artourner

jai pas activer la restauration systeme

quand je veu le reinstallé il me dit que ce programme presente des problemes de compatibilité et si j'execute le programme rien ne se passe.

j'ai deja essayer mais sa me remet le meme message.

c'est bon jai racheter la x1900gt a fred the novice donc plus de probléme

alors voila je voudrai desinstallé outpost pro mais quand je veux le desinstaller avec ccleaner jai un message qui apparait: l'intruction a 0x00414a34 emploie l'adresse mémoire 0x00000004.la mémoire ne peut pas etre en etat read. alors je tourne sous vista ultimate .. et aussi j'ai tout le temps une fenetre de dialogue qui apparait qui me dit que jai un message . quand je clik sur afficher le message j'ai un ecran blanc. voila merci de votre aide

alors pour la carte a fred je la prend les amis!!! et j'ai une derniere question . alors d'ici peu de temps je vais installé windows vista allégé et je vous demande si je dois acheter 2x2 go de ram??? la je suis pres a acheter 2x1 go mais si vous me conseillé 2x2 go. allée bonne soirée a tous

je suis interérésé

ok pour la memoire ram jai fait mon choix. ton site est sur pour le paiement c b??? et pour la carte graphique a fred j'hesite car si je la prend et quelle me claque ds les pattes 2 mois aprés!!!! et en plus elle prend de la memoire gddr3 moi c du gddr2 fred jattent des info sur ta carte . merci tout le monde de vos conseille

bin moi je met pas plus de 70 € pour une carte car apres ya la memoire ram a racheter. et je met quoi du pci ou agp????

alors je compter mettre : Carte graphique GeForce 8500 GT, PCI-E, 512 Mo, Twintech ou Carte Graphique GeForce 8400GS, PCI-E, 256 Mo, Twintech ou Carte Graphique GeForce 8400GS, PCI-E, 256 Mo, MSI et jai regarder pour la memoire ram jai que deux ports donc 2 x 512 mo je compte mettre 2 x 1 go. alors ke choisir merci

dison que je veux mettre 2 go de ram alors que choisir en barette ram en bon rapport qualité prix c'est pour jouer et dire que mon pc ne ram plus

merci pour votre aide alors j'ai telecharger cpu-z et dans l'onglet memory spd il y a : module size: 512 mbytes max bandwidth: pc2-4300 (266 mhz) manufacturer : hyundai electronics part number hymp564u64bp8-c4 correction : none timings table frequence 200 mhz 266 mhz 266mhz cas latency 3.0 4.0 5.0 ras to cas 3 4 4 ras precharge 3 4 4 t ras 9 12 12 t rc 12 16 16 voltage 1.8v 1.8v 1.8v

