chapo

re bj Falkra.. Non.. à part ces pbs de parasites sur les sons et la disparition des sons windows pour lesquels je t'avais déja mis un post que je recopie ici en te demandant ton avis sur la disposition matérielle de mon ordi.. Sinon on peut considerer que les vilaines bebbetes sont parties Voila mon post d'hier: Merci bcp Falkra.. il semble que MBAM m'a détecté quelques cochonneries (CF rapport) et me les a enlevées...: je n'ai plus de pb d'affichage..et MBAM s'est installé en + de mes autres anti virus et antispyware pour surveiller mon ordi.. Cepdt j'ai tj mes trés gros pbs de parasites qui sont tellement conséquents que je ne peux meme plus écouter de la musique :ça crachote fort en permanence !!! Il m semble qu c'est depuis que j'ai ma Neuf box sur mon bureau ..sur lequel il y a dc déja mon clavier sans fl + souris, mon écran et mes deux hauts parleurs,ainsi que mon téléfon... Est ce que cça fait trop ?? (avant la 9 il n'y avait pas de telles interférences.. J'ai esayé de distancer un peu mes haut parleurs (système Altec Lansing composé de deux petits hauts parleurs stéréo de bureau couplé à un caisson de basse de la meme marque qui est sous le bureau) mais je ne peux trop les eloigner de l'unité centrale car ils sont connectés tous les 3 ensemble.. Est ce qu'il n'y aurait pas techniquement qqch que je pourrai faire ou installer ??? (Un genre de filtre ???)Merci encore de tes conseils avisés Chapo

Bj Ci dessus le dernier rapport Hi jack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:20:56, on 15/07/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\ehome\ehSched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\WINDOWS\System32\ups.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLSoftware.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Neuf\Widget Neuf\9widget.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Webshots\webshots.scr C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLDesktop.exe c:\program files\fichiers communs\aol\1142546206\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe C:\Program Files\Fichiers communs\AOL\1142546206\ee\aolsoftware.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Administrateur\Mes documents\Logiciels virus ,spys,maintenance\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: LightFrame3IECOM - {43D29D14-460E-4F3A-9037-E60F11EF12F0} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLSoftware.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'Default user') O4 - Startup: AOL Desktop.lnk = C:\Program Files\Fichiers communs\AOL\Launch\aollaunch.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} (MetaStreamCtlSecondary Class) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.5.0.4.cab O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} - http://apps.corel.com/nos_dl_manager_dev/p...IEGetPlugin.ocx O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1179783308203 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} - http://www.geomapguide.com/aixenprovence/Cabs/mgaxctrl.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1135724617093 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} - https://rtc3.webresponse.one.microsoft.com/...p/TLIEFlash.CAB O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} - http://techcity.aol.fr/download/img/DiagSetup.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - http://driveragent.com/files/driveragent.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?325 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL,C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL, O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: C-DillaCdaC11BA - Unknown owner - (no file) O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 12714 bytes Merci

Oups..j'ai oublié le rapport MBAM !! Le voici : Malwarebytes' Anti-Malware 1.20 Version de la base de données: 944 Windows 5.1.2600 Service Pack 3 16:04:24 13/07/2008 mbam-log-7-13-2008 (16-04-20).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|) Eléments examinés: 178327 Temps écoulé: 45 minute(s), 57 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 8 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\QuickTime Alternative\quicktime_browser_plugin.exe (Rogue.Installer) -> No action taken. CHAPO

Oups..j'ai oublié le rapport MBAM !! Le voici : Malwarebytes' Anti-Malware 1.20 Version de la base de données: 944 Windows 5.1.2600 Service Pack 3 16:04:24 13/07/2008 mbam-log-7-13-2008 (16-04-20).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|) Eléments examinés: 178327 Temps écoulé: 45 minute(s), 57 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 8 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\QuickTime Alternative\quicktime_browser_plugin.exe (Rogue.Installer) -> No action taken. CHAPO

Merci bcp Falkra.. il semble que MBAM m'a détecté quelques cochonneries (CF rapport) et me les a enlevées...: je n'ai plus de pb d'affichage..et MBAM s'est installé en + de mes autres anti virus et antispyware pour surveiller mon ordi.. Cepdt j'ai tj mes trés gros pbs de parasites qui sont tellement conséquents que je ne peux meme plus écouter de la musique :ça crachote fort en permanence !!! Il m semble qu c'est depuis que j'ai ma Neuf box sur mon bureau ..sur lequel il y a dc déja mon clavier sans fl + souris, mon écran et mes deux hauts parleurs,ainsi que mon téléfon... Est ce que cça fait trop ?? (avant la 9 il n'y avait pas de telles interférences.. J'ai esayé de distancer un peu mes haut parleurs (système Altec Lansing composé de deux petits hauts parleurs stéréo de bureau couplé à un caisson de basse de la meme marque qui est sous le bureau) mais je ne peux trop les eloigner de l'unité centrale car ils sont connectés tous les 3 ensemble.. Est ce qu'il n'y aurait pas techniquement qqch que je pourrai faire ou installer ??? (Un genre de filtre ???)Merci encore de tes conseils avisés Chapo

