platinium22

--- 22-09-2014 à 11h43 --- Bonjour a tous. je me trouve face a un probleme etrange. A chaque redemarrage du pc celui-ci demarre en mode par defaut. La barre des langues se remet sans cesse sur Francais( france) alors que je le configure sur Francais ( Belgique), le bloc note a disparu, le fond d'ecran disparait, l'icone mozilla disparait de la barre des taches. Lorsque je veux publier une photo sur FB, je ne peux emprunter le chemin classique. Enfin, bon nombres de petites choses agacantes. Je suis sous windows 7 familliale Je vais effectuer un hitjackis et poster le rapport Merci pour votre aide --- 22-09-2014 à 11h48 --- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:38:07, on 22/09/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\config\systemprofile\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra button: (no name) - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file) O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Agent (MaConfigAgent) - Unknown owner - C:\Program Files\ma-config.com\MaConfigAgent.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Installer (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 21729 bytes --- 22-09-2014 à 13h40 --- ce pc n'est pas le mien. Je dois y aller. je vérifierai ce post a mon prochain passage ici Merci pour votre compréhension. -édit- Dans cette section, il ne faut pas multiplier les messages dans ton sujet avant d'avoir été pris en charge : au vu de la présence d'une « réponse », les helpers ne s'y intéresseront pas, croyant le problème pris en mains par l'un des leurs. Utilise plutôt la touche « Modifier » située en bas à droite de ton premier message…

Un tout grand merci a vous deux

JAVA: JavaUpdate (Pierre13) Rapport du 08\04\2014 à 20:04:17 PC de Lyly Version de Windows : Windows 7 Home Premium Service Pack 1 (64 bits) Dernière version 7 Update 51 Java 7 Update 51 installée ! Mise à jour automatique de Java désactivée. Fin du rapport. Le rapport est sur le bureau : C:\Users\Lyly\Desktop\Rapport_JavaUpdate.txt ADOBE READER: Rapport Adobe Reader Update (Pierre13) 08/04/2014 => 20:10:49 PC : Lyly Version de Windows : Windows 7 Home Premium Service Pack 1 (64 bits) Adobe reader est déjà installé. (08/04/2014) Adobe Reader XI (11.0.06) - Français Fin du rapport. Le rapport est sur le bureau (C:\Users\Lyly\Desktop\Rapport_ADRUpdate.txt) Le pc a l'air de fonctionner correctement. Si des problemes reviennent, je sais ou aller Par contre j'ai cette banniere qui s'ouvre sur la gauche de l'ecran http://cjoint.com/?0DiurQKnIqy

Merci pierre. J'ai fais l'instal du viisual. je fais les tests

Re. Le scan MLB a ete effectue deux fois mais le programme plante a chaque fois que je veux faire le rapport txt. J'ai tout mis en quarantaine.

ok. Dois je faire les autres tests qui n'ont pas pu etre fait?

suite a ca, j'ai pu installer MLB. Le scan est en cour De quoi parles tu avec " ce bidule"? Ici, j'ai juste vide le cache

Rkill 2.6.5 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2014 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 04/08/2014 05:48:46 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Users\Lyly\Adobe Version Cue CS2\bin\VersionCueCS2.exe (PID: 1952) [uP-HEUR] * C:\Users\Lyly\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe (PID: 2196) [uP-HEUR] * C:\Users\Lyly\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (PID: 2648) [uP-HEUR] * C:\Users\Lyly\Adobe Acrobat 7.0\Distillr\acrotray.exe (PID: 2880) [FI] 4 proccesses terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 04/08/2014 05:52:18 PM Execution time: 0 hours(s), 3 minute(s), and 32 seconds(s) Malwarebyte toujours pas op

http://cjoint.com/?0DirB3o6kuF Erreur, plop ne va pas non plus :-/ Ca en devient inquietant

je viens d'essayer avec ton mlb et toujours pareil. C'est carrement etrange

oui, je fais clic droit et executer en tant qu'admin. Atf effectue....

malwarebytes non plus ne veut rien savoir. Ca me dit que le fichier setup est corrompu et que je dois obtenir une nouvelle version. je l'ai donc supprime et retelecharge en suivant ton lien et toujours pareil

http://cjoint.com/?0DiqEbNYPxJ Le programme ne veut pas se lancer. Voici un print screen de l'erreur