bonjour a tous voila je voudrai rajouter de la mémoire ram a mon pc mé je ne c pas koi choisir comme marque type ect...... et en plus j'ai lu que javé 1 Go (2x512 Mo) extensibles à 4 Go. alors comment faire pour arriver a 4 go ? est ce utile de monté a 4 go? voila un rapport de ma config: Version du plugin 2.0.4.9 Système d'exploitation Windows XP Professionnel (build 2600) Service Pack 2 Navigateur web par défaut: Orange Web Client e-mail par défaut: Orange Mail Carte mère SMBios version 2.4 Packard Bell BV Cuba MS-7301 1.0 Bios: Phoenix Technologies, LTD W7301VP2.025 10/13/2006 taille: 512Kb Processeur Intel® Pentium® D CPU 2.80GHz (2793Mhz) (L1: 28ko L2: 2048ko ) Chipset Southbridge: VIA VT8237A Mémoire Barette de 512 Mo None Barette de 512 Mo None mémoire windows (cette valeur ne correspond pas exactement à la mémoire totale physique): 1022Mo Lecteurs CD/DVD Optiarc DVD RW AD-5170A 1.52 (DVD+R/DL Recorder) AXV CD/DVD-ROM 2.2a (DVD-ROM) Disque dur ST3250820AS 9QE0AB363.AAD (232.88Go) Generic USB CF Reader USB Device Generic USB MS Reader USB Device Generic USB SD Reader USB Device Generic USB SM Reader USB Device Cartes PCI/AGP Stockage VIA Technologies, Inc.:VT8237A SATA 2-Port Controller VIA Technologies, Inc.:VT82C586A/B/VT82C686/A/B/VT823x/A/C PIPC Bus Master IDE Réseau VIA Technologies, Inc.:VT6102 [Rhine-II] Affichage nVidia Corporation:G72 [GeForce 7300 SE] Multimedia VIA Technologies, Inc.:VIA High Definition Audio Controller Ponts VIA Technologies, Inc.:P4M890 Host Bridge VIA Technologies, Inc.:P4M890 Host Bridge VIA Technologies, Inc.:P4M890 Host Bridge VIA Technologies, Inc.:P4M890 Host Bridge VIA Technologies, Inc.:P4M890 Host Bridge VIA Technologies, Inc.:P4M890 Security Device VIA Technologies, Inc.:P4M890 Host Bridge VIA Technologies, Inc.:[K8T890 North / VT8237 South] PCI Bridge VIA Technologies, Inc.:P4M890 PCI to PCI Bridge Controller VIA Technologies, Inc.:P4M890 PCI to PCI Bridge Controller VIA Technologies, Inc.:VT8237A PCI to ISA Bridge VIA Technologies, Inc.:VT8251 Ultra VLINK Controller VIA Technologies, Inc.:VT8237A Host Bridge Système VIA Technologies, Inc.:P4M890 I/O APIC Interrupt Controller Bus Series VIA Technologies, Inc.:IEEE 1394 Host Controller VIA Technologies, Inc.:VT82xxxxx UHCI USB 1.1 Controller VIA Technologies, Inc.:VT82xxxxx UHCI USB 1.1 Controller VIA Technologies, Inc.:VT82xxxxx UHCI USB 1.1 Controller VIA Technologies, Inc.:VT82xxxxx UHCI USB 1.1 Controller VIA Technologies, Inc.:USB 2.0 Périphérique USB Logitech, Inc. Camera Alcor Micro Corp. USB Reader Clavier Clavier standard 101/102 touches ou clavier Microsoft Natural Keyboard PS/2 Souris Souris compatible PS/2 Ecran(s) Écran Plug-and-Play( Acer AL1916W) Écran par défaut alé merci a tous de votre aide

cest bon probleme resolut jai revu toute ma config audio et reinstallé carte son + pilotes

oui

merci pour ta reponce mais comment fait ton pour la overcloker?

bonjour a tous. alors mon probléme est que quand je navigue sur internet et que je vais sur you tube ect.... je n'ai pas de son qui sort de mes enceintes,pourtant quand j'écoute une musique sur media player sa fonctionne. j'ai deja essayer de: *réinstallation de carte son *réinstallation de flash player et mise a jour qui suit *mise a jour pilotes de son *j'ai regarder dans le gestionner de periphérique si il n'y avait pas de point d'interogation jaune ma carte son est une Realtek ALC888 @ VIA VT8237A high definition audio controller. alors que faire jattend votre aide merci

merci a tous de votre aide mais mon probléme c'est que j'ai acheté mon pc en supermarché donc il est encore garantit 2 ans,et je ne sais pas si ma carte mére est evolutive. donc y'aurait t ' il pas un moyen de reglage de ma carte graphique???

voila quand je lance un jeu sur mon pc genre pes8,scarface. je nai pas de fluiditer ds les images,j'ai des images au ralentit. alors que faire pour regler mon probleme. mon pc: ms windows xp pro sp2 intel pentium d cpu 2.80 ghz 1.0gb ram nvidia geforce 7300 se

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:18:03, on 02/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\eMule\emule.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?78df20d9ad0945d9b3e25c103df5cae3 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?78df20d9ad0945d9b3e25c103df5cae3 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O18 - Protocol: bw+0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 21661 bytes

c bon jme suis enregistrer et g fait comme tu ma dit. tu peut alait voir g le mm pseudo. j'ai aussi configurer mon ordi avec antivir et zone alarm. j'ai bien suivit les tutos. desire tu un rapport de hitjackthis pour une verification??? voila merci encore pour ton aide.

ok je ferai ce que tu ma dit demain apres le taf. je te remerci de ton aide et de tout ce tu ma apri. alé bonne soirée.

