008-02-13 16:46 24,064 ----a-w C:\Windows\System32\netcfg.exe 2008-02-13 16:46 22,016 ----a-w C:\Windows\System32\netiougc.exe 2008-02-13 16:46 216,632 ----a-w C:\Windows\system32\drivers\netio.sys 2008-02-13 16:46 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys 2008-02-13 16:46 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2008-02-13 16:46 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys 2008-02-13 16:46 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys 2008-02-13 16:46 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys 2008-02-13 16:46 --------- d-----w C:\PROGRA~2\Microsoft Help 2008-02-13 16:45 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-02-13 16:45 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-02-13 16:45 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-02-13 16:45 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll 2008-02-13 16:45 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-02-13 16:45 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-02-13 16:45 1,686,528 ----a-w C:\Windows\System32\gameux.dll 2008-02-13 16:43 824,832 ----a-w C:\Windows\System32\wininet.dll 2008-02-13 16:43 56,320 ----a-w C:\Windows\System32\iesetup.dll 2008-02-13 16:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-13 16:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2008-02-08 19:19 --------- d-----w C:\Users\neojunior\AppData\Roaming\Todae 2008-02-07 18:50 --------- d-----w C:\Users\neojunior\AppData\Roaming\XnView 2008-02-07 18:28 --------- d-----w C:\Program Files\XnView 2008-02-03 21:06 --------- d-----w C:\Program Files\Planestate 2008-02-01 19:07 --------- d-----w C:\Users\neojunior\AppData\Roaming\vlc 2008-02-01 18:44 --------- d-----w C:\Program Files\HomePlayer1.5.3.1 2008-02-01 18:39 --------- d-----w C:\Program Files\Freeplayer 2008-01-26 12:08 69,689 ----a-w C:\Windows\UNZIP.DLL 2008-01-26 12:08 507,904 ----a-w C:\Windows\TMUPDATE.DLL 2008-01-26 12:08 286,720 ----a-w C:\Windows\PATCH.EXE 2008-01-20 12:43 --------- d-----w C:\Program Files\Alwil Software 2008-01-19 10:56 --------- d-----w C:\Users\neojunior\AppData\Roaming\LimeWire 2008-01-17 15:49 --------- d-----w C:\PROGRA~2\IM 2008-01-17 15:48 --------- d-----w C:\PROGRA~2\IncrediMail 2008-01-15 08:54 10,537 ----a-w C:\Windows\system32\drivers\COH_Mon.cat 2008-01-15 04:28 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf 2008-01-13 13:59 --------- d-----w C:\Program Files\Common Files\MAGIX Shared 2008-01-13 13:58 --------- d-----w C:\Program Files\MAGIX 2008-01-13 13:58 --------- d-----w C:\PROGRA~2\MAGIX 2008-01-12 23:23 --------- d-----w C:\Users\neojunior\AppData\Roaming\Media Player Classic 2008-01-12 17:32 23,904 ----a-w C:\Windows\system32\drivers\COH_Mon.sys 2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll 2008-01-09 14:01 53,248 ----a-w C:\Windows\bdoscandel.exe 2008-01-09 05:28 --------- d-----w C:\Program Files\Windows Mail 2008-01-09 05:24 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys 2008-01-09 05:24 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys 2008-01-09 05:23 11,776 ----a-w C:\Windows\System32\sbunattend.exe 2008-01-09 05:23 --------- d-----w C:\Program Files\Windows Sidebar 2008-01-06 10:14 --------- d-----w C:\Program Files\DivX 2008-01-06 09:54 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-01-04 19:25 --------- d-----w C:\Program Files\Azureus 2008-01-03 20:02 --------- d-----w C:\Program Files\Foxit Software 2008-01-03 16:49 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-03 16:48 --------- d-----w C:\Program Files\eBay 2008-01-03 16:48 --------- d-----w C:\PROGRA~2\eBay 2008-01-02 22:29 --------- d-----w C:\Program Files\Picasa2 2008-01-02 22:29 --------- d-----w C:\Program Files\Microsoft Works 2008-01-02 22:29 --------- d-----w C:\Program Files\Microsoft Picture It! 9 2008-01-02 22:29 --------- d-----w C:\PROGRA~2\Ulead Systems 2008-01-02 15:46 --------- d-----w C:\Users\neojunior\AppData\Roaming\Symantec 2007-12-29 14:09 --------- d-----w C:\PROGRA~2\Azureus 2007-12-12 16:24 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL 2007-12-12 16:24 223,232 ----a-w C:\Windows\System32\WMASF.DLL 2007-12-12 16:24 1,327,104 ----a-w C:\Windows\System32\quartz.dll 2007-12-04 01:33 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll 2007-12-04 01:33 823,296 ----a-w C:\Windows\System32\divx_xx07.dll 2007-12-04 01:33 802,816 ----a-w C:\Windows\System32\divx_xx11.dll 2007-12-04 01:33 682,496 ----a-w C:\Windows\System32\DivX.dll 2007-11-29 22:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe 2007-11-29 22:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll 2007-11-29 22:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-15 15:24 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-15 12:32 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 03:57 3784704 C:\Windows\RtHDVCpl.exe] "eRecoveryService"="" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 04:28 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 04:28 