Desole, je m'etais trompe de fichier texte. Celui-ci est bon, du moins c'est celui qui est apparu sur le bureau apres le scan http://cjoint.com/?DDiqoSDKPOp

oups, je pense que la c'est le bon ...desole http://cjoint.com/?DDiqoSDKPOp

http://cjoint.com/?DDiqjjFnLJA Evidemmment que je lis lol . J"ai juste omis le fait que les pieces jointes c'est pour le forum xp et vista ^-^

Bonjour Apollo. Merci pour ta reponse rapide Je te joints le rapport. par contre, je ne vois pas ou se trouve " joindre un fichier"

Bonjour a tous, Je me trouve sur le pc portable d'une amie et celui-ci reagit bizarrement. L'anti-virus fonctionne quand il veut bien, firefox de meme et la connection n'en fait qu'a sa tete. J'ai desinstaller Avast en mode sans echec avec le programme requis sur leur site car celui-ci ne repondait a aucune commande. Je l'ai reinstalle par la suite et effectue un scan minutieux. il a trouve un trojan que j'ai supprime. le pc fonctionnait plus ou moins bien.... Probleme de chargement de page. Je pensais que c'etait firefox qui bugguait. Pas moyen de le reinstaller autrement qu'en mode sans echec. Bizarre non? A present, firefox se lance ou pas et quand il se lance ca rame enormement pour afficher une page voir pas du tout ( ma connection fonctionne bien ) Que dois je faire? Merci

bonjour pear concernant le bloc-note , il n'y a pas de fusionner au clic droit. voici le resultat de otmoveit: C:\DOCUME~1\Patrick\Application Data\GDIPFONTCACHEV1.DAT moved successfully. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08192008_231455 et encore merci pour ton aide et ta patience