ComboFix 07-09-21.2 - "vincent" 2007-09-30 21:24:24.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.490 [GMT 2:00] * Created a new restore point FILE:: C:\WINDOWS\system32\Process.exe C:\WINDOWS\system32\dumphive.exe C:\WINDOWS\system32\VCCLSID.exe C:\WINDOWS\system32\SrchSTS.exe C:\WINDOWS\system32\swxcacls.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix.exe C:\Documents and Settings\vincent\Bureau\ToolsCleaner2.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\vincent\Bureau\SDFix C:\Documents and Settings\vincent\Bureau\SDFix\apps\assosfix.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\cliptext.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\download.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\drivers.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\dummy.sys C:\Documents and Settings\vincent\Bureau\SDFix\apps\Enable_Command_Prompt.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\ERDNT.E_E C:\Documents and Settings\vincent\Bureau\SDFix\apps\ERDNTDOS.LOC C:\Documents and Settings\vincent\Bureau\SDFix\apps\ERDNTWIN.LOC C:\Documents and Settings\vincent\Bureau\SDFix\apps\ERUNT.EXE C:\Documents and Settings\vincent\Bureau\SDFix\apps\ERUNT.LOC C:\Documents and Settings\vincent\Bureau\SDFix\apps\fix.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\FixBH.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\FIXCU.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\FIXLM.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\FixPath.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\FixRedir.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\FixWebCheck.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\fixXP.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\FixXPsp2.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\HPFix.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\HPFix2.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\HPFix3.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\ISADMIN.EXE C:\Documents and Settings\vincent\Bureau\SDFix\apps\leg2.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\legacy.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\legacybk.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\locate.com C:\Documents and Settings\vincent\Bureau\SDFix\apps\LS.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\MD5File.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\moveex.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\MyGcpvFix.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\MyGkFix2.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\Process.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\procs.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\psservice.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\RegDACL.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\Rem.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\Rem2.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\Replace\W2K.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\Replace\w2k\null.sys C:\Documents and Settings\vincent\Bureau\SDFix\apps\Replace\XP.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\Replace\xp\null.sys C:\Documents and Settings\vincent\Bureau\SDFix\apps\Reset_AppInit_DLLs.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\RestartIt!.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\Restore_SecurityCenter.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\Restore_SharedAccess.reg C:\Documents and Settings\vincent\Bureau\SDFix\apps\sc.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\SF.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\shutdown.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\srv2.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\svc.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\svcbk.txt C:\Documents and Settings\vincent\Bureau\SDFix\apps\swreg.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\swsc.