Rebj Falkra et ..autres.. J'ai dc sans pb téléchargé et exécuté DSS et voici le rapport : merci de l'interprétation Deckard's System Scanner v20071014.68 Run by Administrateur on 2008-07-12 18:46:21 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 32: 2008-07-12 16:46:28 UTC - RP1378 - Deckard's System Scanner Restore Point 31: 2008-07-12 10:20:34 UTC - RP1377 - Point de vérification système 30: 2008-07-11 08:42:22 UTC - RP1376 - Software Distribution Service 3.0 29: 2008-07-10 20:06:13 UTC - RP1375 - Point de vérification système 28: 2008-07-09 09:01:13 UTC - RP1374 - Point de vérification système -- First Restore Point -- 1: 2008-06-29 14:07:14 UTC - RP1347 - Installé Audio Stream Recorder 2 Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Administrateur.exe) -------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:49:53, on 12/07/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\ehome\ehSched.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\WINDOWS\System32\ups.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLSoftware.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Webshots\webshots.scr C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLDesktop.exe c:\program files\fichiers communs\aol\1142546206\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe C:\Program Files\Fichiers communs\AOL\1142546206\ee\aolsoftware.exe C:\Documents and Settings\Administrateur\Mes documents\My Completed Downloads\dss.exe C:\DOCUME~1\ADMINI~1\MESDOC~1\Logiciels virus ,spys,maintenance\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: LightFrame3IECOM - {43D29D14-460E-4F3A-9037-E60F11EF12F0} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLSoftware.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'Default user') O4 - Startup: AOL Desktop.lnk = C:\Program Files\Fichiers communs\AOL\Launch\aollaunch.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} (MetaStreamCtlSecondary Class) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.5.0.4.cab O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/p...IEGetPlugin.ocx O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1179783308203 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.geomapguide.com/aixenprovence/Cabs/mgaxctrl.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1135724617093 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc3.webresponse.one.microsoft.com/...p/TLIEFlash.CAB O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?325 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL,C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: C-DillaCdaC11BA - Unknown owner - (no file) O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 12490 bytes -- HijackThis Fixed Entries (C:\DOCUME~1\ADMINI~1\MESDOC~1\Logiciels virus ,spys,maintenance\backups\) -------------------------------------------------------------------------------- backup-20080712-184416-688 O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/199702195b7e43...RdxIE601_fr.cab -- File Associations ----------------------------------------------------------- .bat - batfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,71 .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%* .inf - inffile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69 .ini - inifile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69 .js - JSFile - shell\open\command - NOTEPAD.EXE %1 .reg - regfile - shell\edit\command - %SystemRoot%\system32\NOTEPAD.EXE "%1" .txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,70 .txt - txtfile - shell\open\command - Notepad.exe %1 .vbs - VBSFile - shell\open\command - NOTEPAD.EXE %1 -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 giveio - c:\windows\system32\giveio.sys R0 snapman (Acronis Snapshots Manager) - c:\windows\system32\drivers\snapman.sys <Not Verified; Acronis; Acronis Snapshot API> R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver> R0 timounter (Acronis TrueImage Backup Archive Explorer) - c:\windows\system32\drivers\timntr.sys <Not Verified; Acronis; Acronis True Image> R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI> R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT> R2 sbbotdi - c:\program files\speedbit video accelerator\sbbotdi.sys <Not Verified; SpeedBit Ltd.; Speedbit TDI Driver> R2 tifsfilter (Acronis TrueImage FS Filter) - c:\windows\system32\drivers\tifsfilt.sys <Not Verified; Acronis; TrueImage> R3 AEXPAM (Philips SmartManage Service) - c:\windows\system32\drivers\aexpamdrv.sys <Not Verified; Philips Consumer Electronics Co.; Philips SmartManage> R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi> R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell> S1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shldrv51.sys (file missing) S2 PavProc (Panda Process Protection Driver) - c:\windows\system32\drivers\pavproc.sys (file missing) S3 alcan5wn (SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)) - c:\windows\system32\drivers\alcan5wn.sys <Not Verified; THOMSON; SpeedTouch USB> S3 alcaudsl (SpeedTouch ADSL Modem ATM Transport) - c:\windows\system32\drivers\alcaudsl.sys <Not Verified; THOMSON; SpeedTouch USB> S3 C-Dilla - c:\windows\system32\drivers\cdant.sys <Not Verified; Macrovision; Licence Management System> S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> S3 