bonjour pear, voici le rapport combo mais tjs sans la console de recuperation. ComboFix 08-08-04.01 - Patrick 2008-08-08 13:32:57.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.219 [GMT 2:00] Endroit: C:\Documents and Settings\Patrick\Bureau\ComboFix.exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-08 to 2008-08-08 )))))))))))))))))))))))))))))))))))) . 2008-08-07 22:45 . 2008-08-07 22:45 <REP> d-------- C:\WINDOWS\Sun 2008-08-07 22:43 . 2008-08-07 22:43 <REP> d-------- C:\Program Files\Sun 2008-08-07 22:43 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-08-07 22:42 . 2008-08-07 22:43 <REP> d-------- C:\Program Files\Java 2008-08-07 22:40 . 2008-08-07 22:40 <REP> d-------- C:\Program Files\Fichiers communs\Java 2008-08-07 20:38 . 2008-08-07 20:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2008-08-07 20:38 . 2008-07-09 09:05 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll 2008-08-07 20:38 . 2008-07-09 09:05 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll 2008-08-07 20:38 . 2008-07-09 09:05 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll 2008-08-07 20:38 . 2008-07-09 09:05 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll 2008-08-07 20:38 . 2008-08-07 20:41 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2008-08-07 20:37 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe 2008-08-07 20:28 . 2008-08-07 20:28 <REP> d-------- C:\Program Files\Zone Labs 2008-08-07 20:06 . 2008-08-07 22:12 <REP> d-------- C:\WINDOWS\Internet Logs 2008-08-06 21:45 . 2008-08-06 21:45 86,792 --a------ C:\WINDOWS\system32\drivers\bdfndisf.sys 2008-08-05 19:12 . 2008-08-05 19:12 <REP> d-------- C:\Program Files\Avira 2008-08-05 19:12 . 2008-08-05 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-04 22:59 . 2008-08-06 21:04 <REP> d-------- C:\Lop SD 2008-08-04 22:43 . 2008-08-06 21:04 <REP> d-------- C:\Toolbar SD 2008-07-18 20:39 . 2008-07-18 20:39 587,264 --a------ C:\WINDOWS\WLXPGSS.SCR . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-08 09:37 --------- d-----w C:\Program Files\eMule 2008-08-07 19:41 1,330,688 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-08-06 19:05 --------- d-----w C:\Program Files\Symantec 2008-08-06 19:03 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-08-06 18:57 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-08-04 20:48 --------- d-----w C:\Program Files\MSN Messenger 2008-07-31 17:50 90,112 ----a-w C:\WINDOWS\DUMP6793.tmp 2008-07-31 17:48 90,112 ----a-w C:\WINDOWS\DUMP67a4.tmp 2008-07-31 17:47 90,112 ----a-w C:\WINDOWS\DUMP68ac.tmp 2008-07-28 21:57 90,112 ----a-w C:\WINDOWS\DUMP883b.tmp 2008-07-26 16:49 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-07-25 15:05 90,112 ----a-w C:\WINDOWS\DUMP6b5c.tmp 2008-07-25 14:44 90,112 ----a-w C:\WINDOWS\DUMP6188.tmp 2008-07-25 14:40 90,112 ----a-w C:\WINDOWS\DUMP60cd.tmp 2008-07-25 14:29 90,112 ----a-w C:\WINDOWS\DUMP6002.tmp 2008-07-09 07:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll 2008-06-30 16:47 90,112 ----a-w C:\WINDOWS\DUMP8954.tmp 2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-09 19:34 90,112 ----a-w C:\WINDOWS\DUMP7b4a.tmp 2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-05-08 18:46 90,112 ----a-w C:\WINDOWS\DUMP74f1.tmp 2008-05-08 18:01 90,112 ----a-w C:\WINDOWS\DUMP7416.tmp 2008-05-08 17:55 90,112 ----a-w C:\WINDOWS\DUMP760a.tmp 2008-05-08 17:36 90,112 ----a-w C:\WINDOWS\DUMP6d02.tmp 2008-05-08 11:18 90,112 ----a-w C:\WINDOWS\DUMP7d4e.tmp 2008-04-13 11:28 456 -c--a-w C:\DOCUME~1\Patrick\Application Data\wklnhst.dat 2008-01-30 19:23 37,192 -c--a-w C:\DOCUME~1\Patrick\Application Data\GDIPFONTCACHEV1.DAT 2006-06-04 13:41 24,576 -c--a-w C:\Program Files\axvlc.oca 2006-05-07 19:24 677 -c--a-w C:\Program Files\EN.lng 2006-05-07 19:23 741 -c--a-w C:\Program Files\FR.lng . ------- Sigcheck ------- 2001-08-28 14:00 13312 f95275cf5e7c30cea58b0b1b7b40210f C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe 2004-08-20 01:09 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe 2004-08-20 01:09 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\system32\ctfmon.exe . ((((((((((((((((((((((((((((( snapshot@2008-08-05_18.50.46.25 ))))))))))))))))))))))))))))))))))))))))) . + 2008-02-04 09:10:10 208,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingDevice.dll + 2008-02-04 09:06:54 417,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingServices.dll + 2008-02-04 09:08:42 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\LiveAlbumXCtrl.dll + 2008-02-04 09:07:46 1,779,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\MicrosoftEffects.dll + 2008-02-04 09:05:04 46,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\PhotoViewerShim.dll + 2008-02-04 09:06:46 372,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXAlbumDownloadWizard.exe + 2008-02-01 10:23:12 279,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\wlxclip.dll + 2008-02-01 10:13:40 191,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXDSPA.dll + 2008-02-04 09:10:02 130,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXGrinderScheduler.dll + 2008-02-04 09:06:00 59,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXImageTranscode.dll + 2008-02-04 09:08:26 712,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXMediaPublishSubscribe.dll + 2008-02-01 10:17:40 587,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPGSS.SCR + 2008-02-04 09:07:22 1,565,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcq.dll + 2008-02-01 10:13:40 227,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcquireWizard.exe + 2008-02-04 09:08:38 86,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoCinematic.dll + 2008-02-04 09:08:32 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoClassic.dll + 2008-02-04 09:09:08 125,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGallery.exe + 2008-02-01 10:13:42 16,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGalleryRepair.exe + 2008-02-04 09:06:54 394,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoLibraryDatabase.dll + 2008-02-04 09:06:20 1,515,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoViewer.dll + 2008-02-04 09:06:20 1,250,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoVoyager.dll + 2008-02-04 09:06:18 752,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipeline.dll + 2008-02-04 09:06:14 734,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipetran.dll + 2008-02-01 10:13:42 101,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHost.exe + 2008-02-04 09:05:00 20,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHostPS.dll + 2008-02-04 09:05:04 53,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeShellExt.dll + 2008-02-04 09:08:42 85,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXThumbCache.dll + 2008-02-04 09:10:04 144,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVAFilt.dll + 2008-02-04 09:07:40 675,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoAcquireWizard.exe + 2008-02-04 09:07:10 69,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoCameraAutoPlayManager.exe + 2008-02-04 09:10:10 165,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoTrim.dll - 2008-02-29 23:25:15 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe + 2008-08-07 17:20:16 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe + 2008-05-09 11:15:51 45,376 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys + 2008-01-21 16:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys + 2008-06-27 13:03:55 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys + 2007-07-19 13:10:28 127,768 ----a-w C:\WINDOWS\system32\drivers\klif.sys + 2007-03-01 08:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys + 2008-06-09 23:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe + 2008-06-09 23:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe + 2008-06-10 00:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe + 2008-07-09 07:05:08 796,048 ----a-w C:\WINDOWS\system32\libeay32_0.9.6l.dll - 2003-02-21 02:42:22 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll + 2003-02-21 17:42:22 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll + 2004-04-27 02:40:52 11,264 ----a-w C:\WINDOWS\system32\SpOrder.dll + 2008-07-09 07:05:10 83,432 ----a-w C:\WINDOWS\system32\vsdata.dll + 2008-07-09 07:05:22 394,952 ----a-w C:\WINDOWS\system32\vsdatant.sys + 2008-07-09 07:05:10 157,160 ----a-w C:\WINDOWS\system32\vsinit.dll + 2008-07-09 07:05:10 103,912 ----a-w C:\WINDOWS\system32\vsmonapi.dll + 2008-07-09 07:05:10 275,944 ----a-w C:\WINDOWS\system32\vspubapi.dll + 2008-07-09 07:05:10 71,144 ----a-w C:\WINDOWS\system32\vsregexp.dll + 2008-07-09 07:05:12 472,552 ----a-w C:\WINDOWS\system32\vsutil.dll + 2008-07-09 07:05:12 46,568 ----a-w C:\WINDOWS\system32\vswmi.dll + 2008-07-09 07:05:12 99,816 ----a-w C:\WINDOWS\system32\vsxml.dll + 2008-07-09 07:05:12 83,432 ----a-w C:\WINDOWS\system32\zlcomm.dll + 2008-07-09 07:05:12 71,144 ----a-w C:\WINDOWS\system32\zlcommdb.dll + 2008-07-09 07:05:06 370,208 ----a-w C:\WINDOWS\system32\ZoneLabs\av.dll + 2008-07-09 07:05:36 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll + 2007-05-30 22:03:30 65,248 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat + 2006-06-30 12:47:36 21,568 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll + 2007-05-30 22:03:30 1,628 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\pdmkl.dat + 2007-05-30 22:03:16 77,824 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll + 2007-05-30 22:03:16 110,592 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll + 2007-05-30 22:03:16 331,776 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll + 2007-05-30 22:03:16 38,400 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll + 2006-09-19 21:12:14 208,960 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll + 2007-12-03 12:53:58 282,624 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll + 2006-12-19 16:13:52 1,093,632 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll + 2007-05-30 22:03:20 548,864 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll + 2007-05-30 22:03:20 626,688 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll + 2007-05-30 22:03:18 184,320 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll + 2007-05-30 22:03:22 90,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll + 2007-12-03 12:53:58 139,264 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe + 2006-12-19 16:13:52 200,704 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll + 2008-07-09 07:05:06 99,816 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd.dll + 2008-07-09 07:05:36 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll + 2004-01-30 10:35:08 813,568 ----a-w C:\WINDOWS\system32\ZoneLabs\dbghelp.dll + 2008-07-09 07:05:08 128,480 ----a-w C:\WINDOWS\system32\ZoneLabs\fbl.dll + 2008-07-09 07:05:08 38,376 ----a-w C:\WINDOWS\system32\ZoneLabs\featuremap.dll + 2008-07-09 07:05:08 321,016 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure.dll + 2008-07-09 07:05:42 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll + 2008-07-09 07:05:38 288,144 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll + 2008-07-09 07:05:42 152,976 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll + 2008-07-09 07:05:24 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll + 2008-07-09 07:05:24 1,361,296 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll + 2008-07-09 07:05:24 71,056 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll + 2008-07-09 07:06:26 30,184 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll + 2008-07-09 07:06:26 30,216 