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\unzip.exe C:\Documents and Settings\vincent\Bureau\SDFix\apps\WINMSG.EXE C:\Documents and Settings\vincent\Bureau\SDFix\apps\zip.exe C:\Documents and Settings\vincent\Bureau\SDFix\backups\attrib.exe C:\Documents and Settings\vincent\Bureau\SDFix\backups\backupreg.zip C:\Documents and Settings\vincent\Bureau\SDFix\backups\backups.zip C:\Documents and Settings\vincent\Bureau\SDFix\backups\find.exe C:\Documents and Settings\vincent\Bureau\SDFix\backups\findstr.exe C:\Documents and Settings\vincent\Bureau\SDFix\backups\HOSTS C:\Documents and Settings\vincent\Bureau\SDFix\backups\regedit.exe C:\Documents and Settings\vincent\Bureau\SDFix\catchme.exe C:\Documents and Settings\vincent\Bureau\SDFix\dummy.sys C:\Documents and Settings\vincent\Bureau\SDFix\Report.txt C:\Documents and Settings\vincent\Bureau\SDFix\RunThis.bat C:\Documents and Settings\vincent\Bureau\SDFix\SDFIX_ReadMe_Online.url C:\Documents and Settings\vincent\Bureau\SmitfraudFix C:\Documents and Settings\vincent\Bureau\SmitfraudFix.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\dumphive.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\exit.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\GenericRenosFix.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\HostsChk.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\Process.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\Reboot.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\restart.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\SmitfraudFix.cmd C:\Documents and Settings\vincent\Bureau\SmitfraudFix\SmiUpdate.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\SrchSTS.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\swreg.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\swsc.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\swxcacls.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\unzip.exe C:\Documents and Settings\vincent\Bureau\SmitfraudFix\VCCLSID.exe C:\Documents and Settings\vincent\Bureau\ToolsCleaner2.exe C:\WINDOWS\ERUNT C:\WINDOWS\ERUNT\SDFIX\DEFAULT C:\WINDOWS\ERUNT\SDFIX\ERDNT.CON C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE C:\WINDOWS\ERUNT\SDFIX\ERDNT.INF C:\WINDOWS\ERUNT\SDFIX\ERDNTDOS.LOC C:\WINDOWS\ERUNT\SDFIX\ERDNTWIN.LOC C:\WINDOWS\ERUNT\SDFIX\SAM C:\WINDOWS\ERUNT\SDFIX\SECURITY C:\WINDOWS\ERUNT\SDFIX\SOFTWARE C:\WINDOWS\ERUNT\SDFIX\SYSTEM C:\WINDOWS\ERUNT\SDFIX\Users000001\NTUSER.DAT C:\WINDOWS\ERUNT\SDFIX\Users000002\UsrClass.dat C:\WINDOWS\ERUNT\SDFIX_First_Run\DEFAULT C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.CON C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.INF C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNTDOS.LOC C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNTWIN.LOC C:\WINDOWS\ERUNT\SDFIX_First_Run\SAM C:\WINDOWS\ERUNT\SDFIX_First_Run\SECURITY C:\WINDOWS\ERUNT\SDFIX_First_Run\SOFTWARE C:\WINDOWS\ERUNT\SDFIX_First_Run\SYSTEM C:\WINDOWS\ERUNT\SDFIX_First_Run\Users000001\NTUSER.DAT C:\WINDOWS\ERUNT\SDFIX_First_Run\Users000002\UsrClass.dat C:\WINDOWS\system32\dumphive.exe C:\WINDOWS\system32\SrchSTS.exe C:\WINDOWS\system32\swxcacls.exe C:\WINDOWS\system32\VCCLSID.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-28 to 2007-09-30 )))))))))))))))))))))))))))))))))))) . 2007-09-30 16:26 <REP> d-------- C:\Program Files\Navilog1 2007-09-29 10:47 <REP> d-------- C:\Program Files\Panda Security 2007-09-26 23:26 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-26 22:01 <REP> d-------- C:\Program Files\Trend Micro 2007-09-25 23:30 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-25 22:43 2,614 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-25 21:39 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Bitdefender 2007-09-25 21:39 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender 2007-09-25 21:38 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender 2007-09-25 17:12 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2007-09-25 17:11 <REP> d-------- C:\Program Files\BitDefender 2007-09-24 19:16 <REP> d-------- C:\Program Files\Microsoft Works 2007-09-24 19:15 <REP> d-------- C:\Program Files\MSBuild 2007-09-24 19:14 <REP> d-------- C:\Program Files\Microsoft.NET 2007-09-24 19:10 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8 2007-09-24 19:09 <REP> d-------- C:\WINDOWS\SHELLNEW 2007-09-24 18:44 29,968 --a------ C:\WINDOWS\system32\mdimon.dll 2007-09-24 18:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help 2007-09-24 18:33 <REP> dr-h----- C:\MSOCache 2007-09-23 22:36 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Microsoft Web Folders 2007-09-23 20:55 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys 2007-09-23 20:55 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys 2007-09-23 20:55 <REP> d-------- C:\Program