8497696] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 04:28 81920] "UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 14:12 341488] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-15 15:27 185632] "TrayServer"="C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe" [2007-07-17 13:58 90112] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59 115816] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-15 15:24:16 126136] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{CBA664D7-7845-4748-A78F-A801EA076BBF}"= UDP:C:\Program Files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{88ECF735-BA95-4C4C-B1DD-F8A0505D0210}"= TCP:C:\Program Files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{BDE6C266-D4E0-412E-8BDC-137FDAFD962D}"= UDP:C:\Program Files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess "{95A589C8-AC04-4F93-BBA6-CFE965C0573A}"= TCP:C:\Program Files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess "{9357837E-EEB8-4804-AEE7-FBB2A61280F4}"= UDP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess "{6539D799-7174-4EA6-AFEC-7E368AF33207}"= TCP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess "{3644AAC3-5A91-49CD-AFF0-3574437F4077}"= UDP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess "{BDD9BF01-7BE7-4893-B26C-DBF76962231A}"= TCP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess "{D107C740-DFB4-4E00-9C4E-0465AC8388A5}"= UDP:C:\Program Files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA "{E2EC3638-EB6F-463F-AD0E-8C6100D6E4DD}"= TCP:C:\Program Files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA "{582B234A-2EDA-4496-ACF3-432D2680BA55}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{1E8DF448-EECC-4757-A187-477D0F6DE5E3}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{A6AF243E-3A6B-476B-B97E-9AF101C48F03}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE| "{688C1D77-79C3-4CCB-A2B3-A4DAC6791371}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE| "{3ABDB307-A8DB-4B39-BEA8-28F597BF19D9}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail "{BF57F5F5-4216-4471-83B5-319650D4EC95}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail "{2B8925AA-D197-49A0-A5A0-66473832B174}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail "{12D966A4-5EA8-4E2B-BDAD-599F380EBDB2}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail "{47D9AE8D-E94B-4205-B349-72D36033631A}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{456FA2CD-7B28-44FB-B342-668BC32B915F}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "TCP Query User{5B2644DC-0EB4-4001-95FD-EA332A9FAC4D}C:\program files\adsltv\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "UDP Query User{E5145B18-140E-4C7B-8902-FAE3507AAC88}C:\program files\adsltv\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "TCP Query User{A761E0BD-53AC-48DC-9FB2-6124ADC088E6}C:\program files\adsltv\vlc.exe"= UDP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "UDP Query User{69F4105D-B29D-468F-BF35-4E813984EAFA}C:\program files\adsltv\vlc.exe"= TCP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "TCP Query User{4E014A16-CF61-4839-8A80-61D6FEB4F738}C:\program files\azureus\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "UDP Query User{FAE9906E-C9EC-471E-8588-DC6F02D6BAE7}C:\program files\azureus\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "TCP Query User{17D2B551-462C-427F-ABF1-F4D4840C1096}C:\program files\homeplayer1.5.1.2\homeplayer.exe"= UDP:C:\program files\homeplayer1.5.1.2\homeplayer.exe:HomePlayer|Desc=HomePlayer "UDP Query User{CBED141E-B8AF-40F0-AF06-2A094E08CFAB}C:\program files\homeplayer1.5.1.2\homeplayer.exe"= TCP:C:\program files\homeplayer1.5.1.2\homeplayer.exe:HomePlayer|Desc=HomePlayer "TCP Query User{D4773AAF-C287-489A-9E1D-2DBE748A83A1}C:\program files\freeplayer\vlc\vlc.exe"= UDP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player|Desc=VLC media player "UDP Query User{734EEDCA-77C9-4529-A14F-B4252901E386}C:\program files\freeplayer\vlc\vlc.exe"= TCP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player|Desc=VLC media player "TCP Query User{91D6016E-B905-409D-A49E-BE688931C1FE}C:\program files\adsltv\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "UDP Query User{0602E324-C378-44F0-8459-97D2B75B9961}C:\program files\adsltv\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "TCP Query User{9DE06431-B0F9-4185-93F6-68E930F68578}C:\program files\adsltv\vlc.exe"= UDP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "UDP Query User{68B44CD2-2E9F-4E02-A917-132CEF23ED7D}C:\program files\adsltv\vlc.exe"= TCP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "TCP Query User{75D46E29-2BB6-4CC0-83BE-7C0808338EFD}C:\program files\homeplayer1.5.3.1\homeplayer.exe"= UDP:C:\program files\homeplayer1.5.3.1\homeplayer.exe:HomePlayer|Desc=HomePlayer "UDP Query User{12778A4F-6E32-49F1-8CB0-5581ABF5AD0B}C:\program files\homeplayer1.5.3.1\homeplayer.exe"= TCP:C:\program files\homeplayer1.5.3.1\homeplayer.exe:HomePlayer|Desc=HomePlayer "TCP Query