Nevo

on dirait que le contenu d'un seul post est limité, je met donc le reste du rapport hijackthis sur ce post: Concentrateur USB2: system32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: system32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing USN Journal Reader: C:\WINDOWS\system32\svchost.exe -k usnsvc (manual start) vaxscsi: \SystemRoot\System32\Drivers\vaxscsi.sys (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) ViaIde: system32\DRIVERS\viaide.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (system) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 38 635 bytes Report generated in 0,203 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only je crois que c'est bon la ^_^" !

voila operations terminées, voici les rapport demandés: _rapport ewido: --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 20:15:53 13/08/2006 + Scan result: :mozilla.87:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Adtech : No action taken. :mozilla.88:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Adtech : No action taken. :mozilla.172:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.122:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Atdmt : No action taken. :mozilla.129:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken. :mozilla.44:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken. :mozilla.45:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Estat : No action taken. :mozilla.62:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.55:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.56:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.57:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.164:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken. :mozilla.165:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken. :mozilla.166:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken. :mozilla.128:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Valueclick : No action taken. :mozilla.63:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Weborama : No action taken. :mozilla.65:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Weborama : No action taken. :mozilla.66:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Weborama : No action taken. ::Report end _rapport chercher.cmd: C:\WINDOWS\System32\Uninstall.ico -->12/08/2006 12:40:05 C:\WINDOWS\System32\pavas.ico -->12/08/2006 12:40:05 C:\WINDOWS\System32\Help.ico -->12/08/2006 12:40:05 C:\WINDOWS\System32\asfiles.txt -->12/08/2006 02:21:38 C:\WINDOWS\System32\x10prod.sys -->09/08/2006 16:39:02 C:\WINDOWS\System32\FNTCACHE.DAT -->09/08/2006 11:25:05 C:\WINDOWS\System32\wpa.dbl -->08/08/2006 16:02:43 C:\WINDOWS\System32\PerfStringBackup.INI -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfh00C.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfh009.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfc00C.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfc009.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\amcompat.tlb -->03/08/2006 15:46:05 C:\WINDOWS\System32\nscompat.tlb -->03/08/2006 15:46:04 C:\WINDOWS\System32\MRT.exe -->03/08/2006 01:22:50 C:\WINDOWS\System32\mshtml.dll -->28/07/2006 11:28:08 C:\WINDOWS\System32\SpoonUninstall.exe -->27/07/2006 22:50:00 C:\WINDOWS\System32\inetcomm.dll -->27/07/2006 13:26:19 C:\WINDOWS\System32\urlmon.dll -->25/07/2006 20:41:01 C:\WINDOWS\System32\CmdLineExt.dll -->24/07/2006 15:47:05 C:\WINDOWS\System32\hlink.dll -->21/07/2006 08:27:28 C:\WINDOWS\System32\netapi32.dll -->14/07/2006 15:41:05 C:\WINDOWS\System32\hhctrl.ocx -->14/07/2006 15:27:53 C:\WINDOWS\System32\shell32.dll -->13/07/2006 13:36:01 C:\WINDOWS\System32\kernel32.dll -->05/07/2006 10:56:38 C:\WINDOWS\WindowsUpdate.log -->13/08/2006 20:27:59 C:\WINDOWS\0.log -->13/08/2006 20:21:16 C:\WINDOWS\wiadebug.log -->13/08/2006 20:20:09 C:\WINDOWS\wiaservc.log -->13/08/2006 20:20:08 C:\WINDOWS\bootstat.dat -->13/08/2006 20:19:31 C:\WINDOWS\win.ini -->13/08/2006 20:17:55 C:\WINDOWS\system.ini -->13/08/2006 20:17:55 C:\WINDOWS\REGGOTO.INI -->13/08/2006 19:34:27 C:\WINDOWS\SchedLgU.Txt -->13/08/2006 17:40:34 C:\WINDOWS\AviSplitter.INI -->12/08/2006 21:52:30 C:\WINDOWS\pavsig.txt -->12/08/2006 12:40:13 C:\WINDOWS\setupapi.log -->12/08/2006 02:18:19 C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->10/08/2006 16:05:24 C:\WINDOWS\setupact.log -->10/08/2006 15:19:07 C:\WINDOWS\tsoc.log -->10/08/2006 02:01:40 Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\WINDOWS\system 07/05/1998 16:04 52 736 hpsysdrv.exe 1 fichier(s) 52 736 octets 0 Rép(s) 44 667 400 192 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\WINDOWS\system32 05/08/2004 18:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 44 667 400 192 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\Program Files 13/08/2006 17:46 <REP> . 13/08/2006 17:46 <REP> .. 12/08/2006 03:14 <REP> a-squared Free 20/01/2006 10:40 <REP> Adobe 08/07/2006 15:14 <REP> Alcohol Soft 03/01/2005 04:17 <REP> ATI Technologies 24/07/2006 18:38 <REP> CAPCOM 09/08/2006 14:48 <REP> Disco-WebTV 15/01/2006 23:46 <REP> Easy Internet signup 12/08/2006 10:53 <REP> eMule 13/08/2006 09:59 <REP> ewido anti-spyware 4.0 14/04/2006 11:50 778 ffdsasetts.reg 14/04/2006 11:50 30 654 ffdssetts.reg 14/04/2006 11:50 30 040 ffdsvsetts.reg 26/07/2006 13:01 <REP> Fichiers communs 12/08/2006 23:36 <REP> Free Download Manager 03/01/2005 04:33 <REP> Hewlett-Packard 12/08/2006 14:09 <REP> HijackThis 21/12/2005 21:52 <REP> HP 12/08/2006 12:54 <REP> Internet Explorer 13/07/2006 23:34 <REP> Interplay 03/01/2005 04:34 <REP> InterVideo 12/02/2006 00:16 <REP> Jasc Software Inc 03/01/2005 04:10 <REP> Java 12/08/2006 18:46 <REP> La Pipelette 06/08/2006 23:06 <REP> Mega Bloc Notes 03/01/2005 04:14 <REP> Messenger 07/01/2006 14:17 <REP> microsoft frontpage 06/01/2006 11:29 <REP> Microsoft Office 06/01/2006 11:29 <REP> Microsoft Visual Studio 11/03/2006 12:18 <REP> mIRC 25/11/2004 03:27 <REP> Movie Maker 13/08/2006 20:22 <REP> Mozilla Firefox 14/04/2006 11:50 824 mpc5.reg 22/05/2006 13:50 <REP> MSN 25/11/2004 03:27 <REP> MSN Gaming Zone 12/08/2006 12:57 <REP> MSN Messenger 01/02/2005 07:54 <REP> NetMeeting 12/08/2006 12:57 <REP> Norton Internet Security 25/11/2004 03:27 <REP> Online Services 19/04/2006 03:00 <REP> Outlook Express 03/01/2005 04:47 <REP> PC-Doctor 5 for Windows 20/12/2005 20:58 <REP> SAGEM 14/04/2006 10:56 4 482 satsukidecodersettings.ini 17/12/2005 00:02 <REP> SEGA 03/01/2005 04:45 <REP> Services en ligne 10/08/2006 18:31 <REP> Shareaza 03/01/2005 04:33 <REP> Sonic 12/08/2006 12:59 <REP> Spybot - Search & Destroy 09/08/2006 17:47 <REP> SpywareBlaster 03/01/2005 04:50 <REP> Symantec 27/07/2006 15:35 <REP> ToniArts 13/06/2006 23:16 <REP> TrackMania Nations ESWC 01/04/2006 15:12 <REP> Twin USB Vibration Gamepad 01/04/2006 15:12 <REP> USB Vibration Joystick 23/01/2006 19:22 <REP> VGA USB Camera 03/07/2006 14:38 <REP> Vso 12/08/2006 12:59 <REP> Windows Media Player 01/02/2005 07:54 <REP> Windows NT 12/08/2006 03:26 <REP> WinRAR 25/11/2004 03:28 <REP> xerox 03/08/2006 15:24 <REP> XP Codec Pack 5 fichier(s) 66 778 octets 57 Rép(s) 44 667 396 096 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\Program Files\fichiers communs 26/07/2006 13:01 <REP> . 26/07/2006 13:01 <REP> .. 26/07/2006 13:03 <REP> Adobe 03/08/2006 15:40 <REP> Ahead 02/01/2006 10:26 <REP> AOL 06/01/2006 11:29 <REP> Designer 03/01/2005 04:28 <REP> Hewlett-Packard 03/01/2005 04:26 <REP> HP 03/01/2005 04:37 <REP> InstallShield 04/01/2006 21:33 <REP> Jasc Software Inc 03/01/2005 04:10 <REP> Java 21/06/2006 12:43 <REP> Microsoft Shared 25/11/2004 03:26 <REP> MSSoap 03/01/2005 04:38 <REP> muvee Technologies 25/11/2004 03:26 <REP> ODBC 26/07/2006 13:02 <REP> Real 01/02/2005 07:54 <REP> Services 03/01/2005 04:32 <REP> Sonic Shared 25/11/2004 03:26 <REP> SpeechEngines 03/01/2005 04:32 <REP> SureThing Shared 13/08/2006 02:32 <REP> Symantec Shared 19/04/2006 03:00 <REP> System 03/01/2005 04:33 <REP> TiVo Shared 19/01/2006 19:13 <REP> Vbox 0 fichier(s) 0 octets 24 Rép(s) 44 667 396 096 octets libres c:\Documents and Settings\HP_Propriétaire\loaded.exe c:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\HP_Propriétaire\Bureau\blbeta.exe c:\Documents and Settings\HP_Propriétaire\Bureau\outils de desinfection\ATF-Cleaner.exe c:\Documents and Settings\HP_Propriétaire\Bureau\outils de desinfection\ewido-setup_4.0.0.172c.exe c:\Documents and Settings\HP_Propriétaire\Bureau\outils de desinfection\Fixwareout.exe c:\Documents and Settings\HP_Propriétaire\Bureau\outils de desinfection\KillBox.exe c:\Documents and Settings\HP_Propriétaire\Bureau\outils de desinfection\chercher\LFiles.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Shareaza\Incomplete\PhotoShop CS 8.0 & ImageReady CS 8.0 Crack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\fdminst.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Piplette.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Tcpview.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\last\01tox extra pack[by prince418]\01tox extra pack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\last\prnapp70\setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Adobe Photoshop 7.0.1 Fr Crack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Shareaza_2.1.0.0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Ulead.Gif.Animator.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\Crack for all Adobe Tryout apps Photoshop CS 8.0, Pagemaker, Illustrator, Framemaker etc\AdobeGlobalCrack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\D3DX9_dll_update\D3DX9_dll_update\Installer\DXSETUP.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\jtk361en\jtk361en\JoyToKey.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\ssspsx_0.0.26_windows\SSSPSX\SSSPSX.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Alcohol120_trial_1.9.5.4212.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Authorware_Web_Player_Plugin.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\awmaw.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\blender-2.37a-windows.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ControlMKv0232.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\copytodvd3_setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\directx_9c_redist.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\dxwebsetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\EClea2_0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\eMule0.46c-Installer.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Firefox Setup 1.5.0.1.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\FRAPS274.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\GoogleEarthSetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\GoogleEarthSetup_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hnecoufr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hnsofafr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Mame32b.106.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Mame32v.102_Binary.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MegaBlocNotes.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\nospafr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\nospafr_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ps7_tryout_fra.