Files\Alcohol Soft 2007-09-18 22:37 <REP> d-------- C:\Program Files\Micro Application 2007-09-09 00:50 <REP> d-------- C:\Program Files\iTunes 2007-09-09 00:50 <REP> d-------- C:\Program Files\iPod 2007-09-05 19:25 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Media Player Classic 2007-09-05 19:23 740,442 --a------ C:\WINDOWS\system32\divx.dll 2007-09-05 19:23 73,728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-09-05 19:23 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-09-05 19:23 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-09-05 19:23 282,624 --a------ C:\WINDOWS\system32\xvidvfw.dll 2007-09-05 19:23 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll 2007-09-05 19:23 163,840 --a------ C:\WINDOWS\system32\unrar.dll 2007-09-05 19:23 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-09-05 19:23 <REP> d-------- C:\Program Files\K-Lite Codec Pack 2007-09-05 19:08 <REP> d-------- C:\Program Files\MP3 Player Utilities 3.68 2007-09-03 23:40 <REP> d-------- C:\Program Files\TagRename 2007-08-29 01:25 <REP> d-------- C:\Program Files\Medieval Software 2007-08-28 01:15 <REP> d-------- C:\Program Files\Fichiers communs\NSV 2007-08-27 20:29 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\EPSON 2007-08-27 17:23 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-08-26 20:07 <REP> d-------- C:\Program Files\Winamp 2007-08-24 13:37 225,280 --a------ C:\WINDOWS\system32\rewire.dll 2007-08-24 13:37 <REP> d-------- C:\Program Files\VstPlugins 2007-08-24 13:34 <REP> d-------- C:\Program Files\Image-Line 2007-08-20 21:05 <REP> d-------- C:\Program Files\HighCriteria 2007-08-19 21:04 <REP> d-------- C:\debridage-jojo-cx10 2007-08-17 22:36 <REP> d-------- C:\Program Files\Mio DigiWalker 2007-08-17 22:33 <REP> d-------- C:\Program Files\tcpmp 2007-08-17 21:25 32,128 --a------ C:\WINDOWS\system32\drivers\wceusbsh.sys 2007-08-17 21:25 32,128 --a------ C:\WINDOWS\system32\dllcache\wceusbsh.sys 2007-08-17 13:13 54,272 --a------ C:\WINDOWS\system32\DrvTrNTm.dll 2007-08-17 13:13 106,496 --a------ C:\WINDOWS\system32\DrvTrNTl.dll 2007-08-16 19:10 <REP> d-------- C:\WINDOWS\system32\Rawflow 2007-08-16 19:10 <REP> d-------- C:\Program Files\RawFlow 2007-08-16 19:06 3,753 --a------ C:\WINDOWS\mozver.dat 2007-08-15 23:15 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google 2007-08-15 22:28 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Lavasoft 2007-08-15 22:08 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-08-15 22:08 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll 2007-08-15 22:08 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier 2007-08-15 22:06 <REP> d-------- C:\WINDOWS\Internet Logs 2007-08-12 21:42 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\iPod2PC3 2007-08-12 21:33 <REP> d-------- C:\Program Files\Fichiers communs\eSellerate 2007-08-09 16:02 <REP> d-------- C:\REST2514 2007-08-09 16:01 <REP> d-------- C:\DOCUME~1\vincent\REST2514 2007-08-09 13:48 <REP> d-------- C:\Program Files\PC Inspector File Recovery 2007-08-04 23:13 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\COWON 2007-08-04 23:12 <REP> d-------- C:\Program Files\JetAudio 2007-08-04 23:12 <REP> d-------- C:\Program Files\Fichiers communs\COWON 2007-08-02 17:03 188,432 --a------ C:\WINDOWS\system32\drivers\bdfsfltr.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-30 20:48 --------- d-------- C:\Program Files\eMule 2007-09-30 14:37 --------- d-------- C:\Program Files\Wanadoo 2007-09-23 22:36 --------- d-------- C:\Program Files\microsoft frontpage 2007-09-18 22:37 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-06 23:14 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Azureus 2007-09-05 01:08 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Ahead 2007-08-29 15:27 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Apple Computer 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-20 15:54 77824 --a------ C:\WINDOWS\system32\xcomm.dll 2007-07-16 21:23 359808 --a------ C:\WINDOWS\system32\dllcache\TCPIP.SYS 2007-07-09 15:14 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-06-26 16:36 669696 --a------ C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-26 15:56 851968 --------- C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll 2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll 2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll 2007-06-15 