User{04674E89-3B87-4197-B2CD-76654BE18266}C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe"= UDP:C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe:octoshapeclient.exe|Desc=octoshapeclient.exe "UDP Query User{1F28E1CC-9C76-4FE3-822A-BC17A3825189}C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe"= TCP:C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe:octoshapeclient.exe|Desc=octoshapeclient.exe "TCP Query User{9BB719DD-A684-4E9F-831B-7F4F4FE50566}C:\program files\azureus\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "UDP Query User{99926E98-E439-462B-844B-4FBAA0AD0646}C:\program files\azureus\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "{B93315E9-0135-4F63-96FC-27F5BD8D027B}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{D9BA60C0-E478-49EA-8941-B317F822AFF1}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{E045584D-3471-4D8C-96A4-5CD4181057A2}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail "{CE5C7F1E-2733-4CE0-94B0-71C19833BBB8}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail "{E863A0F5-2890-416D-9CDD-078D49EF5BC7}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail "{93D879C0-1F14-4212-B3B1-C29CF9EF1648}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2006-11-10 14:10] R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2006-11-10 14:21] R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 15:11] R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080221.003\IDSvix86.sys [2008-02-14 02:51] R2 int15;int15;C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 17:12] R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-25 06:46] R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2007-10-30 19:55] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \shell\AutoRun\command - E:\start.exe /checksection [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \shell\AutoRun\command - K:\start.exe /checksection *Newly Created Service* - COMHOST . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-02-24 20:21:15 C:\Windows\Tasks\At1.job" - C:\Windows\system32\kmd.exe%/d /c start C:\ComboFix\sYs.bat /\c@ "2008-02-25 19:20:36 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - neojunior.job" - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeB/TASK: "2008-02-25 19:00:00 C:\Windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - neojunior.job" - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeB/TASK: . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-26 19:58:57 Windows 6.0.6000 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-02-26 19:59:36 ComboFix-quarantined-files.txt 2008-02-26 18:59:32 ComboFix2.txt 2008-02-23 17:06:55 ComboFix3.txt 2008-02-23 13:02:27 . 2008-02-22 05:15:35 --- E O F --- ------------------------------------------------

ComboFix 08-02-23.2 - neojunior 2008-02-25 19:48:54.4 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.508 [GMT 1:00] Endroit: D:\Mes Documents\téléchargements\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Program Files\Symantec\LiveUpdate\1.Settings.Default.LiveUpdate C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE C:\Program Files\Symantec\LiveUpdate\ALUNOTIFYRES.DLL C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvcRes.dll C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE C:\Program Files\Symantec\LiveUpdate\AUPDATERES.DLL C:\Program Files\Symantec\LiveUpdate\Lisezmoi.txt C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE C:\Program Files\Symantec\LiveUpdate\LUALL.EXE C:\Program Files\Symantec\LiveUpdate\LUALLRES.DLL C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe C:\Program Files\Symantec\LiveUpdate\LUCheck.exe C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE C:\Program Files\Symantec\LiveUpdate\LuConfig.EXE C:\Program Files\Symantec\LiveUpdate\ludirloc.dat C:\Program Files\Symantec\LiveUpdate\LUINFO.INF C:\Program Files\Symantec\LiveUpdate\LUInit.exe C:\Program Files\Symantec\LiveUpdate\LUInit.ini C:\Program Files\Symantec\LiveUpdate\LUINSDLL.DLL C:\Program Files\Symantec\LiveUpdate\LuInsRes.dll C:\Program Files\Symantec\LiveUpdate\LuPreCon.DLL C:\Program Files\Symantec\LiveUpdate\LuResult.txt C:\Program Files\Symantec\LiveUpdate\LUSETUP.EXE C:\Program Files\Symantec\LiveUpdate\LUUPDATE.EXE C:\Program Files\Symantec\LiveUpdate\MFC71.DLL C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_2.DLL C:\Program Files\Symantec\LiveUpdate\NotifyHA.exe C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_2.DLL C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_2.DLL C:\Program Files\Symantec\LiveUpdate\S32LIVE1.DLL C:\Program Files\Symantec\LiveUpdate\S32LUCP1RES.DLL C:\Program Files\Symantec\LiveUpdate\S32LUCP2.CPL C:\Program Files\Symantec\LiveUpdate\S32LUIS1.DLL C:\Program Files\Symantec\LiveUpdate\S32LUWI1.DLL C:\Program Files\Symantec\LiveUpdate\Settings.Default.LiveUpdate C:\Program Files\Symantec\LiveUpdate\SETUPRES.DLL C:\Program Files\Symantec\LiveUpdate\SymantecRootInstaller.exe C:\Program Files\Symantec\LiveUpdate\SymantecRootInstaller.log C:\Program Files\Symantec\LiveUpdate\SymantecRootInstallerRes.dll C:\Program Files\Symantec\LiveUpdate\UNRAR.DLL C:\Program Files\Symantec\S32EVNT1.DLL C:\Windows\System32\andt.sys C:\Windows\System32\Indt2.sys C:\Windows\System32\ndt2.sys C:\Windows\System32\routing.