ProcObsrv (Process creation detector.) - c:\program files\aol media server\procobsrv.sys S3 RegGuard - c:\windows\system32\drivers\regguard.sys <Not Verified; Greatis Software; RegRun Security Suite> S3 SABProcEnum - c:\program files\aol 9.0\sabprocenum.sys (file missing) S3 SunkFilt (Alcor Micro Corp - 9360) - c:\windows\system32\drivers\sunkfilt.sys <Not Verified; Alcor Micro Corp.; SunkFilt> S3 Sunkfiltp (HP && Alcor Micro Corp for Phison) - c:\windows\system32\drivers\sunkfiltp.sys (file missing) S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/XP> S3 YMIDUSB (YAMAHA Corporation USB MIDI Driver) - c:\windows\system32\drivers\ymidusb.sys <Not Verified; YAMAHA Corporation; Windows ® 2002 DDK driver> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AcrSch2Svc (Acronis Scheduler2 Service) - "c:\program files\fichiers communs\acronis\schedule2\schedul2.exe" <Not Verified; Acronis; Acronis Scheduler 2> R2 AntiVirScheduler (AntiVir PersonalEdition Premium Scheduler) - "c:\program files\avira\antivir personaledition premium\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 antivirwebservice (Avira AntiVir Premium WebGuard) - "c:\program files\avira\antivir personaledition premium\avwebgrd.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 AVEService (AntiVir PersonalEdition Premium MailGuard helper service) - "c:\program files\avira\antivir personaledition premium\avesvc.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 C-DillaSrv - c:\windows\system32\drivers\cdantsrv.exe <Not Verified; C-Dilla Ltd; CD-Secure/CD-Compress Windows NT> S2 C-DillaCdaC11BA - S2 PavPrSrv (Panda Process Protection Service) - "c:\program files\fichiers communs\panda software\pavshld\pavprsrv.exe" (file missing) S4 AntiVirMailService (AntiVir PersonalEdition Premium MailGuard) - "c:\program files\avira\antivir personaledition premium\avmailc.exe" <Not Verified; Avira GmbH; AntiVir Workstation> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E96D-E325-11CE-BFC1-08002BE10318} Description: Conexant HSF V92 56K PCI Modem Device ID: PCI\VEN_14F1&DEV_2F00&SUBSYS_8D8513E0&REV_01\4&239BD86&0&58F0 Manufacturer: Conexant Name: Conexant HSF V92 56K PCI Modem PNP Device ID: PCI\VEN_14F1&DEV_2F00&SUBSYS_8D8513E0&REV_01\4&239BD86&0&58F0 Service: Modem -- Files created between 2008-06-12 and 2008-07-12 ----------------------------- 2008-07-11 23:45:54 0 dr-h----- C:\Documents and Settings\Administrateur\Recent 2008-07-08 17:18:36 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Pogo Games 2008-07-08 16:42:43 0 d-------- C:\Program Files\Oberon Media 2008-07-08 16:30:26 0 d-------- C:\Program Files\hkSFV 2008-07-07 23:11:56 765952 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-07-07 23:11:55 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll 2008-07-07 23:11:55 0 d-------- C:\Program Files\Xvid 2008-07-07 23:06:19 328978 --a------ C:\WINDOWS\system32\dvda.exe 2008-07-07 23:06:18 62464 --a------ C:\WINDOWS\system32\cygz.dll 2008-07-07 23:06:18 1208320 --a------ C:\WINDOWS\system32\cygxml2-2.dll 2008-07-07 23:06:18 1153417 --a------ C:\WINDOWS\system32\cygwin1.dll <Not Verified; Red Hat; Cygwin> 2008-07-07 23:06:18 980992 --a------ C:\WINDOWS\system32\cygiconv-2.dll 2008-07-07 23:05:47 57344 --a------ C:\WINDOWS\system32\WNASPINT.DLL <Not Verified; NexiTech, Inc.; NexiTech ASPI for Win32> 2008-07-07 23:04:20 0 d-------- C:\Program Files\Gabest 2008-07-07 23:03:33 0 d-------- C:\Program Files\Essentials Codec Pack 2008-07-07 22:56:23 0 d------c- C:\ConverterOutput 2008-07-07 22:56:09 262144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll 2008-07-07 22:56:09 395776 --a------ C:\WINDOWS\system32\libmplayer.dll 2008-07-07 22:56:09 112640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll 2008-07-07 22:56:08 2255360 --a------ C:\WINDOWS\system32\libavcodec.dll 2008-07-07 22:56:04 0 d-------- C:\Program Files\Cucusoft 2008-07-07 22:30:36 0 d------c- C:\TempDVD 2008-07-07 22:30:30 0 d-------- C:\Program Files\dvdSanta 2008-07-07 17:10:46 0 d-------- C:\Documents and Settings\Administrateur\avidemux 2008-07-07 17:10:32 0 d-------- C:\Program Files\Avidemux 2.4 2008-07-03 17:11:33 162304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2008-07-03 17:11:33 77312 --a------ C:\WINDOWS\system32\ztvunace26.dll 2008-07-03 17:11:33 69632 --a------ C:\WINDOWS\system32\ztvcabinet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® 2000 Operating System> 2008-07-03 17:11:33 153088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2008-07-03 17:11:33 75264 --a------ C:\WINDOWS\system32\unacev2.dll 2008-07-03 17:11:31 0 d-a------ C:\Program Files\Trojan Remover 2008-07-03 17:11:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2008-07-03 17:11:31 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Simply Super Software 2008-07-03 16:46:04 0 dr-----c- C:\My Games 2008-07-03 16:43:55 0 d------c- C:\My Download Files 2008-07-03 15:31:43 0 d-------- C:\Documents and Settings\Administrateur\Application Data\uTorrent 2008-07-02 21:30:55 0 d-------- C:\Program Files\Fichiers communs\Adobe AIR 2008-07-02 17:22:01 0 d-------- C:\Documents and Settings\All Users\Application Data\GameHouse 2008-07-02 17:20:28 0 d-------- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 2008-07-02 17:19:36 0 d-------- C:\Documents and Settings\Administrateur\Application Data\GameHouse 2008-07-02 11:17:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-29 16:11:45 184 --a------ C:\WINDOWS\system32\e000002.dat 2008-06-29 16:09:15 77824 --a------ C:\WINDOWS\system32\ctdvda32.dll <Not Verified; Creative