10:12 96768 --a------ C:\WINDOWS\system32\dllcache\inseng.dll 2007-06-15 10:12 619008 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-15 10:12 55808 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-15 10:12 532480 --a------ C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-15 10:12 474624 --a------ C:\WINDOWS\system32\dllcache\shlwapi.dll 2007-06-15 10:12 449024 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-15 10:12 39424 --a------ C:\WINDOWS\system32\dllcache\pngfilt.dll 2007-06-15 10:12 357888 --a------ C:\WINDOWS\system32\dllcache\dxtmsft.dll 2007-06-15 10:12 3085312 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll 2007-06-15 10:12 251904 --a------ C:\WINDOWS\system32\dllcache\iepeers.dll 2007-06-15 10:12 205824 --a------ C:\WINDOWS\system32\dllcache\dxtrans.dll 2007-06-15 10:12 16384 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-15 10:12 152064 --a------ C:\WINDOWS\system32\dllcache\cdfview.dll 2007-06-15 10:12 1498624 --a------ C:\WINDOWS\system32\dllcache\shdocvw.dll 2007-06-15 10:12 146432 --a------ C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-15 10:12 1056768 --a------ C:\WINDOWS\system32\dllcache\danim.dll 2007-06-15 10:12 1023488 --a------ C:\WINDOWS\system32\dllcache\browseui.dll 2007-06-14 12:32 18432 --a------ C:\WINDOWS\system32\dllcache\iedw.exe 2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe 2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe . ((((((((((((((((((((((((((((( snapshot_2007-09-26_233152,50 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 39,424 2006-10-04 14:05:26 C:\WINDOWS\AppPatch\acadproc.dll ----a-w 284,160 2006-10-18 19:47:18 C:\WINDOWS\system32\PortableDeviceApi.dll ----a-w 166,912 2006-10-18 19:47:18 C:\WINDOWS\system32\PortableDeviceTypes.dll ----a-w 1,293,824 2005-08-30 04:16:04 C:\WINDOWS\system32\quartz.dll ----a-w 236,928 2007-03-15 16:16:48 C:\WINDOWS\system32\WgaLogon.dll ----a-w 133,632 2006-10-18 19:47:22 C:\WINDOWS\system32\WPDShServiceObj.dll ----a-w 165,376 2006-09-28 16:56:16 C:\WINDOWS\system32\WudfPlatform.dll ----a-w 55,808 2006-09-28 16:56:14 C:\WINDOWS\system32\WudfSvc.dll . ------w 39,424 2006-10-04 14:05:26 C:\WINDOWS\AppPatch\acadproc.dll ------w 284,160 2006-10-18 19:47:18 C:\WINDOWS\system32\PortableDeviceApi.dll ------w 166,912 2006-10-18 19:47:18 C:\WINDOWS\system32\PortableDeviceTypes.dll ------w 1,293,824 2005-08-30 04:16:04 C:\WINDOWS\system32\quartz.dll ------w 236,928 2007-03-15 16:16:48 C:\WINDOWS\system32\WgaLogon.dll ------w 133,632 2006-10-18 19:47:22 C:\WINDOWS\system32\WPDShServiceObj.dll ------w 165,376 2006-09-28 16:56:16 C:\WINDOWS\system32\WudfPlatform.dll ------w 55,808 2006-09-28 16:56:14 C:\WINDOWS\system32\WudfSvc.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-04-08 17:31] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-28 00:47] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53] "TotalRecorderScheduler"="C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" [2006-05-12 01:32] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-15 00:22] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 16:55] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-09-25 21:41] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-05 20:05] "ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-01-29 18:34] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-16 09:47] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2004-05-06 12:13] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme R1 bdftdif;bdftdif;\??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys R3 BDSelfPr;BDSelfPr;\??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe -kbdx S0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ssm_bus.sys S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\C:\WINDOWS\system32\ZDCndis5.SYS [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx scan . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-08 17:37:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-04-03 19:32:42 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-09-30 18:42:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-30 21:28:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ . Completion time: 2007-09-30 21:29:04 C:\ComboFix-quarantined-files.txt ... 2007-09-30 21:29 C:\ComboFix2.txt ... 2007-09-28 17:05 C:\ComboFix3.txt ... 2007-09-26 23:32 . --- E O F --- voila le rapport merci