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Planificateur LiveUpdate automatique ((((((((((((((((((((((((((((( Fichiers créés 2008-01-25 to 2008-02-25 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-25 18:45 --------- d-----w C:\PROGRA~2\Symantec 2008-02-25 12:09 --------- d-----w C:\PROGRA~2\Google Updater 2008-02-24 20:31 --------- d-----w C:\PROGRA~2\Kaspersky Lab 2008-02-24 12:30 --------- d-----w C:\Program Files\Lavalys 2008-02-24 11:43 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF 2008-02-24 11:43 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS 2008-02-24 11:43 10,740 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT 2008-02-24 11:43 --------- d-----w C:\Program Files\Norton Internet Security 2008-02-24 11:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-02-23 18:21 --------- d-----w C:\Program Files\adslTV 2008-02-23 16:47 --------- d-----w C:\Program Files\Hijackthis Version Française 2008-02-23 13:49 --------- d-----w C:\Program Files\Panda Security 2008-02-23 12:14 --------- d-----w C:\Users\neojunior\AppData\Roaming\Download Manager 2008-02-23 10:30 --------- d-----w C:\Users\neojunior\AppData\Roaming\Azureus 2008-02-19 19:43 --------- d-----w C:\Program Files\IncrediMail 2008-02-18 15:55 --------- d-----w C:\Program Files\FpTest 2008-02-17 14:58 --------- d-----w C:\Users\neojunior\AppData\Roaming\dvdcss 2008-02-16 17:28 --------- d-----w C:\PROGRA~2\DVD Shrink 2008-02-16 17:27 --------- d-----w C:\Program Files\DVD Shrink 2008-02-16 08:03 --------- d-----w C:\Program Files\Google 2008-02-13 16:49 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys 2008-02-13 16:48 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys 2008-02-13 16:48 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys 2008-02-13 16:48 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys 2008-02-13 16:48 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys 2008-02-13 16:48 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys 2008-02-13 16:48 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys 2008-02-13 16:48 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys 2008-02-13 16:46 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys 2008-02-13 16:46 216,632 ----a-w C:\Windows\system32\drivers\netio.sys 2008-02-13 16:46 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys 2008-02-13 16:46 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys 2008-02-13 16:46 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys 2008-02-13 16:46 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys 2008-02-13 16:46 --------- d-----w C:\PROGRA~2\Microsoft Help 2008-02-13 16:45 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-02-08 19:19 --------- d-----w C:\Users\neojunior\AppData\Roaming\Todae 2008-02-07 18:50 --------- d-----w C:\Users\neojunior\AppData\Roaming\XnView 2008-02-07 18:28 --------- d-----w C:\Program Files\XnView 2008-02-03 21:06 --------- d-----w C:\Program Files\Planestate 2008-02-01 19:07 --------- d-----w C:\Users\neojunior\AppData\Roaming\vlc 2008-02-01 18:44 --------- d-----w C:\Program Files\HomePlayer1.5.3.1 2008-02-01 18:39 --------- d-----w C:\Program Files\Freeplayer 2008-01-20 12:43 --------- d-----w C:\Program Files\Alwil Software 2008-01-19 10:56 --------- d-----w C:\Users\neojunior\AppData\Roaming\LimeWire 2008-01-17 15:49 --------- d-----w C:\PROGRA~2\IM 2008-01-17 15:48 --------- d-----w C:\PROGRA~2\IncrediMail 2008-01-15 08:54 10,537 ----a-w C:\Windows\system32\drivers\COH_Mon.cat 2008-01-15 04:28 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf 2008-01-13 13:59 --------- d-----w C:\Program Files\Common Files\MAGIX Shared 2008-01-13 13:58 --------- d-----w C:\Program Files\MAGIX 2008-01-13 13:58 --------- d-----w C:\PROGRA~2\MAGIX 2008-01-12 23:23 --------- d-----w C:\Users\neojunior\AppData\Roaming\Media Player Classic 2008-01-12 17:32 23,904 ----a-w C:\Windows\system32\drivers\COH_Mon.sys 2008-01-09 05:28 --------- d-----w C:\Program Files\Windows Mail 2008-01-09 05:24 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys 2008-01-09 05:24 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys 2008-01-09 05:23 --------- d-----w C:\Program Files\Windows Sidebar 2008-01-06 10:14 --------- d-----w C:\Program Files\DivX 2008-01-06 09:54 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-01-04 19:25 --------- d-----w C:\Program Files\Azureus 2008-01-03 20:02 --------- d-----w C:\Program Files\Foxit Software 2008-01-03 16:49 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-03 16:48 --------- d-----w C:\Program Files\eBay 2008-01-03 16:48 --------- d-----w C:\PROGRA~2\eBay 2008-01-02 22:29 --------- d-----w C:\Program Files\Picasa2 2008-01-02 22:29 --------- d-----w C:\Program Files\Microsoft Works 2008-01-02 22:29 --------- d-----w C:\Program Files\Microsoft Picture It! 9 2008-01-02 22:29 --------- d-----w C:\PROGRA~2\Ulead Systems 2008-01-02 15:46 --------- d-----w C:\Users\neojunior\AppData\Roaming\Symantec 2007-12-29 14:09 --------- d-----w C:\PROGRA~2\Azureus 2007-09-15 11:24 174 --sha-w C:\Program Files\desktop.ini . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-15 15:24 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-15 12:32 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 03:57 3784704 C:\Windows\RtHDVCpl.exe] "eRecoveryService"="" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 04:28 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 04:28 8497696] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 04:28 81920] "UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 14:12 341488] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-15 15:27 185632] "TrayServer"="C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe" [2007-07-17 13:58 90112] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59 115816] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-15 15:24:16 126136] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] "mt"= SVVH0ST.EXE [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{CBA664D7-7845-4748-A78F-A801EA076BBF}"= UDP:C:\Program Files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{88ECF735-BA95-4C4C-B1DD-F8A0505D0210}"= TCP:C:\Program Files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{BDE6C266-D4E0-412E-8BDC-137FDAFD962D}"= UDP:C:\Program Files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess "{95A589C8-AC04-4F93-BBA6-CFE965C0573A}"= TCP:C:\Program Files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess "{9357837E-EEB8-4804-AEE7-FBB2A61280F4}"= UDP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess "{6539D799-7174-4EA6-AFEC-7E368AF33207}"= TCP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess "{3644AAC3-5A91-49CD-AFF0-3574437F4077}"= UDP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess "{BDD9BF01-7BE7-4893-B26C-DBF76962231A}"= TCP:C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess "{D107C740-DFB4-4E00-9C4E-0465AC8388A5}"= UDP:C:\Program Files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA "{E2EC3638-EB6F-463F-AD0E-8C6100D6E4DD}"= TCP:C:\Program Files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA "{582B234A-2EDA-4496-ACF3-432D2680BA55}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{1E8DF448-EECC-4757-A187-477D0F6DE5E3}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{A6AF243E-3A6B-476B-B97E-9AF101C48F03}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE| "{688C1D77-79C3-4CCB-A2B3-A4DAC6791371}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE| "{3ABDB307-A8DB-4B39-BEA8-28F597BF19D9}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail "{BF57F5F5-4216-4471-83B5-319650D4EC95}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail "{2B8925AA-D197-49A0-A5A0-66473832B174}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail "{12D966A4-5EA8-4E2B-BDAD-599F380EBDB2}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail "{47D9AE8D-E94B-4205-B349-72D36033631A}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{456FA2CD-7B28-44FB-B342-668BC32B915F}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "TCP Query User{5B2644DC-0EB4-4001-95FD-EA332A9FAC4D}C:\program files\adsltv\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "UDP Query User{E5145B18-140E-4C7B-8902-FAE3507AAC88}C:\program files\adsltv\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "TCP Query User{A761E0BD-53AC-48DC-9FB2-6124ADC088E6}C:\program files\adsltv\vlc.exe"= UDP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "UDP Query User{69F4105D-B29D-468F-BF35-4E813984EAFA}C:\program files\adsltv\vlc.exe"= TCP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "TCP Query User{4E014A16-CF61-4839-8A80-61D6FEB4F738}C:\program files\azureus\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "UDP Query User{FAE9906E-C9EC-471E-8588-DC6F02D6BAE7}C:\program files\azureus\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "TCP Query User{17D2B551-462C-427F-ABF1-F4D4840C1096}C:\program files\homeplayer1.5.1.2\homeplayer.exe"= UDP:C:\program files\homeplayer1.5.1.2\homeplayer.exe:HomePlayer|Desc=HomePlayer "UDP Query User{CBED141E-B8AF-40F0-AF06-2A094E08CFAB}C:\program files\homeplayer1.5.1.2\homeplayer.exe"= TCP:C:\program files\homeplayer1.5.1.2\homeplayer.exe:HomePlayer|Desc=HomePlayer "TCP Query User{D4773AAF-C287-489A-9E1D-2DBE748A83A1}C:\program files\freeplayer\vlc\vlc.exe"= UDP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player|Desc=VLC media player "UDP Query User{734EEDCA-77C9-4529-A14F-B4252901E386}C:\program files\freeplayer\vlc\vlc.exe"= TCP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player|Desc=VLC media player "TCP Query User{91D6016E-B905-409D-A49E-BE688931C1FE}C:\program files\adsltv\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "UDP Query User{0602E324-C378-44F0-8459-97D2B75B9961}C:\program