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Shareaza_2.2.1.0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\spybotsd14.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Update.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\WINISO53.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\wrar351fr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ZCodec1009.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Mame32\Mame32.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\neorage\NeoRAGEx.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx\ePSXe.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx2\psxfin.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx2\utils\cdztool.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll Vérifications de quelques clefs Recherche de clefs EGDACCESS HKLM\SOFTWARE\Microsoft\Windows\explorer\SharedTaskScheduler _rapport hijackthis "startuplist log": StartupList report, 13/08/2006, 20:40:51 StartupList version: 1.52.2 Started from : C:\Program Files\HijackThis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\HP\KBD\KBD.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0\bin\jusched.exe ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe HPHUPD08 = c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe KBD = C:\HP\KBD\KBD.EXE Recguard = C:\WINDOWS\SMINST\RECGUARD.EXE PCDrProfiler = ccApp = "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" URLLSTCK.exe = c:\Program Files\Norton Internet Security\UrlLstCk.exe LSBWatcher = c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe NWEReboot = !ewido = "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized MSConfig = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe Free Download Manager = C:\Program Files\Free Download Manager\fdm.exe -autorun -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install [{8b15971b-5355-4c82-8c07-7e181ea07608}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IDMIECC.dll (file missing) - {0055C089-8582-441B-A0BF-17B458C2A3A8} (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872} (no name) - C:\Program Files\Free Download Manager\iefdmcks.dll - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -------------------------------------------------- Enumerating Task Scheduler jobs: Norton AntiVirus - Analyser mon ordinateur - HP_Propriétaire.job Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [Java Plug-in 1.5.0] InProcServer32 = C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [Java Plug-in 1.5.0] InProcServer32 = C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\MACROMED\FLASH\FLASH.OCX CODEBASE = http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\idmmbc.dll Protocol #2: C:\WINDOWS\system32\idmmbc.dll Protocol #3: C:\WINDOWS\system32\idmmbc.dll Protocol #4: C:\WINDOWS\system32\idmmbc.dll Protocol #5: C:\WINDOWS\system32\mswsock.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\rsvpsp.dll Protocol #9: C:\WINDOWS\system32\rsvpsp.dll Protocol #10: C:\WINDOWS\system32\idmmbc.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll Protocol #18: C:\WINDOWS\system32\mswsock.dll Protocol #19: C:\WINDOWS\system32\mswsock.dll Protocol #20: C:\WINDOWS\system32\mswsock.dll Protocol #21: C:\WINDOWS\system32\mswsock.dll Protocol #22: C:\WINDOWS\system32\mswsock.dll Protocol #23: C:\WINDOWS\system32\mswsock.dll Protocol #24: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) General Purpose USB Driver (adildr.sys): System32\Drivers\adildr.sys (autostart) USB ADSL WAN Adapter: system32\DRIVERS\adiusbaw.sys (manual start) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Agere Systems Soft Modem: system32\DRIVERS\AGRSM.sys (manual start) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Pilote de processeur AMD: system32\DRIVERS\AmdK8.sys (system) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: system32\DRIVERS\arp1394.sys (manual start) Advanced SCSI Programming Interface Driver: \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys (manual start) Service d'état ASP.NET: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start) atksgt: system32\DRIVERS\atksgt.sys (autostart) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pont MAC: system32\DRIVERS\bridge.sys (manual start) Miniport de pont MAC: system32\DRIVERS\bridge.sys (manual start) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) Symantec Event Manager: "c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe" (autostart) Symantec Network Proxy: "c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe" (autostart) Symantec Password Validation: "c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe" (manual start) Symantec Settings Manager: "c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe" (autostart) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) dtscsi: \SystemRoot\System32\Drivers\dtscsi.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) ewido anti-spyware 4.0 driver: \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys (system) ewido anti-spyware 4.0 guard: C:\Program Files\ewido anti-spyware 4.0\guard.exe (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fax: %systemroot%\system32\fxssvc.exe (manual start) Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: system32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start) Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start) USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (manual start) IntelIde: system32\DRIVERS\intelide.sys (system) Pilote de processeur Intel: system32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: system32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) ISSvc: "c:\Program Files\Norton Internet Security\ISSVC.exe" (autostart) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) lirsgt: system32\DRIVERS\lirsgt.sys (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Machine Debug Manager: "C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe" (autostart) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Service Norton AntiVirus Auto-Protect: "c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" (autostart) NAVENG: \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20060215.006\NAVENG.Sys (manual start) NAVEX15: \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20060215.006\NavEx15.Sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: system32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte compatible IEE 1394 VIA OHCI: system32\DRIVERS\ohci1394.sys (system) VGA USB Camera: System32\Drivers\ov519vid.sys (manual start) Pilote de port parallèle: system32\DRIVERS\parport.sys (manual start) Pilote de bus PCI: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) Low level access layer for CD devices: System32\Drivers\Pcouffin.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (system) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Pilote processeur: system32\DRIVERS\processr.sys (system) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) PS2: system32\DRIVERS\PS2.sys (manual start) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver: system32\DRIVERS\Rtlnicxp.sys (manual start) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C): system32\DRIVERS\RTL8139.SYS (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) SAVRT: \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS (manual start) SAVRTPEL: \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS (system) SAVScan: "c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe" (manual start) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (autostart) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system) StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system) StarForce Protection VFS Driver (version 2.x): System32\drivers\sfvfs02.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Symantec Network Drivers Service: "c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe" (autostart) SPBBCDrv: \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys (system) Symantec SPBBCSvc: "c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe" (autostart) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) sptd: System32\Drivers\sptd.sys (system) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) StarWind iSCSI Service: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (autostart) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{383FA16D-AF8F-4C60-B213-2B9363664871} (manual start) SYMDNS: \SystemRoot\System32\Drivers\SYMDNS.SYS (manual start) SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start) SYMFW: \SystemRoot\System32\Drivers\SYMFW.SYS (manual start) SYMIDS: \SystemRoot\System32\Drivers\SYMIDS.SYS (manual start) SYMIDSCO: \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20060710.095\symidsco.sys (manual start) SYMNDIS: \SystemRoot\System32\Drivers\SYMNDIS.SYS (manual start) SYMREDRV: \SystemRoot\System32\Drivers\SYMREDRV.SYS (manual start) SYMTDI: \SystemRoot\System32\Drivers\SYMTDI.SYS (system) SymWMI Service: "c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe" (autostart) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote USB audio (WDM): system32\drivers\usbaudio.sys (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: syst

oui mais deja que je pense que ce soit grave, j'ai remarqué ca deux fois pour tout dire et l'ecran n'etait pas vraiment tres sombre je veux dire ca ne sautai pas aux yeux ce n'est qu'en pretant l'oeuil qu'on le remarque, et puis meme si je voulais le ramené en magasin je pourrai pas leur montré le probleme sur place tout de suite! je crois que comme tu as les ecrans Lcd nous joue parfois des tour et puis toute si jamais le probleme prend de l'ampleur je ne manquerai pas d'user de ma garantie voila! mais bon, pour l'instant ca m'inquiete pas vraiment!

au fait petite precision a propos du probleme concernant shokwave...j'ai dit que qu'il avait disparu , je n'ai plus ce message d'erreur lorsque je consulte une page avec un contenu flash (d'ailleurs tout mes probleme avec Firefox ont disparu!) voici le rapport demandé fait avec blacklight: 08/13/06 00:47:43 [info]: BlackLight Engine 1.0.42 initialized 08/13/06 00:47:43 [info]: OS: 5.1 build 2600 (Service Pack 2) 08/13/06 00:47:43 [Note]: 7019 4 08/13/06 00:47:43 [Note]: 7005 0 08/13/06 00:47:47 [Note]: 7006 0 08/13/06 00:47:48 [Note]: 7011 2300 08/13/06 00:47:48 [Note]: 7026 0 08/13/06 00:47:48 [Note]: 7026 0 08/13/06 00:47:53 [Note]: FSRAW library version 1.7.1019 08/13/06 00:50:40 [Note]: 2000 1006 08/13/06 00:54:01 [Note]: 7007 0 voila j'attend la suite !

salut a tous ! j'edite ce topic afin de vous soumettre une petite interrogation a propos de mon ecran, un 17" de type Lcd et la marque c'est HP ! voila je pense pas que ce soit grave mais j'ai quand meme remarqué ce petit phenomene dernierement, en fait ces derniers temps je le laisse allumé un peu plus longtemps que d'habitude (une journée entiere...) et je me suis rendu compte le soir lorsque je l'utilise apres l'avoir laissé allumé toute l'apres midi par exemple que l'image est un peu plus terne ou...sombre que d'habitude et quand je met par exemple un film ou il ya une scene qui est plutot obscur je n'y vois presque plus rien ce qui confirme que l'ecran est moin lumineux que d'habitude, mais quand je l'eteint puis que je le ralume tout de suite l'image redevient normal ! est ce normal ? Cela cacherait t'il une pannne avenir ? A savoir que j'ai acheté mon ecran il ya 6 mois avec mon nouveau PC et qu'il n'a jamais recu de choque violent !