Technology Ltd; Creative DVD-Audio Product> 2008-06-29 16:09:14 831600 --a------ C:\WINDOWS\system32\Ctaa1.dat 2008-06-29 14:50:03 0 d------c- C:\DVDTemp 2008-06-29 14:49:10 0 dr------- C:\Program Files\Super_DVD_Creator_9.8 2008-06-28 10:55:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Real 2008-06-27 11:15:15 0 dr------- C:\Program Files\Elaborate Bytes 2008-06-24 17:09:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Christmasville 2008-06-24 17:08:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Reflexive 2008-06-24 16:57:18 0 d-------- C:\WINDOWS\Amazing Adventures The Lost Tomb 2008-06-24 15:18:39 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Boomzap 2008-06-24 15:15:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games 2008-06-24 15:09:29 0 d-------- C:\WINDOWS\Elf Bowling The Last Insult 2008-06-24 15:09:29 0 dr------- C:\Program Files\Elf Bowling The Last Insult 2008-06-24 14:18:41 0 d-------- C:\Documents and Settings\Administrateur\Games 2008-06-22 16:31:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Gogii Games 2008-06-22 16:31:21 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Gogii Games 2008-06-22 15:48:06 0 d-------- C:\WINDOWS\The Clumsys {h33t} {oi812heet} 2008-06-22 15:48:06 0 dr------- C:\Program Files\The Clumsys {h33t} {oi812heet} 2008-06-22 15:47:33 0 d-------- C:\WINDOWS\Little Shop - City Lights [h33t] [oi812heet] 2008-06-22 14:58:37 0 d-------- C:\Program Files\Microsoft.NET 2008-06-22 14:56:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-22 14:55:05 0 dr-h---c- C:\MSOCache 2008-06-21 22:47:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Friends Games 2008-06-21 15:42:18 0 dr------- C:\Program Files\No1 DVD Ripper 2008-06-21 15:41:25 0 dr------- C:\Program Files\1Click DVD Ripper 2008-06-21 15:08:34 98816 --a------ C:\WINDOWS\system32\FGWVB32.DLL 2008-06-21 15:08:33 523264 --a------ C:\WINDOWS\system32\AviProcessor.dll <Not Verified; Aurigma Inc.; Aurigma AVI Processor> 2008-06-21 15:08:32 532480 --a------ C:\WINDOWS\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress> 2008-06-21 15:08:32 507904 --a------ C:\WINDOWS\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress> 2008-06-21 15:08:30 33280 --a------ C:\WINDOWS\system32\Huffyuv.dll <Not Verified; Disappearing Inc.; Huffyuv> 2008-06-21 15:08:30 51200 --a------ C:\WINDOWS\system32\camcodec.dll <Not Verified; RenderSoft Software.; CamCodec> 2008-06-21 15:08:30 114688 --a------ C:\WINDOWS\system32\avizlib.dll 2008-06-21 15:08:30 0 d------c- C:\Program Files\KBStudio 2008-06-21 15:00:04 0 d-------- C:\WINDOWS\Magic Match Adventures[h33t][oi812heet] 2008-06-21 15:00:04 0 dr------- C:\Program Files\Magic Match Adventures[h33t][oi812heet] 2008-06-21 14:33:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead 2008-06-20 23:17:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Flood Light Games 2008-06-20 23:17:00 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Flood Light Games 2008-06-20 10:05:43 0 d-------- C:\Documents and Settings\Administrateur\Application Data\SampleView 2008-06-20 09:58:14 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Restorer 2008-06-19 22:25:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Gogii 2008-06-19 19:57:59 0 d-------- C:\Documents and Settings\All Users\Application Data\MonteCristo 2008-06-19 19:17:03 0 d-------- C:\WINDOWS\The Count of Monte Cristo [h33t] [oi812heet] 2008-06-19 19:17:02 0 dr------- C:\Program Files\The Count of Monte Cristo [h33t] [oi812heet] 2008-06-19 17:06:07 0 d-------- C:\WINDOWS\Womens Murder Club Death In Scarlet {h33t} {oi812heet} 2008-06-19 16:21:50 0 d-------- C:\Documents and Settings\Administrateur\Application Data\SultansLabyrinth 2008-06-19 16:18:29 0 dr------- C:\Program Files\The Sultan's Labyrinth 2008-06-19 15:56:41 0 d-------- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum 2008-06-19 15:55:00 0 d-------- C:\WINDOWS\Escape the Museum [h33t] [oi812heet] 2008-06-19 15:55:00 0 dr------- C:\Program Files\Escape the Museum [h33t] [oi812heet] 2008-06-17 12:25:41 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Friday's games 2008-06-17 12:24:46 0 d-------- C:\WINDOWS\Natalie Brooks Secrets of Treasure House {h33t} {oi812heet} 2008-06-17 12:24:46 0 dr------- C:\Program Files\Natalie Brooks Secrets of Treasure House {h33t} {oi812heet} 2008-06-16 11:10:07 0 d-------- C:\Program Files\uTorrent 2008-06-16 10:14:57 0 d-------- C:\Documents and Settings\Administrateur\Application Data\InfraRecorder -- Find3M Report --------------------------------------------------------------- 2008-07-12 10:45:27 870554 --a------ C:\WINDOWS\system32\perfh00C.dat 2008-07-12 10:45:27 227666 --a------ C:\WINDOWS\system32\perfc00C.dat 2008-07-12 10:41:13 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-07-10 09:32:34 288 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000009-00001102-00000004-10091102}.dat 2008-07-10 09:32:34 288 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-00000009-00001102-00000004-10091102}.dat 2008-07-08 17:27:43 0 d-------- C:\Program Files\DivX 2008-07-08 09:57:29 0 d-------- C:\Program Files\Fichiers communs\Panda Software 2008-07-07 19:29:10 0 dr------- C:\Program Files\GameHouse 2008-07-07 19:27:15 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Adobe 2008-07-07 17:17:45 0 d-------- C:\Documents and Settings\Administrateur\Application Data\gtk-2.0 2008-07-07 16:47:45 0 d-------- C:\Program Files\Fichiers communs 2008-07-02 21:30:11 0 d-------- C:\Program Files\Fichiers communs\Adobe 2008-07-01 09:45:45 0 dr------- C:\Program Files\DVD Vidéo