files\adsltv\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv|Desc=adsltv "TCP Query User{9DE06431-B0F9-4185-93F6-68E930F68578}C:\program files\adsltv\vlc.exe"= UDP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "UDP Query User{68B44CD2-2E9F-4E02-A917-132CEF23ED7D}C:\program files\adsltv\vlc.exe"= TCP:C:\program files\adsltv\vlc.exe:VLC media player|Desc=VLC media player "TCP Query User{75D46E29-2BB6-4CC0-83BE-7C0808338EFD}C:\program files\homeplayer1.5.3.1\homeplayer.exe"= UDP:C:\program files\homeplayer1.5.3.1\homeplayer.exe:HomePlayer|Desc=HomePlayer "UDP Query User{12778A4F-6E32-49F1-8CB0-5581ABF5AD0B}C:\program files\homeplayer1.5.3.1\homeplayer.exe"= TCP:C:\program files\homeplayer1.5.3.1\homeplayer.exe:HomePlayer|Desc=HomePlayer "TCP Query User{04674E89-3B87-4197-B2CD-76654BE18266}C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe"= UDP:C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe:octoshapeclient.exe|Desc=octoshapeclient.exe "UDP Query User{1F28E1CC-9C76-4FE3-822A-BC17A3825189}C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe"= TCP:C:\users\neojunior\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe:octoshapeclient.exe|Desc=octoshapeclient.exe "TCP Query User{9BB719DD-A684-4E9F-831B-7F4F4FE50566}C:\program files\azureus\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "UDP Query User{99926E98-E439-462B-844B-4FBAA0AD0646}C:\program files\azureus\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus "{B93315E9-0135-4F63-96FC-27F5BD8D027B}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{D9BA60C0-E478-49EA-8941-B317F822AFF1}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{EDE27E2E-871B-4898-A304-9399356EC617}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail "{F3653967-1DC0-4C23-8AAE-2D24ADF3B1AC}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail "{87B2A954-D809-47FB-BA00-C6CBC81CD1A3}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail "{6DA01B39-CAEA-4E39-9A74-4B49B06170A9}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2006-11-10 14:10] R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2006-11-10 14:21] R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 15:11] R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080221.003\IDSvix86.sys [2008-02-14 02:51] R2 int15;int15;C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 17:12] R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-25 06:46] R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2007-10-30 19:55] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \shell\AutoRun\command - E:\start.exe /checksection [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \shell\AutoRun\command - K:\start.exe /checksection *Newly Created Service* - COMHOST . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-02-24 20:21:15 C:\Windows\Tasks\At1.job" - C:\Windows\system32\kmd.exe%/d /c start C:\ComboFix\sYs.bat /\c@ "2008-02-24 11:41:05 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - neojunior.job"

Bonjour Thanos merci pour ton aide voici le rapport : --------------------------------------------------------------------------------------------------------------- ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, February 25, 2008 6:27:36 PM Operating System: Microsoft Windows Vista Home Edition, (Build 6000) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 25/02/2008 Kaspersky Anti-Virus database records: 580051 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ F:\ G:\ H:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 84833 Number of viruses found: 3 Number of infected objects: 7 Number of suspicious objects: 0 Duration of the scan process: 01:05:29 Infected Object Name / Virus Name / Last Action C:\Boot\BCD Object is locked skipped C:\Boot\BCD.LOG Object is locked skipped C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bc69816d90388ccddd306c20e5b34654_192024c0-460d-4b2f-8466-9717c5e49b6b Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ce0342c240ad55dd89fbf597318e4036_fc8543c6-9b25-44fe-8d6a-24566b9957e3 Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d2463a2926adde5e1d212be1624d92b8_fc8543c6-9b25-44fe-8d6a-24566b9957e3 Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eca2d771bc083698767e081b57df53d6_fc8543c6-9b25-44fe-8d6a-24566b9957e3 Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.119.Crwl Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.119.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010001.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010002.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010003.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010004.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010005.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010006.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010007.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010008.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010009.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01000A.