voila tout ce qui a été demander! Concernant Emule je ne l'ai pas utilisé de toute facon il se lance automatiquement a chaque demarage, sinon pour le deuxieme "shareaza" oui c'est vrai que je m'en suis (je l'ai d'ailleurs depuis le debut) , mais il faut dire qu'il me sert surtout pour les telechargement en "torrent" pour le p2p c'est plutot emule mais je n'ai pas vraiment utilisé ce dernier zuré ! le rapport de virus-total pour le fichier a6f5c64b.exe: Complete scanning result of "a6f5c64b.exe", received in VirusTotal at 08.12.2006, 17:52:21 (CET). Antivirus Version Update Result AntiVir 6.35.1.0 08.12.2006 TR/Small.Crypted.Gen Authentium 4.93.8 08.12.2006 no virus found Avast 4.7.844.0 08.10.2006 Win32:Downloader-gen AVG 386 08.11.2006 no virus found BitDefender 7.2 08.12.2006 BehavesLike:Win32.ExplorerHijack CAT-QuickHeal 8.00 08.12.2006 (Suspicious) - DNAScan ClamAV devel-20060426 08.12.2006 no virus found DrWeb 4.33 08.12.2006 Trojan.DownLoader.based eTrust-InoculateIT 23.72.94 08.12.2006 no virus found eTrust-Vet 30.3.3012 08.11.2006 Win32/Beenut!generic Ewido 4.0 08.12.2006 no virus found Fortinet 2.77.0.0 08.11.2006 suspicious F-Prot 3.16f 08.11.2006 no virus found F-Prot4 4.2.1.29 08.11.2006 no virus found Ikarus 0.2.65.0 08.11.2006 no virus found Kaspersky 4.0.2.24 08.12.2006 Trojan-Downloader.Win32.Obfuscated.n McAfee 4827 08.11.2006 Downloader-AXI.gen Microsoft 1.1508 08.04.2006 no virus found NOD32v2 1.1704 08.11.2006 a variant of Win32/TrojanDownloader.Busky Norman 5.90.23 08.11.2006 W32/Zlob.gen15 Panda 9.0.0.4 08.12.2006 Adware/SystemDoctor Sophos 4.08.0 08.12.2006 Troj/ObfLdr-Gen Symantec 8.0 08.12.2006 Trojan.Zlob TheHacker 5.9.8.190 08.10.2006 no virus found UNA 1.83 08.11.2006 no virus found VBA32 3.11.0 08.11.2006 no virus found VirusBuster 4.3.7:9 08.11.2006 Trojan.DL.Obfuscated.Gen Aditional Information File size: 21504 bytes MD5: 3cb98ffbade98352ce471e037e1f1d90 SHA1: 995e73f9a163dc860fec36a7202a3b94603cd964 packers: embedded _le contenu de ffsasetts.reg (meme s'il n'a pas ete demandé j'ai cru bon de le mettre il était a coté de deux autres!) Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\GNU\ffdshow_audio] "mp2"=dword:00000006 "mp3"=dword:00000006 "aac"=dword:00000008 "vorbis"=dword:00000012 "amr"=dword:00000001 "flac"=dword:00000001 "tta"=dword:00000001 "truespeech"=dword:00000001 [HKEY_CURRENT_USER\Software\GNU\ffdshow_audio\default] "mixerOut"=dword:00000001 "isMixer"=dword:00000001 _le contenu de ffdssetts.reg: Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\GNU\ffdshow] "lang"="fr" "xvid"=dword:00000001 "div3"=dword:00000001 "divx"=dword:00000001 "dx50"=dword:00000001 "mp43"=dword:00000001 "mp42"=dword:00000001 "mp41"=dword:00000001 "_3iv"=dword:00000001 "h263"=dword:00000001 "h264"=dword:00000001 "mpegavi"=dword:00000001 "theo"=dword:00000001 "png1"=dword:00000001 [HKEY_CURRENT_USER\Software\GNU\ffdshow\default] "needOutcspsFix"=dword:00000000 "needGlobalFix"=dword:00000000 "workaroundBugs2"=dword:00000001 "errorConcealment"=dword:00000003 "errorResilience"=dword:00000001 "threadsnum"=dword:00000001 "videoDelay"=dword:00000000 "isVideoDelayEnd"=dword:00000000 "videoDelayEnd"=dword:00000000 "autoloadSize"=dword:00000000 "autoloadSizeXmin"=dword:00000010 "autoloadSizeXmax"=dword:00000800 "autoloadSizeCond"=dword:00000001 "autoloadSizeYmin"=dword:00000010 "autoloadSizeYmax"=dword:00000800 "isDyInterlaced"=dword:00000000 "dyInterlaced"=dword:00000120 "idct"=dword:00000000 "grayscale"=dword:00000000 "isCropNzoom"=dword:00000000 "isZoom"=dword:00000000 "magnificationX"=dword:00000000 "cropLeft"=dword:00000000 "cropRight"=dword:00000000 "cropTop"=dword:00000000 "cropBottom"=dword:00000000 "magnificationY"=dword:00000000 "magnificationLocked"=dword:00000001 "panscanZoom"=dword:00000000 "panscanX"=dword:00000000 "panscanY"=dword:00000000 "showCropNzoom"=dword:00000001 "orderCropNzoom"=dword:ffffffff "fullCropNzoom"=dword:00000000 "isDeinterlace"=dword:00000000 "fullDeinterlace"=dword:00000000 "deinterlaceMethod"=dword:00000002 "tomocompSE"=dword:00000003 "swapFields"=dword:00000000 "tomocompVF"=dword:00000000 "frameRateDoublerThreshold"=dword:000000ff "frameRateDoublerSE"=dword:00000003 "showDeinterlace"=dword:00000001 "kernelDeintThreshold"=dword:0000000a "kernelDeintSharp"=dword:00000000 "kernelDeintTwoway"=dword:00000000 "kernelDeintMap"=dword:00000000 "orderDeinterlace"=dword:00000000 "dgbobMode"=dword:00000001 "dgbobThreshold"=dword:0000000c "dgbobAP"=dword:00000000 "kernelDeintLinked"=dword:00000000 "dscalerDIflnm"="" "dscalerDIcfg"="" "isLogoaway"=dword:00000000 "showLogoaway"=dword:00000001 "orderLogoaway"=dword:00000001 "fullLogoaway"=dword:00000000 "logoawayX"=dword:00000064 "logoawayY"=dword:0000000a "logoawayDx"=dword:00000010 "logoawayDy"=dword:00000010 "logoawayMode"=dword:00000002 "logoawayBlur"=dword:00000001 "logoawayPointnw"=dword:00000005 "logoawayPointne"=dword:00000006 "logoawayPointsw"=dword:00000007 "logoawayPointse"=dword:00000008 "logoawayBordn_mode"=dword:00000001 "logoawayBorde_mode"=dword:00000001 "logoawayBords_mode"=dword:00000001 "logoawayBordw_mode"=dword:00000001 "logoawayVhweight"=dword:00000005 "logoawaySolidcolor"=dword:00ffffff "logoawayLumaOnly"=dword:00000000 "logoawayParambitmap"="" "ppqual"=dword:00000006 "autoq"=dword:00000000 "ppIsCustom"=dword:00000000 "ppcustom"=dword:00000000 "isPostproc"=dword:00000000 "levelFixLum"=dword:00000000 "orderPostproc"=dword:00000002 "deblockStrength"=dword:00000100 "fullPostproc"=dword:00000000 "fullYrange"=dword:00000000 "postprocMethod"=dword:00000000 "postprocNicXthresh"=dword:00000014 "postprocNicYthresh"=dword:00000028 "postprocMethodNicFirst"=dword:00000000 "postprocSPPmode"=dword:00000000 "showPostproc"=dword:00000001 "halfPostproc"=dword:00000000 "postprocH264mode"=dword:00000003 "deblockMplayerAccurate"=dword:00000000 "lumGain"=dword:00000080 "lumOffset"=dword:00000000 "hue"=dword:00000000 "saturation"=dword:00000040 "isPictProp"=dword:00000000 "gammaCorrection"=dword:00000064 "orderPictProp"=dword:00000003 "fullPictProp"=dword:00000000 "gammaCorrectionR"=dword:00000064 "gammaCorrectionG"=dword:00000064 "gammaCorrectionB"=dword:00000064 "showPictProp"=dword:00000001 "halfPictProp"=dword:00000000 "colorizeStrength"=dword:00000000 "colorizeColor"=dword:00ffffff "colorizeChromaonly"=dword:00000001 "pictProcLevelFix"=dword:00000000 "pictProcLevelFixFull"=dword:00000000 "scanlineEffect"=dword:00000000 "isLevels"=dword:00000000 "orderLevels"=dword:00000004 "fullLevels"=dword:00000000 "levelsInMin"=dword:00000000 "levelsGamma"=dword:00000064 "levelsInMax"=dword:000000ff "levelsOutMin"=dword:00000000 "levelsOutMax"=dword:000000ff "levelsOnlyLuma"=dword:00000000 "levelsFullY"=dword:00000000 "showLevels"=dword:00000001 "halfLevels"=dword:00000000 "levelsMode"=dword:00000000 "levelsPosterize"=dword:000000ff "levelsInAuto"=dword:00000000 "levelsNumPoints"=dword:00000002 "levelsPoint0x"=dword:00000000 "levelsPoint0y"=dword:00000000 "levelsPoint1x"=dword:000000ff "levelsPoint1y"=dword:000000ff "levelsPoint2x"=dword:00000000 "levelsPoint2y"=dword:00000000 "levelsPoint3x"=dword:00000000 "levelsPoint3y"=dword:00000000 "levelsPoint4x"=dword:00000000 "levelsPoint4y"=dword:00000000 "levelsPoint5x"=dword:00000000 "levelsPoint5y"=dword:00000000 "levelsPoint6x"=dword:00000000 "levelsPoint6y"=dword:00000000 "levelsPoint7x"=dword:00000000 "levelsPoint7y"=dword:00000000 "levelsPoint8x"=dword:00000000 "levelsPoint8y"=dword:00000000 "levelsPoint9x"=dword:00000000 "levelsPoint9y"=dword:00000000 "isOffset"=dword:00000000 "orderOffset"=dword:00000005 "offsetY_X"=dword:00000000 "offsetY_Y"=dword:00000000 "offsetU_X"=dword:00000000 "offsetU_Y"=dword:00000000 "offsetV_X"=dword:00000000 "offsetV_Y"=dword:00000000 "fullOffset"=dword:00000000 "showOffset"=dword:00000001 "halfOffset"=dword:00000000 "isBlur"=dword:00000000 "blurStrength"=dword:0000001e "orderBlur"=dword:00000006 "tempSmooth"=dword:00000000 "fullBlur"=dword:00000000 "blurIsSmoothChroma"=dword:00000000 "smoothStrengthChroma"=dword:00000000 "tempSmoothColor"=dword:00000001 "gradualStrength"=dword:00000028 "mplayerTNR1"=dword:000002bc "mplayerTNR2"=dword:000005dc "mplayerTNR3"=dword:00000bb8 "blurIsSoften"=dword:00000000 "blurIsTempSmooth"=dword:00000000 "blurIsSmoothLuma"=dword:00000000 "blurIsGradual"=dword:00000001 "blurIsMplayerTNR"=dword:00000000 "smoothStrengthLuma"=dword:0000012c "blurIsMplayerBLur"=dword:00000000 "mplayerBlurRadius"=dword:00000003 "mplayerBlurLuma"=dword:00000064 "mplayerBlurChroma"=dword:00000096 "isDenoise3d"=dword:00000000 "denoise3Dluma"=dword:00000190 "denoise3Dchroma"=dword:0000012c "denoise3Dtime"=dword:00000258 "denoise3Dhq"=dword:00000000 "showBlur"=dword:00000001 "halfBlur"=dword:00000000 "xsharpen"=dword:00000000 "xsharp_strenght"=dword:00000014 "xsharp_threshold"=dword:00000096 "unsharp_strength"=dword:00000028 "unsharp_threshold"=dword:00000000 "sharpenMethod"=dword:00000000 "orderSharpen"=dword:00000007 "fullSharpen"=dword:00000000 "msharpStrength"=dword:00000064 "msharpThreshold"=dword:0000000f "msharpHQ"=dword:00000000 "msharpMask"=dword:00000000 "asharpT"=dword:000000c8 "asharpD"=dword:00000190 "asharpB"=dword:00000000 "asharpHQBF"=dword:00000000 "showSharpen"=dword:00000001 "halfSharpen"=dword:00000000 "mplayerSharpLuma"=dword:00000032 "mplayerSharpChroma"=dword:00000032 "warpsharpDepth"=dword:00000028 "warpsharpThreshold"=dword:00000080 "isWarpsharp"=dword:00000000 "orderWarpsharp"=dword:00000008 "fullWarpsharp"=dword:00000000 "warpsharpMethod"=dword:00000001 "awarpsharpDepth"=dword:00000640 "awarpsharpThresh"=dword:00000032 "awarpsharpBlur"=dword:00000002 "awarpsharpCM"=dword:00000001 "awarpsharpBM"=dword:00000002 "showWarpsharp"=dword:00000001 "halfWarpsharp"=dword:00000000 "isDScaler"=dword:00000000 "orderDScaler"=dword:00000009 "fullDScaler"=dword:00000000 "showDScaler"=dword:00000001 "halfDScaler"=dword:00000000 "dscalerFltflnm"="" "dscalerCfg"="" "isNoise"=dword:00000000 "uniformNoise"=dword:00000001 "noiseStrength"=dword:0000001e "noiseStrengthChroma"=dword:0000000a "noiseMethod"=dword:00000002 "orderNoise"=dword:0000000a "fullNoise"=dword:00000000 "noisePattern"=dword:00000001 "noiseAveraged"=dword:00000000 "showNoise"=dword:00000001 "halfNoise"=dword:00000000 "noiseFlickerA"=dword:00000000 "noiseFlickerF"=dword:00000032 "noiseShakeA"=dword:00000000 "noiseShakeF"=dword:00000008 "noiseLinesA"=dword:0000000a "noiseLinesF"=dword:00000000 "noiseLinesTransparency"=dword:0000007f "noiseScratchesA"=dword:00000032 "noiseScratchesF"=dword:00000000 "noiseScratchesTransparency"=dword:0000007f "noiseLinesC"=dword:0000007f "noiseScratchesC"=dword:0000007f "isResize"=dword:00000000 "resizeDx"=dword:00000280 "resizeDy"=dword:000001e0 "resizeAscpect"=dword:00000001 "resizeMethod"=dword:00000002 "aspectRatio"=dword:0001547a "resizeGblurLum"=dword:00000000 "resizeGblurChrom"=dword:00000000 "resizeSharpenLum"=dword:00000000 "resizeSharpenChrom"=dword:00000000 "orderResize"=dword:0000000b "fullResize"=dword:00000000 "resizeBicubicParam"=dword:00000000 "resizeGaussParam"=dword:00000000 "resizeLanczosParam"=dword:00000000 "resizeMode"=dword:00000000 "resizeA1"=dword:00000004 "resizeA2"=dword:00000003 "resizeIf"=dword:00000000 "resizeIfXcond"=dword:00000001 "resizeIfXval"=dword:00000280 "resizeIfYcond"=dword:00000001 "resizeIfYval"=dword:000001e0 "resizeIfXYcond"=dword:00000001 "resizeIfPixCond"=dword:00000001 "resizeIfPixVal"=dword:0004b000 "bordersX"=dword:00000000 "bordersY"=dword:00000000 "bordersLocked"=dword:00000001 "resizeInterlaced"=dword:00000000 "resizeSimpleWarpXparam"=dword:0000047e "resizeSimpleWarpYparam"=dword:000003b6 "showResize"=dword:00000001 "resizeMult1000"=dword:000007d0 "bordersInside"=dword:00000001 "bordersUnits"=dword:00000000 "bordersPixelsX"=dword:00000000 "bordersPixelsY"=dword:00000000 "resizeMethodChroma"=dword:00000002 "resizeBicubicChromaParam"=dword:00000000 "resizeGaussChromaParam"=dword:00000000 "resizeLanczosChromaParam"=dword:00000000 "resizeMethodsLocked"=dword:00000001 "resizeMulfOf"=dword:00000010 "perspectiveY2"=dword:00000000 "perspectiveX3"=dword:00000000 "perspectiveY3"=dword:00000064 "perspectiveX4"=dword:00000064 "perspectiveY4"=dword:00000064 "perspectiveInterpolation"=dword:00000000 "perspectiveIsSrc"=dword:00000000 "showPerspective"=dword:00000001 "halfPerspective"=dword:00000000 "isPerspective"=dword:00000000 "orderPerspective"=dword:0000000c "fullPerspective"=dword:00000001 "perspectiveX1"=dword:00000000 "perspectiveY1"=dword:00000000 "perspectiveX2"=dword:00000064 "isSubtitles"=dword:00000000 "subPosX"=dword:00000032 "subPosY"=dword:0000005a "subDelay"=dword:00000000 "subSpeed"=dword:000003e8 "subAutoFlnm"=dword:00000001 "orderSubtitles"=dword:0000000d "fullSubtitles"=dword:00000001 "subExpand"=dword:00000001 "subAlign"=dword:00000000 "showSubtitles"=dword:00000001 "subSpeed2"=dword:000003e8 "subStereoscopic"=dword:00000000 "subStereoscopicPar"=dword:00000000 "subVobsub"=dword:00000001 "subDefLang"=dword:00000000 "subVobsubAA"=dword:00000004 "subLinespacing"=dword:00000064 "subTimeOverlap"=dword:00000000 "subIsMinDuration"=dword:00000000 "subMinDurationType"=dword:00000001 "subMinDurationSubtitle"=dword:00000bb8 "subMinDurationLine"=dword:000005dc "subMinDurationChar"=dword:0000001e "subFix"=dword:00000000 "subFixLang"=dword:00000000 "subVobsubChangePosition"=dword:00000000 "subVobsubScale"=dword:00000100 "subVobsubAAswgauss"=dword:000002bc "subDefLang2"=dword:00000000 "subOpacity"=dword:00000100 "subSplitBorder"=dword:00000000 "subIsExpand"=dword:00000001 "subCC"=dword:00000001 "subFlnm"="" "subFixDict"="" "fontCharset"=dword:00000001 "fontSize"=dword:0000001a "fontWeight"=dword:00000190 "fontShadowStrength"=dword:0000005a "fontShadowRadius"=dword:00000032 "fontSpacing"=dword:00000000 "fontColor"=dword:00ffffff "fontAutosize"=dword:00000000 "fontSizeA"=dword:0000003c "fontAutosizeVideoWindow"=dword:00000000 "fontSplitting"=dword:00000001 "fontXscale"=dword:00000064 "fontFast"=dword:00000000 "fontName"="Arial" "isAvisynth"=dword:00000000 "orderAvisynth"=dword:0000000e "fullAvisynth"=dword:00000000 "avisynthInYV12"=dword:00000001 "avisynthInYUY2"=dword:00000001 "avisynthInRGB24"=dword:00000001 "avisynthInRGB32"=dword:00000001 "avisynthFfdshowSource"=dword:00000001 "showAvisynth"=dword:00000001 "avisynthScript"="" "isVis"=dword:00000000 "orderShowMV"=dword:0000000f "visMV"=dword:00000001 "visQuants"=dword:00000000 "visGraph"=dword:00000000 "showVis"=dword:00000001 "isDCT"=dword:00000000 "orderDCT"=dword:00000010 "fullDCT"=dword:00000000 "dct0"=dword:000003e8 "dct1"=dword:000003e8 "dct2"=dword:000003e8 "dct3"=dword:000003e8 "dct4"=dword:000003e8 "dct5"=dword:000003e8 "dct6"=dword:000001f4 "dct7"=dword:00000000 "showDCT"=dword:00000001 "halfDCT"=dword:00000000 "dctMode"=dword:00000000 "dctQuant"=dword:00000005 "dctMatrix0"=dword:13121110 "dctMatrix1"=dword:17161514 "dctMatrix2"=dword:14131211 "dctMatrix3"=dword:18171615 "dctMatrix4"=dword:15141312 "dctMatrix5"=dword:19181716 "dctMatrix6"=dword:16151413 "dctMatrix7"=dword:1b1a1817 "dctMatrix8"=dword:17161514 "dctMatrix9"=dword:1c1b1a19 "dctMatrix10"=dword:18171615 "dctMatrix11"=dword:1e1c1b1a "dctMatrix12"=dword:1a181716 "dctMatrix13"=dword:1f1e1c1b "dctMatrix14"=dword:1b191817 "dctMatrix15"=dword:211f1e1c "isBitmap"=dword:00000000 "showBitmap"=dword:00000001 "orderBitmap"=dword:00000011 "fullBitmap"=dword:00000000 "bitmapPosX"=dword:00000032 "bitmapPosY"=dword:00000032 "bitmapPosMode"=dword:00000000 "bitmapAlign"=dword:00000002 "bitmapMode"=dword:00000000 "bitmapStrength"=dword:00000080 "bitmapFlnm"="" "isGrab"=dword:00000000 "orderGrab"=dword:00000012 "fullGrab"=dword:00000000 "grabDigits"=dword:00000005 "grabFormat"=dword:00000000 "grabMode"=dword:00000001 "grabFrameNum"=dword:00000000 "grabFrameNum1"=dword:00000064 "grabFrameNum2"=dword:0000006e "grabQual"=dword:00000050 "showGrab"=dword:00000001 "grabStep"=dword:00000001 "grabPath"="c:\\" "grabPrefix"="grab" "isOverlayControl"=dword:00000000 "overlayBrightness"=dword:ffffffff "overlayContrast"=dword:ffffffff "overlayHue"=dword:ffffff42 "overlaySaturation"=dword:ffffffff "overlaySharpness"=dword:ffffffff "overlayGamma"=dword:ffffffff "overlayColorEnable"=dword:ffffffff "flip"=dword:00000000 "outYV12"=dword:00000001 "outYUY2"=dword:00000001 "outYVYU"=dword:00000001 "outUYVY"=dword:00000001 "outRGB32"=dword:00000001 "outRGB24"=dword:00000001 "outRGB555"=dword:00000001 "outRGB565"=dword:00000001 "outI420"=dword:00000000 "hwOverlay"=dword:00000000 "hwOverlayAspect"=dword:00000000 "allowOutChange"=dword:00000002 "hwDeinterlace"=dword:00000000 "outChangeCompatOnly"=dword:00000001 "avisynthYV12_RGB"=dword:00000000 "outClosest"=dword:00000001 "outDV"=dword:00000000 "outDVnorm"=dword:00000002 "outNV12"=dword:00000000 "autoloadExtsNeedFix"=dword:00000000 "autoloadFlnm"=dword:00000001 "autoloadExt"=dword:00000000 "autoloadExts"="" "autoloadExe"=dword:00000000 "autoloadExes"="" "autoloadVolumeName"=dword:00000000 "autoloadVolumeNames"="" "autoloadVolumeSerial"=dword:00000000 "autoloadVolumeSerials"="" "autoloadDecoder"=dword:00000000 "autoloadDecoders"="" "autoloadDSfilter"=dword:00000000 "autoloadDSfilters"="" "autoloadFOURCC"=dword:00000000 "autoloadFOURCCs"="" "autoloadSAR"=dword:00000000 "autoloadSARs"="" "autoloadDAR"=dword:00000000 "autoloadDARs"="" _le contenu de ffdsvsetts.reg Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\GNU\ffdshow] "lang"="fr" "xvid"=dword:00000001 "div3"=dword:00000001 "divx"=dword:00000001 "dx50"=dword:00000001 "mp43"=dword:00000001 "mp42"=dword:00000001 "mp41"=dword:00000001 "_3iv"=dword:00000001 "h263"=dword:00000001 "h264"=dword:00000001 "mpegavi"=dword:00000001 "theo"=dword:00000001 "png1"=dword:00000001 [HKEY_CURRENT_USER\Software\GNU\ffdshow\default] "needOutcspsFix"=dword:00000000 "needGlobalFix"=dword:00000000 "workaroundBugs2"=dword:00000001 "errorConcealment"=dword:00000003 "errorResilience"=dword:00000001 "threadsnum"=dword:00000001 "videoDelay"=dword:00000000 "isVideoDelayEnd"=dword:00000000 "videoDelayEnd"=dword:00000000 "autoloadSize"=dword:00000000 "autoloadSizeXmin"=dword:00000010 "autoloadSizeXmax"=dword:00000800 "autoloadSizeCond"=dword:00000001 "autoloadSizeYmin"=dword:00000010 "autoloadSizeYmax"=dword:00000800 "isDyInterlaced"=dword:00000000 "dyInterlaced"=dword:00000120 "idct"=dword:00000000 "grayscale"=dword:00000000 "isCropNzoom"=dword:00000000 "isZoom"=dword:00000000 "magnificationX"=dword:00000000 "cropLeft"=dword:00000000 "cropRight"=dword:00000000 "cropTop"=dword:00000000 "cropBottom"=dword:00000000 "magnificationY"=dword:00000000 "magnificationLocked"=dword:00000001 "panscanZoom"=dword:00000000 "panscanX"=dword:00000000 "panscanY"=dword:00000000 "showCropNzoom"=dword:00000001 "orderCropNzoom"=dword:ffffffff "fullCropNzoom"=dword:00000000 "isDeinterlace"=dword:00000000 "fullDeinterlace"=dword:00000000 "deinterlaceMethod"=dword:00000002 "tomocompSE"=dword:00000003 "swapFields"=dword:00000000 "tomocompVF"=dword:00000000 "frameRateDoublerThreshold"=dword:000000ff "frameRateDoublerSE"=dword:00000003 "showDeinterlace"=dword:00000001 "kernelDeintThreshold"=dword:0000000a "kernelDeintSharp"=dword:00000000 "kernelDeintTwoway"=dword:00000000 "kernelDeintMap"=dword:00000000 "orderDeinterlace"=dword:00000000 "dgbobMode"=dword:00000001 "dgbobThreshold"=dword:0000000c "dgbobAP"=dword:00000000 "kernelDeintLinked"=dword:00000000 "dscalerDIflnm"="" "dscalerDIcfg"="" "isLogoaway"=dword:00000000 "showLogoaway"=dword:00000001 "orderLogoaway"=dword:00000001 "fullLogoaway"=dword:00000000 "logoawayX"=dword:00000064 "logoawayY"=dword:0000000a "logoawayDx"=dword:00000010 "logoawayDy"=dword:00000010 "logoawayMode"=dword:00000002 "logoawayBlur"=dword:00000001 "logoawayPointnw"=dword:00000005 "logoawayPointne"=dword:00000006 "logoawayPointsw"=dword:00000007 "logoawayPointse"=dword:00000008 "logoawayBordn_mode"=dword:00000001 "logoawayBorde_mode"=dword:00000001 "logoawayBords_mode"=dword:00000001 "logoawayBordw_mode"=dword:00000001 "logoawayVhweight"=dword:00000005 "logoawaySolidcolor"=dword:00ffffff "logoawayLumaOnly"=dword:00000000 "logoawayParambitmap"="" "ppqual"=dword:00000006 "autoq"=dword:00000000 "ppIsCustom"=dword:00000000 "ppcustom"=dword:00000000 "isPostproc"=dword:00000000 "levelFixLum"=dword:00000000 "orderPostproc"=dword:00000002 "deblockStrength"=dword:00000100 "fullPostproc"=dword:00000000 "fullYrange"=dword:00000000 "postprocMethod"=dword:00000000 "postprocNicXthresh"=dword:00000014 "postprocNicYthresh"=dword:00000028 "postprocMethodNicFirst"=dword:00000000 "postprocSPPmode"=dword:00000000 "showPostproc"=dword:00000001 "halfPostproc"=dword:00000000 "postprocH264mode"=dword:00000003 "deblockMplayerAccurate"=dword:00000000 "lumGain"=dword:00000080 "lumOffset"=dword:00000000 "hue"=dword:00000000 "saturation"=dword:00000040 "isPictProp"=dword:00000000 "gammaCorrection"=dword:00000064 "orderPictProp"=dword:00000003 "fullPictProp"=dword:00000000 "gammaCorrectionR"=dword:00000064 "gammaCorrectionG"=dword:00000064 "gammaCorrectionB"=dword:00000064 "showPictProp"=dword:00000001 "halfPictProp"=dword:00000000 "colorizeStrength"=dword:00000000 "colorizeColor"=dword:00ffffff "colorizeChromaonly"=dword:00000001 "pictProcLevelFix"=dword:00000000 "pictProcLevelFixFull"=dword:00000000 "scanlineEffect"=dword:00000000 "isLevels"=dword:00000000 "orderLevels"=dword:00000004 "fullLevels"=dword:00000000 "levelsInMin"=dword:00000000 "levelsGamma"=dword:00000064 "levelsInMax"=dword:000000ff "levelsOutMin"=dword:00000000 "levelsOutMax"=dword:000000ff "levelsOnlyLuma"=dword:00000000 "levelsFullY"=dword:00000000 "showLevels"=dword:00000001 "halfLevels"=dword:00000000 "levelsMode"=dword:00000000 "levelsPosterize"=dword:000000ff "levelsInAuto"=dword:00000000 "levelsNumPoints"=dword:00000002 "levelsPoint0x"=dword:00000000 "levelsPoint0y"=dword:00000000 "levelsPoint1x"=dword:000000ff "levelsPoint1y"=dword:000000ff "levelsPoint2x"=dword:00000000 "levelsPoint2y"=dword:00000000 "levelsPoint3x"=dword:00000000 "levelsPoint3y"=dword:00000000 "levelsPoint4x"=dword:00000000 "levelsPoint4y"=dword:00000000 "levelsPoint5x"=dword:00000000 "levelsPoint5y"=dword:00000000 "levelsPoint6x"=dword:00000000 "levelsPoint6y"=dword:00000000 "levelsPoint7x"=dword:00000000 "levelsPoint7y"=dword:00000000 "levelsPoint8x"=dword:00000000 "levelsPoint8y"=dword:00000000 "levelsPoint9x"=dword:00000000 "levelsPoint9y"=dword:00000000 "isOffset"=dword:00000000 "orderOffset"=dword:00000005 "offsetY_X"=dword:00000000 "offsetY_Y"=dword:00000000 "offsetU_X"=dword:00000000 "offsetU_Y"=dword:00000000 "offsetV_X"=dword:00000000 "offsetV_Y"=dword:00000000 "fullOffset"=dword:00000000 "showOffset"=dword:00000001 "halfOffset"=dword:00000000 "isBlur"=dword:00000000 "blurStrength"=dword:0000001e "orderBlur"=dword:00000006 "tempSmooth"=dword:00000000 "fullBlur"=dword:00000000 "blurIsSmoothChroma"=dword:00000000 "smoothStrengthChroma"=dword:00000000 "tempSmoothColor"=dword:00000001 "gradualStrength"=dword:00000028 "mplayerTNR1"=dword:000002bc "mplayerTNR2"=dword:000005dc "mplayerTNR3"=dword:00000bb8 "blurIsSoften"=dword:00000000 "blurIsTempSmooth"=dword:00000000 "blurIsSmoothLuma"=dword:00000000 "blurIsGradual"=dword:00000001 "blurIsMplayerTNR"=dword:00000000 "smoothStrengthLuma"=dword:0000012c "blurIsMplayerBLur"=dword:00000000 "mplayerBlurRadius"=dword:00000003 "mplayerBlurLuma"=dword:00000064 "mplayerBlurChroma"=dword:00000096 "isDenoise3d"=dword:00000000 "denoise3Dluma"=dword:00000190 "denoise3Dchroma"=dword:0000012c "denoise3Dtime"=dword:00000258 "denoise3Dhq"=dword:00000000 "showBlur"=dword:00000001 "halfBlur"=dword:00000000 "xsharpen"=dword:00000000 "xsharp_strenght"=dword:00000014 "xsharp_threshold"=dword:00000096 "unsharp_strength"=dword:00000028 "unsharp_threshold"=dword:00000000 "sharpenMethod"=dword:00000000 "orderSharpen"=dword:00000007 "fullSharpen"=dword:00000000 "msharpStrength"=dword:00000064 "msharpThreshold"=dword:0000000f "msharpHQ"=dword:00000000 "msharpMask"=dword:00000000 "asharpT"=dword:000000c8 "asharpD"=dword:00000190 "asharpB"=dword:00000000 "asharpHQBF"=dword:00000000 "showSharpen"=dword:00000001 "halfSharpen"=dword:00000000 "mplayerSharpLuma"=dword:00000032 "mplayerSharpChroma"=dword:00000032 "warpsharpDepth"=dword:00000028 "warpsharpThreshold"=dword:00000080 "isWarpsharp"=dword:00000000 "orderWarpsharp"=dword:00000008 "fullWarpsharp"=dword:00000000 "warpsharpMethod"=dword:00000001 "awarpsharpDepth"=dword:00000640 "awarpsharpThresh"=dword:00000032 "awarpsharpBlur"=dword:00000002 "awarpsharpCM"=dword:00000001 "awarpsharpBM"=dword:00000002 "showWarpsharp"=dword:00000001 "halfWarpsharp"=dword:00000000 "isDScaler"=dword:00000000 "orderDScaler"=dword:00000009 "fullDScaler"=dword:00000000 "showDScaler"=dword:00000001 "halfDScaler"=dword:00000000 "dscalerFltflnm"="" "dscalerCfg"="" "isNoise"=dword:00000000 "uniformNoise"=dword:00000001 "noiseStrength"=dword:0000001e "noiseStrengthChroma"=dword:0000000a "noiseMethod"=dword:00000002 "orderNoise"=dword:0000000a "fullNoise"=dword:00000000 "noisePattern"=dword:00000001 "noiseAveraged"=dword:00000000 "showNoise"=dword:00000001 "halfNoise"=dword:00000000 "noiseFlickerA"=dword:00000000 "noiseFlickerF"=dword:00000032 "noiseShakeA"=dword:00000000 "noiseShakeF"=dword:00000008 "noiseLinesA"=dword:0000000a "noiseLinesF"=dword:00000000 "noiseLinesTransparency"=dword:0000007f "noiseScratchesA"=dword:00000032 "noiseScratchesF"=dword:00000000 "noiseScratchesTransparency"=dword:0000007f "noiseLinesC"=dword:0000007f "noiseScratchesC"=dword:0000007f "isResize"=dword:00000000 "resizeDx"=dword:00000280 "resizeDy"=dword:000001e0 "resizeAscpect"=dword:00000001 "resizeMethod"=dword:00000002 "aspectRatio"=dword:0001547a "resizeGblurLum"=dword:00000000 "resizeGblurChrom"=dword:00000000 "resizeSharpenLum"=dword:00000000 "resizeSharpenChrom"=dword:00000000 "orderResize"=dword:0000000b "fullResize"=dword:00000000 "resizeBicubicParam"=dword:00000000 "resizeGaussParam"=dword:00000000 "resizeLanczosParam"=dword:00000000 "resizeMode"=dword:00000000 "resizeA1"=dword:00000004 "resizeA2"=dword:00000003 "resizeIf"=dword:00000000 "resizeIfXcond"=dword:00000001 "resizeIfXval"=dword:00000280 "resizeIfYcond"=dword:00000001 "resizeIfYval"=dword:000001e0 "resizeIfXYcond"=dword:00000001 "resizeIfPixCond"=dword:00000001 "resizeIfPixVal"=dword:0004b000 "bordersX"=dword:00000000 "bordersY"=dword:00000000 "bordersLocked"=dword:00000001 "resizeInterlaced"=dword:00000000 "resizeSimpleWarpXparam"=dword:0000047e "resizeSimpleWarpYparam"=dword:000003b6 "showResize"=dword:00000001 "resizeMult1000"=dword:000007d0 "bordersInside"=dword:00000001 "bordersUnits"=dword:00000000 "bordersPixelsX"=dword:00000000 "bordersPixelsY"=dword:00000000 "resizeMethodChroma"=dword:00000002 "resizeBicubicChromaParam"=dword:00000000 "resizeGaussChromaParam"=dword:00000000 "resizeLanczosChromaParam"=dword:00000000 "resizeMethodsLocked"=dword:00000001 "resizeMulfOf"=dword:00000010 "perspectiveY2"=dword:00000000 "perspectiveX3"=dword:00000000 "perspectiveY3"=dword:00000064 "perspectiveX4"=dword:00000064 "perspectiveY4"=dword:00000064 "perspectiveInterpolation"=dword:00000000 "perspectiveIsSrc"=dword:00000000 "showPerspective"=dword:00000001 "halfPerspective"=dword:00000000 "isPerspective"=dword:00000000 "orderPerspective"=dword:0000000c "fullPerspective"=dword:00000001 "perspectiveX1"=dword:00000000 "perspectiveY1"=dword:00000000 "perspectiveX2"=dword:00000064 "isSubtitles"=dword:00000000 "subPosX"=dword:00000032 "subPosY"=dword:0000005a "subDelay"=dword:00000000 "subSpeed"=dword:000003e8 "subAutoFlnm"=dword:00000001 "orderSubtitles"=dword:0000000d "fullSubtitles"=dword:00000001 "subExpand"=dword:00000001 "subAlign"=dword:00000000 "showSubtitles"=dword:00000001 "subSpeed2"=dword:000003e8 "subStereoscopic"=dword:00000000 "subStereoscopicPar"=dword:00000000 "subVobsub"=dword:00000001 "subDefLang"=dword:00000000 "subVobsubAA"=dword:00000004 "subLinespacing"=dword:00000064 "subTimeOverlap"=dword:00000000 "subIsMinDuration"=dword:00000000 "subMinDurationType"=dword:00000001 "subMinDurationSubtitle"=dword:00000bb8 "subMinDurationLine"=dword:000005dc "subMinDurationChar"=dword:0000001e "subFix"=dword:00000000 "subFixLang"=dword:00000000 "subVobsubChangePosition"=dword:00000000 "subVobsubScale"=dword:00000100 "subVobsubAAswgauss"=dword:000002bc "subDefLang2"=dword:00000000 "subOpacity"=dword:00000100 "subSplitBorder"=dword:00000000 "subIsExpand"=dword:00000001 "subCC"=dword:00000001 "subFlnm"="" "subFixDict"="" "fontCharset"=dword:00000001 "fontSize"=dword:0000001a "fontWeight"=dword:00000190 "fontShadowStrength"=dword:0000005a "fontShadowRadius"=dword:00000032 "fontSpacing"=dword:00000000 "fontColor"=dword:00ffffff "fontAutosize"=dword:00000000 "fontSizeA"=dword:0000003c "fontAutosizeVideoWindow"=dword:00000000 "fontSplitting"=dword:00000001 "fontXscale"=dword:00000064 "fontFast"=dword:00000000 "fontName"="Arial" "isAvisynth"=dword:00000000 "orderAvisynth"=dword:0000000e "fullAvisynth"=dword:00000000 "avisynthInYV12"=dword:00000001 "avisynthInYUY2"=dword:00000001 "avisynthInRGB24"=dword:00000001 "avisynthInRGB32"=dword:00000001 "avisynthFfdshowSource"=dword:00000001 "showAvisynth"=dword:00000001 "avisynthScript"="" "isVis"=dword:00000000 "orderShowMV"=dword:0000000f "visMV"=dword:00000001 "visQuants"=dword:00000000 "visGraph"=dword:00000000 "showVis"=dword:00000001 "isDCT"=dword:00000000 "orderDCT"=dword:00000010 "fullDCT"=dword:00000000 "dct0"=dword:000003e8 "dct1"=dword:000003e8 "dct2"=dword:000003e8 "dct3"=dword:000003e8 "dct4"=dword:000003e8 "dct5"=dword:000003e8 "dct6"=dword:000001f4 "dct7"=dword:00000000 "showDCT"=dword:00000001 "halfDCT"=dword:00000000 "dctMode"=dword:00000000 "dctQuant"=dword:00000005 "dctMatrix0"=dword:13121110 "dctMatrix1"=dword:17161514 "dctMatrix2"=dword:14131211 "dctMatrix3"=dword:18171615 "dctMatrix4"=dword:15141312 "dctMatrix5"=dword:19181716 "dctMatrix6"=dword:16151413 "dctMatrix7"=dword:1b1a1817 "dctMatrix8"=dword:17161514 "dctMatrix9"=dword:1c1b1a19 "dctMatrix10"=dword:18171615 "dctMatrix11"=dword:1e1c1b1a "dctMatrix12"=dword:1a181716 "dctMatrix13"=dword:1f1e1c1b "dctMatrix14"=dword:1b191817 "dctMatrix15"=dword:211f1e1c "isBitmap"=dword:00000000 "showBitmap"=dword:00000001 "orderBitmap"=dword:00000011 "fullBitmap"=dword:00000000 "bitmapPosX"=dword:00000032 "bitmapPosY"=dword:00000032 "bitmapPosMode"=dword:00000000 "bitmapAlign"=dword:00000002 "bitmapMode"=dword:00000000 "bitmapStrength"=dword:00000080 "bitmapFlnm"="" "isGrab"=dword:00000000 "orderGrab"=dword:00000012 "fullGrab"=dword:00000000 "grabDigits"=dword:00000005 "grabFormat"=dword:00000000 "grabMode"=dword:00000001 "grabFrameNum"=dword:00000000 "grabFrameNum1"=dword:00000064 "grabFrameNum2"=dword:0000006e "grabQual"=dword:00000050 "showGrab"=dword:00000001 "grabStep"=dword:00000001 "grabPath"="c:\\" "grabPrefix"="grab" "isOverlayControl"=dword:00000000 "overlayBrightness"=dword:ffffffff "overlayContrast"=dword:ffffffff "overlayHue"=dword:ffffff42 "overlaySaturation"=dword:ffffffff "overlaySharpness"=dword:ffffffff "overlayGamma"=dword:ffffffff "overlayColorEnable"=dword:ffffffff "flip"=dword:00000000 "outYV12"=dword:00000001 "outYUY2"=dword:00000001 "outYVYU"=dword:00000001 "outUYVY"=dword:00000001 "outRGB32"=dword:00000001 "outRGB24"=dword:00000001 "outRGB555"=dword:00000001 "outRGB565"=dword:00000001 "outI420"=dword:00000000 "hwOverlay"=dword:00000000 "hwOverlayAspect"=dword:00000000 "allowOutChange"=dword:00000002 "hwDeinterlace"=dword:00000000 "outChangeCompatOnly"=dword:00000001 "avisynthYV12_RGB"=dword:00000000 "outClosest"=dword:00000001 "outDV"=dword:00000000 "outDVnorm"=dword:00000002 "outNV12"=dword:00000000 "autoloadExtsNeedFix"=dword:00000000 "autoloadFlnm"=dword:00000001 "autoloadExt"=dword:00000000 "autoloadExts"="" "autoloadExe"=dword:00000000 "autoloadExes"="" "autoloadVolumeName"=dword:00000000 "autoloadVolumeNames"="" "autoloadVolumeSerial"=dword:00000000 "autoloadVolumeSerials"="" "autoloadDecoder"=dword:00000000 "autoloadDecoders"="" "autoloadDSfilter"=dword:00000000 "autoloadDSfilters"="" "autoloadFOURCC"=dword:00000000 "autoloadFOURCCs"="" "autoloadSAR"=dword:00000000 "autoloadSARs"="" "autoloadDAR"=dword:00000000 "autoloadDARs"="" _le rapport de panda: Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt[.xiti.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt[.adtech.de/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt[.weborama.fr/] Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt[.advertising.com/] Adware:Adware/SystemDoctor No Désinfecté C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\a6f5c64b.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\SmitfraudFix_2.zip[smitfraudFix/Process.exe] Dialer:Dialer.HIH No Désinfecté C:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\srvezm.exe Outil indésirable:Application/KillApp.B No Désinfecté C:\hp\bin\KillIt.exe Outil indésirable:Application/Processor No Désinfecté C:\Program Files\SmitfraudFix\Process.exe Adware:Adware/SystemDoctor No Désinfecté C:\WINDOWS\system32\a6f5c64b.exe Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe Adware:adware/cws.searchmeup No Désinfecté C:\WINDOWS\uniq voili voilou ! Au fait je signale que le dialer est definitivement eliminer (je pense...) ainsi que la trustin bar, mais ce n'est pas tout meme le probleme avec shockwave player a disparu!!!