Copieur 2008-06-30 22:23:48 0 d-------- C:\Documents and Settings\Administrateur\Application Data\MysteryStudio 2008-06-30 15:47:59 0 d-------- C:\Program Files\Fichiers communs\AOL 2008-06-29 16:37:07 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-29 11:20:48 0 dr------- C:\Program Files\BoontyGames 2008-06-29 11:14:06 0 dr------- C:\Program Files\PopCap Games 2008-06-28 13:30:38 0 dr------- C:\Program Files\Google 2008-06-25 15:02:01 0 d-------- C:\Program Files\LimeWire 2008-06-20 09:45:46 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Gaijin Ent 2008-06-19 22:23:32 0 d-------- C:\Program Files\Fichiers communs\Oberon Media 2008-06-11 20:02:32 0 d-------- C:\Documents and Settings\Administrateur\Application Data\ArcSoft 2008-06-07 18:47:50 0 dr------- C:\Program Files\Jigs@w Puzzle Platinum Edition 2008-06-07 18:47:49 0 dr------- C:\Program Files\Big Kahuna Reef 2008-06-07 15:27:27 0 d-------- C:\Program Files\VS Revo Group 2008-06-07 15:22:49 0 d-------- C:\Program Files\Recuva 2008-06-01 12:51:51 0 d-------- C:\Documents and Settings\Administrateur\Application Data\PlayFirst 2008-05-31 15:21:23 136120 --a------ C:\Documents and Settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT 2008-05-28 17:34:45 0 d-------- C:\Program Files\Neuf 2008-05-28 11:30:53 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Avira 2008-05-28 11:13:25 0 d-------- C:\Program Files\Avira 2008-05-17 19:40:30 0 d-------- C:\Program Files\MSECache 2008-05-13 17:12:16 192512 --a------ C:\WINDOWS\system32\srkey.exe <Not Verified; ; gpckey10 Application> 2008-05-13 11:44:17 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Viewpoint 2008-04-28 11:37:49 33 --a------ C:\Documents and Settings\Administrateur\Application Data\pcouffin.log 2008-04-28 11:37:46 47360 --a------ C:\Documents and Settings\Administrateur\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> 2008-04-28 11:37:46 7887 --a------ C:\Documents and Settings\Administrateur\Application Data\pcouffin.cat 2008-04-28 11:37:45 1144 --a------ C:\Documents and Settings\Administrateur\Application Data\pcouffin.inf -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 11/06/2008 22:33 75128 --a------ C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HostManager"="C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLSoftware.exe" [11/06/2008 23:05] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [29/06/2007 00:43] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [28/05/2008 11:22] "CTDVDDet"="C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [30/09/2002 01:00] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [11/05/2000 01:00] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12/06/2008 02:38] "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [03/07/2008 15:59] "Media Codec Update Service"="C:\Program Files\Essentials Codec Pack\update.exe" [08/04/2007 18:44] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 04:33] "Widget Neuf"="C:\Program Files\Neuf\Widget Neuf\9widget.exe" [30/04/2008 10:34] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "SetDefaultMidi"=MIDIDEF.EXE [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe "AOL Fast Start"="C:\PROGRA~1\AOL9~1.1\AOL.EXE" -b C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ AOL Desktop.lnk - C:\Program Files\Fichiers communs\AOL\Launch\aollaunch.exe [11/06/2008 23:05:04] Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [19/06/2007 16:35:30] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) "DisableTaskMgr"=0 (0x0) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) "DisableTaskMgr"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"=1 (0x1) "NoClose"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "DisableRegistryTools"=1 (0x1) "NoLowDiskSpaceChecks"=1 (0x1) "NoSimpleStartMenu"=0 (0x0) "HideClock"=0 (0x0) "NoTrayItemsDisplay"=0 (0x0) "NoRecentDocsHistory"=0 (0x0) "ClearRecentDocsOnExit"=1 (0x1) "NoClose"=0 (0x0) "NoResolveTrack"=1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoClose"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL,C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^fsbackup.lnk] backup=C:\WINDOWS\pss\fsbackup.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk] backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPEWWBP4\plugin\bin\PCHButton.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Dialer] C:\Program Files\Fichiers communs\AOL\ACS\AOlDial.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoClock] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hcwPVRReset] C:\PROGRA~1\WinTV\hcwP1Utl.exe -Quiet -ResetHardware -NotifyResetFailure -KeepTrying [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05] C:\WINDOWS\System32\hphmon05.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert] regsvr32 /s mqrt.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCLaunch] C:\WINDOWS\NCLAUNCH.EXe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedOptimizer] "C:\PROGRA~1\SPEEDO~1\SPO.EXE" -s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" "Sunkist2k"=C:\Program Files\Multimedia Card Reader\shwicon2k.exe "VideoManager"=C:\Program Files\Video Manager\VideoManager.exe /exit [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs napagent hkmsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f2be2a2a-b82e-11da-837f-00038a000015}] -- End of Deckard's System Scanner: finished at 2008-07-12 18:52:46 ------------ merci d'avance...