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01000B.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01000C.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01000D.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01000E.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01000F.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010010.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010011.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010012.ci Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010012.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010012.wsb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010013.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010014.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010015.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010016.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010017.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010018.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010019.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001A.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001B.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001C.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001D.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001E.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01001F.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010020.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010021.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010022.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010024.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010025.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010028.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010029.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles01002B.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy177.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfA36F.tmp Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfA370.tmp Object is locked skipped C:\ProgramData\Symantec\Common Client\settings.dat Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBConfig.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBDebug.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBDetect.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBNotify.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBRefr.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBSetCfg.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBSetDev.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBSetLoc.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBSetUsr.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBStHash.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\BBValid.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\SPPolicy.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\SPStart.log Object is locked skipped C:\ProgramData\Symantec\SPBBC\SPStop.log Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtErEvt.log Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtETmp\20156F6C.TMP Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtETmp\8385378C.TMP Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtETmp\9F0C6565.TMP Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtScEvt.log Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped C:\ProgramData\Symantec\SRTSP\SrtViEvt.log Object is locked skipped C:\ProgramData\Symantec\SubEng\submissions.idx Object is locked skipped C:\ProgramData\Symantec\SymNetDrv\SNDALRT.log Object is locked skipped C:\ProgramData\Symantec\SymNetDrv\SNDCON.log Object is locked skipped C:\ProgramData\Symantec\SymNetDrv\SNDDBG.log Object is locked skipped C:\ProgramData\Symantec\SymNetDrv\SNDFW.log Object is locked skipped C:\ProgramData\Symantec\SymNetDrv\SNDIDS.log Object is locked skipped C:\ProgramData\Symantec\SymNetDrv\SNDSYS.log Object is locked skipped C:\QooBox\Quarantine\catchme2008-02-24_212343.52.zip/andt.sys Infected: Trojan-Downloader.Win32.Delf.evt skipped C:\QooBox\Quarantine\catchme2008-02-24_212343.52.zip/Indt2.sys Infected: not-a-virus:AdWare.Win32.VB.bh skipped C:\QooBox\Quarantine\catchme2008-02-24_212343.52.zip/ndt2.sys Infected: Trojan-Downloader.Win32.Delf.evt skipped C:\QooBox\Quarantine\catchme2008-02-24_212343.52.zip ZIP: infected - 3 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008022520080226\index.dat Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\UsrClass.dat{00f9827a-6e8b-11dc-8bf2-001921588781}.TM.blf Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\UsrClass.dat{00f9827a-6e8b-11dc-8bf2-001921588781}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\neojunior\AppData\Local\Microsoft\Windows\UsrClass.dat{00f9827a-6e8b-11dc-8bf2-001921588781}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\neojunior\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped C:\Users\neojunior\ntuser.dat Object is locked skipped C:\Users\neojunior\ntuser.dat.LOG1 Object is