bon voila ca a été un peu long mais je crois que j'ai plutot bien suivi la procedure donc voila les les rapports demandés : _rapport de Fixwareout : Fixwareout ver 1.003 Last edited 07/1/2006 Post this report in the forums please Reg Entries that were deleted HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\uuzmd HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\1trap HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\2trap ... Microsoft ® Windows Script Host Version 5.6 Random Runs removed from HKLM "dmzuu.exe"=- ... PLEASE NOTE, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. Example ipsec6.exe is legitimate »»»»» Search by size and names... * csr.exe C:\WINDOWS\System32\CSOBR.EXE »»»»» Misc files »»»»» Checking for older varients covered by the Rem3 tool »»»»» Search five digit cs, dm and jb files This WILL/CAN also list Legit Files, Submit them at Virustotal C:\WINDOWS\SYSTEM32\CSOBR.EXE 51 260 2006-07-31 C:\WINDOWS\SYSTEM32\DMZUU.EXE 61 979 2004-08-05 Other suspects Directory of C:\WINDOWS\system32 _rapport ewido: --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 11:41:59 11/08/2006 + Scan result: C:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\fdgdf -> Adware.Azesearch : Cleaned with backup (quarantined). HKU\S-1-5-21-1659578626-2248809771-3747080034-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D4C7057-EAD2-44C6-AD18-9092905F28F1} -> Adware.Generic : Cleaned with backup (quarantined). HKU\S-1-5-21-1659578626-2248809771-3747080034-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07A78AEA-4A54-4967-9A60-4B68592D30C7} -> Adware.TrustCleaner : Cleaned with backup (quarantined). HKU\S-1-5-21-1659578626-2248809771-3747080034-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{590FFB84-6A29-4797-9C0E-B15DF2C4CDCB} -> Adware.TrustCleaner : Cleaned with backup (quarantined). HKU\S-1-5-21-1659578626-2248809771-3747080034-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19EF336-01D4-48E6-926A-FE7E1C747AED} -> Adware.TrustCleaner : Cleaned with backup (quarantined). HKU\S-1-5-21-1659578626-2248809771-3747080034-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA7FF3F8-08BE-4CAC-BC00-94D91C6AE7F4} -> Adware.TrustCleaner : Cleaned with backup (quarantined). HKU\S-1-5-21-1659578626-2248809771-3747080034-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE6C16C4-16AD-47B6-B250-26AD1829E49A} -> Adware.TrustCleaner : Cleaned with backup (quarantined). C:\WINDOWS\system32\csobr.exe -> Downloader.Agent.uj : Cleaned with backup (quarantined). C:\WINDOWS\winres.dll -> Downloader.IstBar.ff : Cleaned with backup (quarantined). C:\!KillBox\ATHPRXYv.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\ATHPRXYva.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\admparseb.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\asferrora.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\ati2dvagv.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\atioglx1v.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\atl71a.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\avicap32a.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\avifileb.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\!KillBox\capesnpna.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\trustincontext.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\WINDOWS\system32\atioglxxb.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\WINDOWS\system32\atl71s.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\WINDOWS\system32\atls.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\WINDOWS\system32\avifil32b.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\WINDOWS\system32\batmeterv.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\WINDOWS\system32\bfc42v.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\WINDOWS\system32\browselca.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\The joiner.rar/prjbinder.exe -> Dropper.VB.br : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\The joiner.rar/stub -> Dropper.VB.br : Cleaned with backup (quarantined). :mozilla.257:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.258:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.159:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.160:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.161:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.162:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.163:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.164:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.165:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.166:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.285:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.149:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.150:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.8:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.9:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.86:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.87:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.88:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.89:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.11:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.264:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined). :mozilla.172:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined). :mozilla.171:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). :mozilla.229:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). :mozilla.185:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.186:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.187:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.210:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.211:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.212:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.188:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). :mozilla.147:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). :mozilla.290:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). :mozilla.247:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined). :mozilla.135:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined). :mozilla.106:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.107:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.108:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.94:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\hxa5zolt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined). C:\!KillBox\wineak32.dll -> Trojan.Small : Cleaned with backup (quarantined). C:\WINDOWS\system32\dmzuu.exe -> Trojan.Small.fb : Cleaned with backup (quarantined). ::Report end _rapport hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 12:38:59, on 11/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IDMIECC.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iDMan] C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\KeyGen.exe /onboot O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All Links with IDM - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IEExt.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe _rapport chercher : C:\WINDOWS\System32\x10prod.sys -->09/08/2006 16:39:02 C:\WINDOWS\System32\FNTCACHE.DAT -->09/08/2006 11:25:05 C:\WINDOWS\System32\wpa.dbl -->08/08/2006 16:02:43 C:\WINDOWS\System32\PerfStringBackup.INI -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfh00C.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfh009.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfc00C.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfc009.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\amcompat.tlb -->03/08/2006 15:46:05 C:\WINDOWS\System32\nscompat.tlb -->03/08/2006 15:46:04 C:\WINDOWS\System32\MRT.exe -->03/08/2006 01:22:50 C:\WINDOWS\System32\mshtml.dll -->28/07/2006 11:28:08 C:\WINDOWS\System32\SpoonUninstall.exe -->27/07/2006 22:50:00 C:\WINDOWS\System32\inetcomm.dll -->27/07/2006 13:26:19 C:\WINDOWS\System32\urlmon.dll -->25/07/2006 20:41:01 C:\WINDOWS\System32\CmdLineExt.dll -->24/07/2006 15:47:05 C:\WINDOWS\System32\hlink.dll -->21/07/2006 08:27:28 C:\WINDOWS\System32\a6f5c64b.exe -->18/07/2006 01:09:41 C:\WINDOWS\System32\netapi32.dll -->14/07/2006 15:41:05 C:\WINDOWS\System32\hhctrl.ocx -->14/07/2006 15:27:53 C:\WINDOWS\System32\shell32.dll -->13/07/2006 13:36:01 C:\WINDOWS\System32\kernel32.dll -->05/07/2006 10:56:38 C:\WINDOWS\System32\rasadhlp.dll -->26/06/2006 17:41:32 C:\WINDOWS\System32\dnsapi.dll -->26/06/2006 17:41:32 C:\WINDOWS\System32\wininet.dll -->23/06/2006 11:11:45 C:\WINDOWS\WindowsUpdate.log -->11/08/2006 12:33:19 C:\WINDOWS\0.log -->11/08/2006 12:27:40 C:\WINDOWS\wiadebug.log -->11/08/2006 12:26:52 C:\WINDOWS\wiaservc.log -->11/08/2006 12:26:42 C:\WINDOWS\bootstat.dat -->11/08/2006 12:26:28 C:\WINDOWS\win.ini -->11/08/2006 11:43:41 C:\WINDOWS\system.ini -->11/08/2006 11:43:41 C:\WINDOWS\SchedLgU.Txt -->11/08/2006 01:29:20 C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->10/08/2006 16:05:24 C:\WINDOWS\setupact.log -->10/08/2006 15:19:07 C:\WINDOWS\KeyGen.INI -->10/08/2006 14:43:47 C:\WINDOWS\tsoc.log -->10/08/2006 02:01:40 C:\WINDOWS\setupapi.log -->10/08/2006 02:01:40 C:\WINDOWS\ocmsn.log -->10/08/2006 02:01:40 C:\WINDOWS\ocgen.log -->10/08/2006 02:01:40 Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\WINDOWS\system 07/05/1998 16:04 52 736 hpsysdrv.exe 1 fichier(s) 52 736 octets 0 Rép(s) 40 837 910 528 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\WINDOWS\system32 05/08/2004 18:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 40 837 910 528 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\Program Files 10/08/2006 21:45 <REP> . 10/08/2006 21:45 <REP> .. 09/08/2006 17:49 <REP> a-squared Free 20/01/2006 10:40 <REP> Adobe 08/07/2006 15:14 <REP> Alcohol Soft 03/01/2005 04:17 <REP> ATI Technologies 24/07/2006 18:38 <REP> CAPCOM 09/08/2006 14:48 <REP> Disco-WebTV 15/01/2006 23:46 <REP> Easy Internet signup 11/08/2006 12:30 <REP> eMule 11/08/2006 01:37 <REP> ewido anti-spyware 4.0 14/04/2006 11:50 778 ffdsasetts.reg 14/04/2006 11:50 30 654 ffdssetts.reg 14/04/2006 11:50 30 040 ffdsvsetts.reg 26/07/2006 13:01 <REP> Fichiers communs 03/01/2005 04:33 <REP> Hewlett-Packard 11/08/2006 12:38 <REP> HijackThis 21/12/2005 21:52 <REP> HP 04/01/2006 23:09 <REP> Internet Download Manager 10/08/2006 02:01 <REP> Internet Explorer 13/07/2006 23:34 <REP> Interplay 03/01/2005 04:34 <REP> InterVideo 12/02/2006 00:16 <REP> Jasc Software Inc 03/01/2005 04:10 <REP> Java 06/08/2006 23:06 <REP> Mega Bloc Notes 03/01/2005 04:14 <REP> Messenger 07/01/2006 14:17 <REP> microsoft frontpage 06/01/2006 11:29 <REP> Microsoft Office 06/01/2006 11:29 <REP> Microsoft Visual Studio 11/03/2006 12:18 <REP> mIRC 25/11/2004 03:27 <REP> Movie Maker 11/08/2006 12:30 <REP> Mozilla Firefox 14/04/2006 11:50 824 mpc5.reg 22/05/2006 13:50 <REP> MSN 25/11/2004 03:27 <REP> MSN Gaming Zone 04/07/2006 14:58 <REP> MSN Messenger 01/02/2005 07:54 <REP> NetMeeting 03/01/2005 04:51 <REP> Norton Internet Security 10/08/2006 01:40 <REP> Nouveau dossier 25/11/2004 03:27 <REP> Online Services 19/04/2006 03:00 <REP> Outlook Express 03/01/2005 04:47 <REP> PC-Doctor 5 for Windows 20/12/2005 20:58 <REP> SAGEM 14/04/2006 10:56 4 482 satsukidecodersettings.ini 17/12/2005 00:02 <REP> SEGA 03/01/2005 04:45 <REP> Services en ligne 10/08/2006 18:31 <REP> Shareaza 10/08/2006 15:20 <REP> SmitfraudFix 03/01/2005 04:33 <REP> Sonic 13/07/2006 16:14 <REP> Spybot - Search & Destroy 09/08/2006 17:47 <REP> SpywareBlaster 03/01/2005 04:50 <REP> Symantec 27/07/2006 15:35 <REP> ToniArts 13/06/2006 23:16 <REP> TrackMania Nations ESWC 01/04/2006 15:12 <REP> Twin USB Vibration Gamepad 01/04/2006 15:12 <REP> USB Vibration Joystick 23/01/2006 19:22 <REP> VGA USB Camera 03/07/2006 14:38 <REP> Vso 03/08/2006 15:37 <REP> Windows Media Player 01/02/2005 07:54 <REP> Windows NT 04/01/2006 23:09 <REP> WinRAR 25/11/2004 03:28 <REP> xerox 03/08/2006 15:24 <REP> XP Codec Pack 5 fichier(s) 66 778 octets 58 Rép(s) 40 837 906 432 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\Program Files\fichiers communs 26/07/2006 13:01 <REP> . 26/07/2006 13:01 <REP> .. 26/07/2006 13:03 <REP> Adobe 03/08/2006 15:40 <REP> Ahead 02/01/2006 10:26 <REP> AOL 06/01/2006 11:29 <REP> Designer 03/01/2005 04:28 <REP> Hewlett-Packard 03/01/2005 04:26 <REP> HP 03/01/2005 04:37 <REP> InstallShield 04/01/2006 21:33 <REP> Jasc Software Inc 03/01/2005 04:10 <REP> Java 21/06/2006 12:43 <REP> Microsoft Shared 25/11/2004 03:26 <REP> MSSoap 03/01/2005 04:38 <REP> muvee Technologies 25/11/2004 03:26 <REP> ODBC 26/07/2006 13:02 <REP> Real 01/02/2005 07:54 <REP> Services 03/01/2005 04:32 <REP> Sonic Shared 25/11/2004 03:26 <REP> SpeechEngines 03/01/2005 04:32 <REP> SureThing Shared 11/08/2006 01:04 <REP> Symantec Shared 19/04/2006 03:00 <REP> System 03/01/2005 04:33 <REP> TiVo Shared 19/01/2006 19:13 <REP> Vbox 0 fichier(s) 0 octets 24 Rép(s) 40 837 906 432 octets libres c:\Documents and Settings\HP_Propriétaire\loaded.exe c:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\HP_Propriétaire\Bureau\ATF-Cleaner.exe c:\Documents and Settings\HP_Propriétaire\Bureau\ewido-setup_4.0.0.172c.exe c:\Documents and Settings\HP_Propriétaire\Bureau\Fixwareout.exe c:\Documents and Settings\HP_Propriétaire\Bureau\KillBox.exe c:\Documents and Settings\HP_Propriétaire\Bureau\chercher\LFiles.