Bj à tous et plus particulièrement à Falkra.. Comme demandé , je poste ici l'analyse hi jack d'aujourd'hui.. En effet depuis qq temps mon micro a un comportement bizarre au niveau des sons (plus de sons windows à l'ouverture alors qu'ils sont selectionnés, plein de parasites dans mes hauts parleurs, pas de reconnaissance de mon lecteur cd etc...) et de l'affichage (du style "erreur mettez l'affichage en 1280X1204 à 60Mgz" alors que j'y suis déja ???) ou pas de reconnaissance de certains fichiers...?? Mon micro est un madiacenter HP m527 fr avec le SP3, Windows XP Pro, IE 7 ET 2go DE memoire.. Et bien que détentrice d'Avira premium, CCleaner, Spybot que j'utilise régulièrement je me demande si j'ai un trojan , un malware ..ou si mon système a une faille... Merci encore de vos réponses Ci-dessous le rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:38:00, on 12/07/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\ehome\ehSched.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\WINDOWS\System32\ups.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLSoftware.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Neuf\Widget Neuf\9widget.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Webshots\webshots.scr C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLDesktop.exe c:\program files\fichiers communs\aol\1142546206\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe C:\Program Files\Fichiers communs\AOL\1142546206\ee\aolsoftware.exe C:\Documents and Settings\Administrateur\Mes documents\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: LightFrame3IECOM - {43D29D14-460E-4F3A-9037-E60F11EF12F0} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1142546206\ee\AOLSoftware.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'Default user') O4 - Startup: AOL Desktop.lnk = C:\Program Files\Fichiers communs\AOL\Launch\aollaunch.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} (MetaStreamCtlSecondary Class) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.5.0.4.cab O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/p...IEGetPlugin.ocx O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/199702195b7e43...RdxIE601_fr.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1179783308203 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.geomapguide.com/aixenprovence/Cabs/mgaxctrl.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1135724617093 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc3.webresponse.one.microsoft.com/...p/TLIEFlash.CAB O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?325 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL,C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: C-DillaCdaC11BA - Unknown owner - (no file) O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 12619 bytes Encore mille merci de votre aide !!!!!! Chapo

Merci bcp de ton aide Styx... j'ai fait tout ce que tu m'as indiqué et après avoir eu un peu de mal à télécharger le logiciel PANDA j'ai eu droit au scan complet en version anglaise que je te retransmets donc ci-dessous : ;*********************************************************************************************************************************************************************************** ANALYSIS: 2007-08-28 17:06:12 PROTECTIONS: 2 MALWARE: 46 SUSPECTS: 2 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== Norton AntiVirus 2006 2005 No Yes avast! antivirus 4.7.1029 [VPS 000769-0] 4.7.1029 No Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00032731 application/mywebsearch HackTools No 0 Yes No c:\windows\system32\f3pssavr.scr 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} 00032731 application/mywebsearch HackTools No 0 Yes No hkey_local_machine\software\focusinteractive 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} 00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{147a976f-eee1-4377-8ea7-4716e4cdd239} 00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} 00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{938aa51a-996c-4884-98ce-80dd16a5c9da} 00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} 00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{a4730ebe-43a6-443e-9776-36915d323ad3} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} 00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} 00034463 adware/wupd Adware No 0 Yes No hkey_classes_root\install.install 00034463 adware/wupd Adware No 0 Yes No hkey_classes_root\install.install.1 00035328 Application/KillApp.A HackTools No 0 Yes No C:\hp\bin\Terminator.exe 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.htmlmenu.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.htmlmenu.2 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.iecookiesmanager 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.iecookiesmanager.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.killerobjmanager 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.htmlmenu 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.popswatterbarbutton 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.popswatterbarbutton.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.popswattersettingscontrol 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.popswattersettingscontrol.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.shellviewcontrol 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.shellviewcontrol.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.historyswattercontrolbar.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.killerobjmanager.