Search Navipromo version 3.1.2 commencé le 30/09/2007 à 16:27:53,73 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 27.09.2007 a 18h00 by IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\vincent\Application Data *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1 *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR ====================================== Copyright 2005-2006 F-Secure Corporation. All rights reserved. This is a beta version. It will expire on 1st of October, 2007. Version information: 2.2.1064. [+] Started on 09/30/07 at 16:27:56. [+] Initializing ... [+] Starting scan, press Ctrl-C to abort. [+] Scanning for hidden items ...................................................................................... [+] Scan complete. [+] Summary: 0 hidden item(s) found, 0 scheduled for renaming. [+] Exited on 09/30/07 at 16:36:46 (return code = 0). *** Recherche avec GenericNaviSearch *** !!! Tous Ces résultats peuvent révéler des fichiers légitimes !!! !!! A verifier impérativement avant toute suppression manuelle !!! * Scan C:\WINDOWS\system32 * * Scan C:\Documents and Settings\vincent\local settings\application data * *** Recherche fichiers *** *** Recherche cles registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : 3)Recherche Certificats : Certificat Egroup absent ! *** Analyse Terminé le 30/09/2007 à 16:37:11,89 *** StartupList report, 30/09/2007, 16:38:40 StartupList version: 1.52.2 Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\vincent\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime SweetIM = C:\Program Files\Macrogaming\SweetIM\SweetIM.exe TotalRecorderScheduler = "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" WinampAgent = C:\Program Files\Winamp\winampa.exe iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" BDAgent = "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run LDM = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe ccleaner = "C:\Program Files\CCleaner\ccleaner.exe" /AUTO WOOKIT = C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" AlcoholAutomount = "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount SweetIM = C:\Program Files\Macrogaming\SweetIM\SweetIM.exe ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] = -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [KB910393] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{407408d4-94ed-4d86-ab69-a7f649d112ee}] * StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll - {02478D38-C3F9-4EFB-9B51-7695ECA05670} (no name) - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} SWEETIE - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - C:\Program Files\Windows Live Toolbar\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (no name) - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -------------------------------------------------- Enumerating Task Scheduler jobs: AppleSoftwareUpdate.job Rappel d'enregistrement 1.job Vérifier les mises à jour de Windows Live Toolbar.job -------------------------------------------------- Enumerating Download Program Files: [YInstStarter Class] InProcServer32 = C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll [unoCtrl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll CODEBASE = http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}] CODEBASE = http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab [MessengerStatsClient Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll CODEBASE = http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab [Java Plug-in 1.5.0_04] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Oberon Flash Game Host] InProcServer32 = C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll CODEBASE = http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services a347bus: system32\DRIVERS\a347bus.sys (system) a347scsi: System32\Drivers\a347scsi.sys (system) abp480n5: system32\DRIVERS\ABP480N5.SYS (system) Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) adpu160m: system32\DRIVERS\adpu160m.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Filtre de bus AGP Intel: system32\DRIVERS\agp440.sys (system) Filtre de bus AGP Compaq: system32\DRIVERS\agpCPQ.sys (system) Aha154x: system32\DRIVERS\aha154x.sys (system) aic78u2: system32\DRIVERS\aic78u2.sys (system) aic78xx: system32\DRIVERS\aic78xx.sys (system) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) AliIde: system32\DRIVERS\aliide.sys (system) Filtre de bus AGP ALI: system32\DRIVERS\alim1541.sys (system) Pilote de filtre du bus AMD AGP: system32\DRIVERS\amdagp.sys (system) amsint: system32\DRIVERS\amsint.sys (system) Apple Mobile Device: "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Ares Chatroom server: C:\Program Files\Ares\chatServer.exe (manual start) Protocole client ARP 1394: system32\DRIVERS\arp1394.sys (manual start) asc: system32\DRIVERS\asc.sys (system) asc3350p: system32\DRIVERS\asc3350p.sys (system) asc3550: system32\DRIVERS\asc3550.sys (system) Service d'état ASP.NET: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) bdfsfltr: s (manual start) bdftdif: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys (system) BDSelfPr: \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) catchme: \??\C:\DOCUME~1\vincent\LOCALS~1\Temp\catchme.sys (manual start) cbidf: system32\DRIVERS\cbidf2k.sys (system) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) cd20xrnt: system32\DRIVERS\cd20xrnt.sys (system) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) CmdIde: system32\DRIVERS\cmdide.sys (system) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Cpqarray: system32\DRIVERS\cpqarray.sys (system) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) dac2w2k: system32\DRIVERS\dac2w2k.sys (system) dac960nt: system32\DRIVERS\dac960nt.sys (system) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) dpti2o: system32\DRIVERS\dpti2o.sys (system) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Media Center Receiver Service: C:\WINDOWS\eHome\ehRecvr.exe (autostart) Service de planification Media Center: C:\WINDOWS\eHome\ehSched.exe (autostart) Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start) VIA Rhine-Family Fast Ethernet Adapter Driver Service: system32\DRIVERS\fetnd5bv.sys (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) France Telecom Routing Table Service: C:\WINDOWS\System32\FTRTSVC.exe (autostart) GEARAspiWDM: System32\Drivers\GEARAspiWDM.sys (manual start) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) hpn: system32\DRIVERS\hpn.sys (system) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) i2omp: system32\DRIVERS\i2omp.sys (system) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (manual start) InCD File System: system32\drivers\InCDFs.sys (disabled) InCDPass: system32\drivers\InCDPass.sys (system) InCD Reader: system32\drivers\InCDRm.sys (system) ini910u: system32\DRIVERS\ini910u.sys (system) Service for Realtek HD Audio (WDM): system32\drivers\RtkHDAud.sys (manual start) IntelIde: system32\DRIVERS\intelide.sys (system) Pilote de processeur Intel: system32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: system32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) Service de l'iPod: "C:\Program Files\iPod\bin\iPodService.exe" (manual start) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Pilote HID de clavier: system32\DRIVERS\kbdhid.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) BitDefender Desktop Update Service: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Logitech AEC Driver: system32\DRIVERS\LVcKap.sys (manual start) Logitech Machine Vision Engine Loader: system32\DRIVERS\LVMVDrv.sys (manual start) Logitech LVPr2Mon Driver: system32\drivers\LVPr2Mon.sys (manual start) Logitech Process Monitor: c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (autostart) LVSrvLauncher: C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe (autostart) Logitech USB Monitor Filter: system32\drivers\lvusbsta.sys (manual start) Media Center Extender Service: C:\WINDOWS\ehome\mcrdsvc.exe (autostart) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) MHN: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote MHN: system32\DRIVERS\mhndrv.sys (manual start) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) mraid35x: system32\DRIVERS\mraid35x.sys (system) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: system32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) nv: system32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Microsoft Office Diagnostics Service: "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE" (manual start) Contrôleur hôte compatible IEE 1394 VIA OHCI: system32\DRIVERS\ohci1394.sys (system) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCAMPR5.SYS (manual start) PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCANDIS5.SYS (manual start) Pilote de bus PCI: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) perc2: system32\DRIVERS\perc2.sys (system) perc2hib: system32\DRIVERS\perc2hib.sys (system) Logitech QuickCam Express(PID_0928): system32\DRIVERS\LV561AV.SYS (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Pilote processeur: system32\DRIVERS\processr.sys (system) Profos: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) ql1080: system32\DRIVERS\ql1080.sys (system) Ql10wnt: system32\DRIVERS\ql10wnt.sys (system) ql12160: system32\DRIVERS\ql12160.sys (system) ql1240: system32\DRIVERS\ql1240.sys (system) ql1280: system32\DRIVERS\ql1280.sys (system) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Pilote de redirecteur de périphérique Terminal Server: system32\DRIVERS\rdpdr.sys (manual start) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) BitDefender Threat Scanner: %SystemRoot%\System32\svchost.exe -kbdx (manual start) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (autostart) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Filtre de bus AGP SIS: system32\DRIVERS\sisagp.sys (system) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Sparrow: system32\DRIVERS\sparrow.sys (system) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) sptd: System32\Drivers\sptd.sys (system) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) SAMSUNG Mobile USB Device II 1.0 driver (WDM): system32\DRIVERS\ssm_bus.sys (manual start) SAMSUNG Mobile USB Modem II 1.0 Filter: system32\DRIVERS\ssm_mdfl.sys (manual start) SAMSUNG Mobile USB Modem II 1.0 Drivers: system32\DRIVERS\ssm_mdm.sys (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{AADE30EB-1D4E-44DA-8995-5896DD8BE5DE} (manual start) symc810: system32\DRIVERS\symc810.sys (system) symc8xx: system32\DRIVERS\symc8xx.sys (system) sym_hi: system32\DRIVERS\sym_hi.sys (system) sym_u3: system32\DRIVERS\sym_u3.sys (system) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled) TosIde: system32\DRIVERS\toside.sys (system) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Trufos: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys (manual start) ultra: system32\DRIVERS\ultra.sys (system) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: system32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: system32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Filtre de bus AGP VIA: system32\DRIVERS\viaagp.sys (system) ViaIde: system32\DRIVERS\viaidexp.sys (system) : system32\DRIVERS\viamraid.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) BitDefender Virus Shield: "C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service (autostart) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) Windows CE USB Serial Host Driver: system32\DRIVERS\wceusbsh.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start) WpdUsb: system32\DRIVERS\wpdusb.sys (manual start) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (system) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) BitDefender Communicator: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) ZDCndis5 Protocol Driver: \??\C:\WINDOWS\system32\ZDCndis5.SYS (manual start) ZDPSp50 NDIS Protocol Driver: System32\Drivers\ZDPSp50.sys (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\DOCUME~1\vincent\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\vincent\Cookies\index.dat -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 42 465 bytes Report generated in 0,297 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only voila merci encore. comment faire pour effacer l'icone dapplication toolscleaner 2 que j'ai sur mon bureau. peut tu me conseiller un antivirus ,par feux gratuit ect tout pour proteger mon pc. merci

le fichier exe toolscleaner 2 sur mon bureau jarrive pas a la supprimer. sa me dit qun autre programme l'utilise ou un autre utilisateur. j'ai essayer de l'effacer en mode sans echec mais sans resultat.