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\a6f5c64b.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Shareaza\Incomplete\PhotoShop CS 8.0 & ImageReady CS 8.0 Crack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Tcpview.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\last\01tox extra pack[by prince418]\01tox extra pack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\last\prnapp70\setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Adobe Photoshop 7.0.1 Fr Crack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Shareaza_2.1.0.0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Ulead.Gif.Animator.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\Crack for all Adobe Tryout apps Photoshop CS 8.0, Pagemaker, Illustrator, Framemaker etc\AdobeGlobalCrack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\D3DX9_dll_update\D3DX9_dll_update\Installer\DXSETUP.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\jtk361en\jtk361en\JoyToKey.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\ssspsx_0.0.26_windows\SSSPSX\SSSPSX.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\a2FreeSetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Alcohol120_trial_1.9.5.4212.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\anonymity_4_proxy_anonymity_4_proxy_2.8_anglais_9904.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ans305ev.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Authorware_Web_Player_Plugin.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\awmaw.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\blender-2.37a-windows.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\bobdown.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ControlMKv0232.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\copytodvd3_setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\daemon403-x86.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\directx_9c_redist.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\DiscoWebTV_20.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\DivXPlay.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\dMC-r11.5.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\dxwebsetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\EClea2_0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\eMule0.46c-Installer.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\fcp50setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Firefox Setup 1.5.0.1.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\FRAPS274.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\GoogleEarthSetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\GoogleEarthSetup_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hauntedfree.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hnecoufr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hnsofafr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\install_flash_player.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Install_Messenger.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Install_MSN_Messenger.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Mame32b.106.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Mame32v.102_Binary.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MediaInfo_0.7.1.2_GUI_Win32.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MegaBlocNotes.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\mirc616.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\mp10setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MPSetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MWFREE.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\nospafr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\nospafr_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ps7_tryout_fra.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\psp900frtr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\RealPlayer10-5GOLD_fr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\regfreeze_fr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Shareaza_2.2.1.0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Shockwave_Installer_Slim.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Shockwave_Installer_Slim_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\spybotsd14.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\spywareblastersetup351.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\srvezm.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Ulead Gif Animator 5.0t.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Update.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Wav2MP3Wizard_3.1GE_R281.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\wavsetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\WGAPluginInstall.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\WGAPluginInstall_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\winamp521_full.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\WINISO53.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\wrar351fr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ZCodec1009.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ZCodec1009_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Mame32\Mame32.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\neorage\NeoRAGEx.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx\ePSXe.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx2\psxfin.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx2\utils\cdztool.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll Vérifications de quelques clefs Recherche de clefs EGDACCESS HKLM\SOFTWARE\Microsoft\Windows\explorer\SharedTaskScheduler je constate deja que la barre d'outil trustin ne se colle plus aux fenêtres de mes dossiers et le dialer qui se declenchait toutes les 15 minutes ne montre pas le bout de son nez pour l'instant!

voici les rapports demandés en suivant les instructions tout s'est passé sans probleme : _le nouveau log HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 15:39:00, on 10/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\cmd.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 81.56.210.182:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IDMIECC.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iDMan] C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\KeyGen.exe /onboot O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All Links with IDM - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IEExt.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{52152A08-CA56-4B54-AC77-15C7B4C1E21C}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{5F0EC06C-4056-495C-8216-1BC7136119F0}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{9CB0EA2E-9526-44E3-94EF-CB1819C5E138}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{A9EBBBF0-A214-4723-9FBD-FF721AB16925}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: NameServer = 85.255.115.4,85.255.112.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: pushow23.dll O20 - Winlogon Notify: wineak32 - C:\WINDOWS\SYSTEM32\wineak32.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe _le rapport de smitfraudfix fait avec l'option 2: SmitFraudFix v2.81 Rapport fait à 15:16:58,18, 10/08/2006 Executé à partir de C:\Program Files\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\ads.js supprimé C:\WINDOWS\country.exe supprimé C:\WINDOWS\inetloader.dll supprimé C:\WINDOWS\local.html supprimé C:\WINDOWS\se_spoof.dll supprimé C:\WINDOWS\secure32.html supprimé C:\WINDOWS\toolbar.exe supprimé C:\WINDOWS\tpopup.exe supprimé C:\WINDOWS\trustinbar.exe supprimé C:\WINDOWS\system32\browsewmb.dll supprimé C:\Program Files\TrustIn Bar\ supprimé C:\Program Files\TrustIn Contextual\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_uninst35.exe supprimé »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin _le rapport "resultat.txt"avec chercher.cmd: C:\WINDOWS\System32\x10prod.sys -->09/08/2006 16:39:02 C:\WINDOWS\System32\ATHPRXYva.dll -->09/08/2006 11:35:39 C:\WINDOWS\System32\FNTCACHE.DAT -->09/08/2006 11:25:05 C:\WINDOWS\System32\wpa.dbl -->08/08/2006 16:02:43 C:\WINDOWS\System32\ATHPRXYv.dll -->07/08/2006 18:40:29 C:\WINDOWS\System32\avifileb.dll -->06/08/2006 14:16:18 C:\WINDOWS\System32\avicap32a.dll -->05/08/2006 11:53:02 C:\WINDOWS\System32\PerfStringBackup.INI -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfh00C.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfh009.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfc00C.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\perfc009.dat -->04/08/2006 14:35:49 C:\WINDOWS\System32\atioglx1v.dll -->04/08/2006 11:50:32 C:\WINDOWS\System32\amcompat.tlb -->03/08/2006 15:46:05 C:\WINDOWS\System32\nscompat.tlb -->03/08/2006 15:46:04 C:\WINDOWS\System32\MRT.exe -->03/08/2006 01:22:50 C:\WINDOWS\System32\admparseb.dll -->03/08/2006 00:51:09 C:\WINDOWS\System32\atl71a.dll -->01/08/2006 19:28:15 C:\WINDOWS\System32\browselca.dll -->31/07/2006 13:11:15 C:\WINDOWS\System32\mshtml.dll -->28/07/2006 11:28:08 C:\WINDOWS\System32\capesnpna.dll -->28/07/2006 11:27:33 C:\WINDOWS\System32\SpoonUninstall.exe -->27/07/2006 22:50:00 C:\WINDOWS\System32\inetcomm.dll -->27/07/2006 13:26:19 C:\WINDOWS\System32\asferrora.dll -->26/07/2006 23:27:23 C:\WINDOWS\System32\ati2dvagv.dll -->26/07/2006 23:26:23 C:\WINDOWS\WindowsUpdate.log -->10/08/2006 15:28:22 C:\WINDOWS\0.log -->10/08/2006 15:27:21 C:\WINDOWS\wiadebug.log -->10/08/2006 15:27:06 C:\WINDOWS\wiaservc.log -->10/08/2006 15:27:02 C:\WINDOWS\bootstat.dat -->10/08/2006 15:26:56 C:\WINDOWS\win.ini -->10/08/2006 15:25:31 C:\WINDOWS\system.ini -->10/08/2006 15:25:31 C:\WINDOWS\setupact.log -->10/08/2006 15:19:07 C:\WINDOWS\SchedLgU.Txt -->10/08/2006 15:05:44 C:\WINDOWS\KeyGen.INI -->10/08/2006 14:43:47 C:\WINDOWS\tsoc.log -->10/08/2006 02:01:40 C:\WINDOWS\setupapi.log -->10/08/2006 02:01:40 C:\WINDOWS\ocmsn.log -->10/08/2006 02:01:40 C:\WINDOWS\ocgen.log -->10/08/2006 02:01:40 C:\WINDOWS\ntdtcsetup.log -->10/08/2006 02:01:40 Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\WINDOWS\system 07/05/1998 16:04 52 736 hpsysdrv.exe 1 fichier(s) 52 736 octets 0 Rép(s) 39 953 350 656 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\Program Files 10/08/2006 15:17 <REP> . 10/08/2006 15:17 <REP> .. 09/08/2006 17:49 <REP> a-squared Free 20/01/2006 10:40 <REP> Adobe 08/07/2006 15:14 <REP> Alcohol Soft 03/01/2005 04:17 <REP> ATI Technologies 24/07/2006 18:38 <REP> CAPCOM 09/08/2006 14:48 <REP> Disco-WebTV 15/01/2006 23:46 <REP> Easy Internet signup 10/08/2006 15:28 <REP> eMule 14/04/2006 11:50 778 ffdsasetts.reg 14/04/2006 11:50 30 654 ffdssetts.reg 14/04/2006 11:50 30 040 ffdsvsetts.reg 26/07/2006 13:01 <REP> Fichiers communs 03/01/2005 04:33 <REP> Hewlett-Packard 10/08/2006 00:12 <REP> HijackThis 21/12/2005 21:52 <REP> HP 04/01/2006 23:09 <REP> Internet Download Manager 10/08/2006 02:01 <REP> Internet Explorer 13/07/2006 23:34 <REP> Interplay 03/01/2005 04:34 <REP> InterVideo 12/02/2006 00:16 <REP> Jasc Software Inc 03/01/2005 04:10 <REP> Java 06/08/2006 23:06 <REP> Mega Bloc Notes 03/01/2005 04:14 <REP> Messenger 07/01/2006 14:17 <REP> microsoft frontpage 06/01/2006 11:29 <REP> Microsoft Office 06/01/2006 11:29 <REP> Microsoft Visual Studio 11/03/2006 12:18 <REP> mIRC 25/11/2004 03:27 <REP> Movie Maker 10/08/2006 14:59 <REP> Mozilla Firefox 14/04/2006 11:50 824 mpc5.reg 22/05/2006 13:50 <REP> MSN 25/11/2004 03:27 <REP> MSN Gaming Zone 04/07/2006 14:58 <REP> MSN Messenger 01/02/2005 07:54 <REP> NetMeeting 03/01/2005 04:51 <REP> Norton Internet Security 10/08/2006 01:40 <REP> Nouveau dossier 25/11/2004 03:27 <REP> Online Services 19/04/2006 03:00 <REP> Outlook Express 03/01/2005 04:47 <REP> PC-Doctor 5 for Windows 20/12/2005 20:58 <REP> SAGEM 14/04/2006 10:56 4 482 satsukidecodersettings.ini 17/12/2005 00:02 <REP> SEGA 03/01/2005 04:45 <REP> Services en ligne 21/12/2005 12:37 <REP> Shareaza 10/08/2006 15:20 <REP> SmitfraudFix 03/01/2005 04:33 <REP> Sonic 13/07/2006 16:14 <REP> Spybot - Search & Destroy 09/08/2006 17:47 <REP> SpywareBlaster 03/01/2005 04:50 <REP> Symantec 27/07/2006 15:35 <REP> ToniArts 13/06/2006 23:16 <REP> TrackMania Nations ESWC 01/04/2006 15:12 <REP> Twin USB Vibration Gamepad 01/04/2006 15:12 <REP> USB Vibration Joystick 23/01/2006 19:22 <REP> VGA USB Camera 03/07/2006 14:38 <REP> Vso 03/08/2006 15:37 <REP> Windows Media Player 01/02/2005 07:54 <REP> Windows NT 04/01/2006 23:09 <REP> WinRAR 25/11/2004 03:28 <REP> xerox 03/08/2006 15:24 <REP> XP Codec Pack 5 fichier(s) 66 778 octets 57 Rép(s) 39 953 346 560 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est D091-B3B1 Répertoire de C:\Program Files\fichiers communs 26/07/2006 13:01 <REP> . 