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\screensavercontrol.screensaverinstaller 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\screensavercontrol.screensaverinstaller.1 00096053 application/funweb HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} 00096053 application/funweb HackTools No 0 Yes No HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} 00096053 application/funweb HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} 00096053 application/funweb HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} 00096053 application/funweb HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} 00096053 application/funweb HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} 00096053 application/funweb HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} 00096053 application/funweb HackTools No 0 Yes No HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} 00096053 application/funweb HackTools No 0 Yes No HKEY_CLASSES_ROOT\TypeLib\{f42228fb-e84e-479e-b922-fbbd096e792c} 00096053 application/funweb HackTools No 0 Yes No HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.historykillerscheduler.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.historykillerscheduler 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.datacontrol.1 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.datacontrol 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\clsid\{cff4ce82-3aa2-451f-9b77-7165605fb835} 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\clsid\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\clsid\{b813095c-81c0-4e40-aa14-67520372b987} 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\clsid\{9ff05104-b030-46fc-94b8-81276e4e27df} 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\clsid\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\clsid\{00a6faf6-072e-44cf-8957-5838f569a31d} 00096053 application/funweb HackTools No 0 Yes No hkey_local_machine\software\funwebproducts 00096053 application/funweb HackTools No 0 Yes No hkey_local_machine\software\fun web products 00096053 application/funweb HackTools No 0 Yes No hkey_current_user\software\fun web products 00096053 application/funweb HackTools No 0 Yes No c:\program files\funwebproducts 00096053 application/funweb HackTools No 0 Yes No hkey_classes_root\funwebproducts.historyswattercontrolbar 00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe 00115735 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378253.DLL 00115735 Application/MyWebSearch HackTools No 0 Yes No C:\Program Files\MSN Messenger\riched20.dll 00116106 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378257.DLL 00134791 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378246.DLL 00134792 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378264.DLL 00135334 Application/FunWeb HackTools No 0 Yes No C:\Documents and Settings\Administrateur\Mes documents\My Completed Downloads\backups\backup-20070827-213309-893.inf 00184991 Application/KillApp.B HackTools No 0 Yes No C:\EasyDivX\softs\ck.exe 00202047 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378248.DLL 00221185 Adware/EShopper Adware No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP826\A0347181.exe 00241782 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378260.DLL 00241796 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378265.DLL 00241834 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378271.DLL 00247238 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378244.DLL 00254794 Application/FunWeb HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378255.DLL 00264405 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378269.EXE 00297373 Application/SpywareSnooper HackTools No 0 No No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP841\A0359398.exe[spywareSnooper.exe] 00314351 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378258.MANIFEST 00321032 Adware/Gmter Adware No 1 Yes No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5PER45I7\popup[1].htm 00333562 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378243.DLL 00337302 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378270.DLL 00337303 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378252.DLL 00358465 application/myglobalsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37B85A21-692B-4205-9CAD-2626E4993404} 00365118 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378266.DLL 00365120 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP800\A0331369.DLL 00365121 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378256.DLL 00365123 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378250.DLL 00365124 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378247.DLL 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\Program Files\MSN Messenger\msimg32.dll 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP851\A0362609.dll 00365126 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378249.DLL 00365127 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378251.SCR 00365129 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378245.DLL 00365130 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378267.EXE 00365131 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378268.EXE 00365135 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378259.DLL 00365139 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP884\A0378262.DLL 00547142 Application/SpywareSnooper HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP841\A0359398.exe 00547144 Application/SpywareSnooper HackTools No 0 No No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP841\A0359398.exe[sWS.dll] 00548260 Adware/Starware Adware No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP782\A0326338.dll 00837464 Generic Trojan Virus/Trojan No 0 No No