locked skipped C:\Users\neojunior\ntuser.dat.LOG2 Object is locked skipped C:\Users\neojunior\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Users\neojunior\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\neojunior\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\Debug\PASSWD.LOG Object is locked skipped C:\Windows\Debug\sam.log Object is locked skipped C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\catroot2\edb.log Object is locked skipped C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\config\components Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped C:\Windows\System32\config\default Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped C:\Windows\System32\config\RegBack\SAM Object is locked skipped C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped C:\Windows\System32\config\sam Object is locked skipped C:\Windows\System32\config\SAM.LOG1 Object is locked skipped C:\Windows\System32\config\SAM.LOG2 Object is locked skipped C:\Windows\System32\config\security Object is locked skipped C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped C:\Windows\System32\config\software Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped C:\Windows\System32\config\system Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5JCW1EXH\index[1].htm Infected: Trojan-Downloader.JS.IstBar.ai skipped C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5JCW1EXH\w[1].bin Infected: Trojan-Downloader.Win32.Delf.evt skipped C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T95W2Q7H\discover[1].exe Infected: not-a-virus:AdWare.Win32.VB.bh skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.001 Object is locked skipped C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped C:\Windows\WindowsUpdate.log Object is locked skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.

tu mas déja beaucoup aidé, merci beaucoup là de dois partir je suis attendu a un anniv, je ne voudrais pas arriver a la fiesta en retard !!! bonne soirée a toi

impossible de le supprimr il me dit que le fichier est ouvert par un autre programme ou que je ne dispose pas d'autorisation alors que je suis en mode administrateur

J'ai du telecharger une autre version de hijackthis parce que j'avais des soucis avec la version française Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:53:59, on 23/02/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\conime.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\NEOJUN~1\AppData\Local\Temp\Rar$EX00.368\HijackThis.exe C:\Users\neojunior\Desktop\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O1 - Hosts: 82.98.86.172 incridimail.com O1 - Hosts: 210.72.13.14 lxszn.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [uVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKLM\..\Policies\Explorer\Run: [mt] SVVH0ST.EXE O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Routing Service (Routing) - Unknown owner - C:\Windows\system32\routing.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 6258 bytes

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:50:42, on 23/02/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\conime.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\NEOJUN~1\AppData\Local\Temp\Rar$EX00.368\HijackThis.exe C:\Users\neojunior\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O1 - Hosts: 82.98.86.172 incridimail.com O1 - Hosts: 210.72.13.14 lxszn.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [uVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKLM\..\Policies\Explorer\Run: [mt] SVVH0ST.EXE O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Routing Service (Routing) - Unknown owner - C:\Windows\system32\routing.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 6515 bytes

PS : Tu aurais dû me poster un nouveau scan après avoir fixé les lignes sinon je vois pas les modifications !! C'était un nouveau scan

Me voici de retour lorsque je clic sur GO j'ai le message d'erreur suivant : Erreur d'exécution '52' nom ou numéro de fichier uncorred

Merci beaucoup pour aide toutoune je dois m'absenter pendant une petite heure, alors je le ferais tout a l'heure merci encore

je pense que ça a marché Logfile of HijackThis v1.99.1 Scan saved at 15:42:43, on 23/02/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O1 - Hosts: 82.98.86.172 incridimail.com O1 - Hosts: 210.72.13.14 lxszn.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [uVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Routing Service (Routing) - Unknown owner - C:\Windows\system32\routing.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Logfile of HijackThis v1.99.1 Scan saved at 15:42:43, on 23/02/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O1 - Hosts: 82.98.86.172 incridimail.com O1 - Hosts: 210.72.13.14 lxszn.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [uVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Routing Service (Routing) - Unknown owner - C:\Windows\system32\routing.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)