26/07/2006 13:01 <REP> .. 26/07/2006 13:03 <REP> Adobe 03/08/2006 15:40 <REP> Ahead 02/01/2006 10:26 <REP> AOL 06/01/2006 11:29 <REP> Designer 03/01/2005 04:28 <REP> Hewlett-Packard 03/01/2005 04:26 <REP> HP 03/01/2005 04:37 <REP> InstallShield 04/01/2006 21:33 <REP> Jasc Software Inc 03/01/2005 04:10 <REP> Java 21/06/2006 12:43 <REP> Microsoft Shared 25/11/2004 03:26 <REP> MSSoap 03/01/2005 04:38 <REP> muvee Technologies 25/11/2004 03:26 <REP> ODBC 26/07/2006 13:02 <REP> Real 01/02/2005 07:54 <REP> Services 03/01/2005 04:32 <REP> Sonic Shared 25/11/2004 03:26 <REP> SpeechEngines 03/01/2005 04:32 <REP> SureThing Shared 09/08/2006 17:48 <REP> Symantec Shared 19/04/2006 03:00 <REP> System 03/01/2005 04:33 <REP> TiVo Shared 19/01/2006 19:13 <REP> Vbox 0 fichier(s) 0 octets 24 Rép(s) 39 953 346 560 octets libres c:\Documents and Settings\HP_Propriétaire\loaded.exe c:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\HP_Propriétaire\Bureau\chercher\LFiles.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\a6f5c64b.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Shareaza\Incomplete\PhotoShop CS 8.0 & ImageReady CS 8.0 Crack.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\DwnlData\HP_Propriétaire\Photoshop-20CS-20Serial-20Expi_126\Photoshop CS Serial Expiration Fix.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\nero_y.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\SetupX.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\ycomp_setup_nero.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\Redist\50comupd.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\Redist\instmsia.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\Redist\instmsiw.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\Redist\ShFolder.Exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\Setup\NeroDelTmp.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\NeroDemo9616\Setup\UninstallNero.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\nstmp\uninstall.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\nstmp1\uninstall.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\pft91~tmp\_ISDel.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\XPack\IvSetup.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\XPack\Setup.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{1735ad57-fd6e-4eb5-a276-56c2574d6412}\atiicdxx.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{1735ad57-fd6e-4eb5-a276-56c2574d6412}\atiiiexx.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{1735ad57-fd6e-4eb5-a276-56c2574d6412}\Thunk.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{1735ad57-fd6e-4eb5-a276-56c2574d6412}\UpdatPnP.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Tcpview.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\last\01tox extra pack[by prince418]\01tox extra pack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\divers\divers\last\prnapp70\setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Adobe Photoshop 7.0.1 Fr Crack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Shareaza_2.1.0.0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Shareaza_2.2.1.0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Ulead.Gif.Animator.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\Crack for all Adobe Tryout apps Photoshop CS 8.0, Pagemaker, Illustrator, Framemaker etc\AdobeGlobalCrack.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\D3DX9_dll_update\D3DX9_dll_update\Installer\DXSETUP.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\internet download manager 4.07 + crack + keygen + serial list\internet download manager 4.07.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\internet download manager 4.07 + crack + keygen + serial list\Internet Download Manager v4.07 Trial to Full by Great Elmo!!\idman.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\jtk361en\jtk361en\JoyToKey.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\ssspsx_0.0.26_windows\SSSPSX\SSSPSX.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Compressed\XPCodecPack-1-3-4\XP Codec Pack 1.3.4.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\a2FreeSetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Alcohol120_trial_1.9.5.4212.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\anonymity_4_proxy_anonymity_4_proxy_2.8_anglais_9904.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ans305ev.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Authorware_Web_Player_Plugin.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\awmaw.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\blender-2.37a-windows.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\bobdown.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ControlMKv0232.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\copytodvd3_setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\daemon403-x86.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\directx_9c_redist.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\DiscoWebTV_20.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\DivXPlay.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\dMC-r11.5.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\dxwebsetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\EClea2_0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\eMule0.46c-Installer.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\fcp50setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Firefox Setup 1.5.0.1.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\FRAPS274.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\GoogleEarthSetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\GoogleEarthSetup_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hauntedfree.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hnecoufr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\hnsofafr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\install_flash_player.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Install_Messenger.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Install_MSN_Messenger.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Mame32b.106.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Mame32v.102_Binary.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MediaInfo_0.7.1.2_GUI_Win32.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MegaBlocNotes.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\mirc616.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\mp10setup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MPSetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\MWFREE.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\nospafr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\nospafr_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ps7_tryout_fra.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\psp900frtr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\RealPlayer10-5GOLD_fr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\regfreeze_fr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Shareaza_2.2.1.0.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Shockwave_Installer_Slim.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Shockwave_Installer_Slim_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\spybotsd14.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\spywareblastersetup351.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\srvezm.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Ulead Gif Animator 5.0t.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Update.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\Wav2MP3Wizard_3.1GE_R281.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\wavsetup.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\WGAPluginInstall.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\WGAPluginInstall_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\winamp521_full.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\WINISO53.EXE c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\wrar351fr.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ZCodec1009.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\ZCodec1009_2.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Mame32\Mame32.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\neorage\NeoRAGEx.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx\ePSXe.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx2\psxfin.exe c:\Documents and Settings\HP_Propriétaire\Mes documents\Psx\psx2\utils\cdztool.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll Vérifications de quelques clefs Recherche de clefs EGDACCESS HKLM\SOFTWARE\Microsoft\Windows\explorer\SharedTaskScheduler _par contre j'ai tout toujours le probleme du dialer qui se lance tout seul bon ben voila!

voila ! SmitFraudFix v2.81 Rapport fait à 1:43:05,60, 10/08/2006 Executé à partir de C:\Program Files\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\ads.js PRESENT ! C:\WINDOWS\country.exe PRESENT ! C:\WINDOWS\inetloader.dll PRESENT ! C:\WINDOWS\local.html PRESENT ! C:\WINDOWS\se_spoof.dll PRESENT ! C:\WINDOWS\secure32.html PRESENT ! C:\WINDOWS\toolbar.exe PRESENT ! C:\WINDOWS\tpopup.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\ATHPRXYva.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_PRO~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin _ok! pour emule comme indiquer a la fin du topic designer , maintenant je sais, et je vais agir en consequence, en fait je ne l'utilise pas beaucoup juste pour des trucs qui ne sont disponible qu'en import genre des OST des animes etc ! mais c'est vrai que je le laisse actif tout le temps meme si je ne telecharge rien donc un homme avertit en vaut deux comme on dit ! Merci pour l'ecoute en tout cas!

voila (charles je ne pense pas qu'on puisse etre plus explicite Logfile of HijackThis v1.99.1 Scan saved at 00:11:14, on 10/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\Programs\install_flash_player.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\local.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IDMIECC.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SpoofBHO Class - {07A78AEA-4A54-4967-9A60-4B68592D30C7} - C:\WINDOWS\se_spoof.dll O2 - BHO: ChangerBHO Class - {0D4C7057-EAD2-44C6-AD18-9092905F28F1} - C:\WINDOWS\system32\ATHPRXYva.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: WeeklyExecuter Class - {590FFB84-6A29-4797-9C0E-B15DF2C4CDCB} - C:\WINDOWS\inetloader.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iDMan] C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\KeyGen.exe /onboot O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All Links with IDM - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IEExt.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{52152A08-CA56-4B54-AC77-15C7B4C1E21C}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{5F0EC06C-4056-495C-8216-1BC7136119F0}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{9CB0EA2E-9526-44E3-94EF-CB1819C5E138}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{A9EBBBF0-A214-4723-9FBD-FF721AB16925}: NameServer = 85.255.115.4,85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: NameServer = 85.255.115.4,85.255.112.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: pushow23.dll O20 - Winlogon Notify: wineak32 - C:\WINDOWS\SYSTEM32\wineak32.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe merci d'avance!

Salut alors comme beaucoup de monde recement j'ai quelques soucie avec mon navigateur preferé! 1_j'ai un telchargement qui se lance toute les 15 min, quand FF est actif j'ai eu beau reinstaler et tout, ca revien toujours (ah voila justement ca c'est encore declenché pendant que chui entrain d'ecrire ce message) ca se produit automatiquement quand une fenetre de firefox est active! 2_le probleme avec shockwave player (operation illegal) et la fermeture de FF soudaine avec la boite de dialogue "envoyer l'erreur a micros***" j'ai deja spybot c'est plutot utile mais ca ne m'aide pas en ce moment! grace a "a-squared Free" j'ai eliminé un bon nombre de saleté en sacan rapide! MAIS SURPRISE: apres le scan quelques instants plus tards hop! mon PC redemare tout seul comme un grand sans que je ne lui ai rien demandé , apres cela je rescan et il semble qu'un truc a haut risque soit revenu "paked.win32.klone.q" (tout seul comme un grand aussi...) la bien sur, reflexe logique je le supprime et puis je continu mon train-train habituelle firefox semble fonctioner a merveille et puis soudain encore une fois mon PC plante et redemare tout seul (comme un...^^) ! bon la je n'ai pas refai de scan et mon pc n'a pas planté mais et firefox a toujours le probleme de shokwave player et du telechagement qui se lance tout seul... (probleme 1 et 2) et puis j'attend et j'espere de l'aide de votre part...SVP!