C:\Documents and Settings\Administrateur\Mes documents\Mes Jeux\DIVERS\120jeux\pop cap games 7 OCT\Dynomite.rar[CRACK\eatdy201ck.exe] 01075666 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Administrateur\Shared\GAMES\more than 120 games cracked (popcap,alaware,GameHouse,luxor,Zuma,Chainz,Tetris,Ricochet,Equilibria,Kahuna Reef,Rocket Mania,Brick,Shooter,zib, Etc).rar[more than 120 games cracked(popcap,alaware,GameHouse,luxor,Zuma,Chainz,Tetris,Ricochet,Equilibria,Kahuna Reef,Rocket Mania,Brick,Shooter,zib, Etc)\Magic Ball\Breakout Magic Ball-2 V2.1 + Serial.rar][MagicBall2.exe] 01260840 Trj/Downloader.PME Virus/Trojan No 1 Yes No C:\Documents and Settings\Administrateur\Local Settings\Application Data\Wildtangent\CdacacheE.dat 01343136 Generic Trojan Virus/Trojan No 0 No No C:\Documents and Settings\Administrateur\Shared\GAMES\All (15) Popcap Games With Keygens 2004.05.04 (Alchemy Astropop Atomica Bejeweled Big Money Bookworm Dynomite Mummy Maze Ningpo Mahjong Noah.rar[Keygens\dynomite.deluxe.2.7.keygen-tsrh.zip][dynomite.deluxe.2.7.keygen-tsrh.exe] 01343136 Generic Trojan Virus/Trojan No 0 No No C:\Documents and Settings\Administrateur\Shared\GAMES\more than 120 games cracked (popcap,alaware,GameHouse,luxor,Zuma,Chainz,Tetris,Ricochet,Equilibria,Kahuna Reef,Rocket Mania,Brick,Shooter,zib, Etc).rar[more than 120 games cracked(popcap,alaware,GameHouse,luxor,Zuma,Chainz,Tetris,Ricochet,Equilibria,Kahuna Reef,Rocket Mania,Brick,Shooter,zib, Etc)\Dynomite Deluxe 2.71 ENG\Dynomite Keygen\dynomite.deluxe.2.7.keygen-tsrh.exe] 01650305 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP908\A0412807.dll 01650305 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{211185E4-3E3D-4923-87B5-FBFD527AD6D5}\RP903\A0412343.DLL ;=================================================================================================================================================================================== SUSPECTS Location ;=================================================================================================================================================================================== C:\Program Files\TechCity Solutions\AOLSAV\Repair.dll C:\Program Files\TechCity Solutions\AOLSAV\Temp\Repair_1.0.1.5.cab[Repair.dll] ;=================================================================================================================================================================================== Bon mais maintenant comment je fais pour désinfecter ou supprimer les fichiers embetants et notamment ceux qui sont dans C:\System Volume ?? J'ai essayé de les trouver en fisant "Rechercher" mais le résultat de la recherche ne donne rien... Merci de m'en dire +... A bientot de te lire sur mon e-mail PChantal13@aol.com

Bj à tous... je suis nouvelle utilisatricedu forum mais je lis vos dossiers depuis longtemps.. J'ai eu de graves soucis de ralentissement avec mon PC malgré les analyses antivirus (Avast), les AD awware Spyware doctor et détecteur de spywares fournis par AOL... Aussi j'ai utilisé hijackThis comme vous le recommandez dans votre dossier et j'ai été cherché votre tutorial d'interprétation pour comprendre un peu mes soucis.. Cependant je ne suis pas assez spécialiste por déterminer ( notamment dans les lignes O16 et 023 ) ce qui est néfaste por mon système... je copie le log de hijack ici : merci de votre aide... Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 22:06:11, on 27/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\netdde.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\clipsrv.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\CTSvcCDA.EXE C:\WINDOWS\ehome\ehSched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\WINDOWS\System32\ups.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\AOL\1142546206\ee\aolsoftware.exe c:\program files\fichiers communs\aol\1142546206\ee\aolsoftware.exe c:\program files\fichiers communs\aol\1142546206\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\AOL 9.0 VR\waol.exe C:\Program Files\AOL 9.0 VR\shellmon.exe C:\Program Files\Fichiers communs\AOL\Topspeed\3.0\aoltpsd3.exe C:\Documents and Settings\Administrateur\Mes documents\My Completed Downloads\Scanner.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Webshots Toolbar - {C17590D2-ECB4-4b15-8820-F58798DCC118} - C:\Program Files\Webshots\WSToolbar4IE.dll (file missing) O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'Default user') O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.5.0.4.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.fr/computercheckup/qdiagcc.cab O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/199702195b7e43...RdxIE601_fr.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1179783308203 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.geomapguide.com/aixenprovence/Cabs/mgaxctrl.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1135724617093 O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc3.webresponse.one.microsoft.com/...p/TLIEFlash.CAB O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?325 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Cobian Backup 8 service (CobBMService) - Unknown owner - C:\Documents and Settings\Administrateur\Mes documents\Logiciels virus ,spys,maintenance\Cobian\cbService.exe (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\ehome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Publication FTP (MSFtpsvc) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe O23 - Service: Service SNMP (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe -- End of file - 13753 bytes