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll + 2008-02-27 01:10:26 714,208 ----a-w C:\WINDOWS\system32\ZoneLabs\qrbase.dll + 2008-02-27 01:10:28 792,032 ----a-w C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll + 2008-07-09 07:05:08 173,544 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler.dll + 2008-07-09 07:05:44 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll + 2008-01-21 06:34:36 7,603,688 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat + 2008-02-27 01:10:32 1,504,736 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.dll + 2008-02-27 01:10:44 51,176 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.sys + 2008-07-09 07:05:10 456,168 ----a-w C:\WINDOWS\system32\ZoneLabs\ssleay32.dll + 2008-07-09 07:06:26 214,528 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll + 2008-07-09 07:06:30 3,266,040 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll + 2008-07-09 07:05:42 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll + 2006-09-04 18:59:14 503,875 ----a-w C:\WINDOWS\system32\ZoneLabs\upd_core.dll + 2007-10-11 14:50:32 832,984 ----a-w C:\WINDOWS\system32\ZoneLabs\updating.dll + 2008-07-09 07:05:18 144,936 ----a-w C:\WINDOWS\system32\ZoneLabs\updclient.exe + 2008-07-09 07:05:44 75,152 ----a-w C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll + 2007-01-11 15:31:06 286,787 ----a-w C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll + 2008-07-09 07:05:10 108,008 ----a-w C:\WINDOWS\system32\ZoneLabs\vsavpro.dll + 2008-07-09 07:05:10 83,432 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb.dll + 2008-07-09 07:05:44 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll + 2008-07-09 07:05:18 75,304 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe + 2008-07-09 07:05:44 46,480 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll + 2008-07-09 07:05:10 2,029,032 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmondll.dll + 2008-07-09 07:05:12 1,361,384 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb.dll + 2008-07-09 07:05:44 198,032 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll + 2008-07-09 07:05:12 239,080 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault.dll + 2008-07-09 07:05:44 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll + 2008-01-21 06:34:36 7,603,688 ----a-w C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat + 2008-07-09 07:05:12 177,640 ----a-w C:\WINDOWS\system32\ZoneLabs\zlparser.dll + 2008-07-09 07:05:12 79,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll + 2008-07-09 07:05:44 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll + 2008-07-09 07:05:14 382,440 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre.dll + 2008-07-09 07:05:44 21,904 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll + 2008-07-09 07:05:14 120,296 ----a-w C:\WINDOWS\system32\ZoneLabs\zlupdate.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL" [2003-09-25 05:32 49152] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184] "RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe" [2002-11-21 10:33 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-09-25 05:32 5033984] "type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2004-03-19 06:30 184320] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2004-03-19 06:29 212992] "SBDrvDet"="C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 19:06 45056] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-07-28 15:00 155648] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-22 15:55 98304] "CloneCDElbyCDFL"="C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" [2002-11-02 08:33 45056] "CloneCDTray"="C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" [2002-12-02 16:17 73728] "SetIcon"="C:\Program Files\SMSC\Seticon.exe" [2003-05-01 14:37 40448] "HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb11.exe" [2004-04-06 12:28 172032] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 16:18 241664] "HPHmon06"="C:\WINDOWS\System32\hphmon06.exe" [2004-06-07 06:43 659456] "EPSON Stylus D68 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" [2005-01-25 06:00 98304] "snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2004-12-16 19:55 339968] "CTSysVol"="C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 10:18 49152] "CTDVDDet"="C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 02:00 45056] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 09:05 919016] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "nwiz"="nwiz.exe" [2003-09-25 05:32 741376 C:\WINDOWS\system32\nwiz.exe] "CTHelper"="CTHELPER.EXE" [2003-04-10 03:36 28672 C:\WINDOWS\system32\CTHELPER.EXE] "AsioReg"="CTASIO.DLL" [2003-03-25 07:21 118784 C:\WINDOWS\system32\CTASIO.DLL] "nForce Tray Options"="sstray.exe" [2003-08-13 06:25 73728 C:\WINDOWS\system32\sstray.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360] C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\D‚marrage\ Color Calibration.lnk - C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe [2005-01-19 19:09:37 36864] InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2005-02-13 14:40:21 77824] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360] Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe [2007-08-07 13:24:53 659456] Recherche sur le bureau de Windows.lnk - C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-be\bin\WindowsSearch.exe [2005-09-20 18:10:04 238080] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.3iv2"= 3ivxVfWCodec.dll "VIDC.VP31"= vp31vfw.dll "msacm.l3fhg"= mp3fhg.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\quake 3\\quake3.exe"= "C:\\Program Files\\MSN Gaming Zone\\Windows\\chkrzm.exe"= "C:\\Program Files\\eMule\\emule.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\DRIVERS\avgntmgr.sys [2008-01-21 18:11] R0 ElbyVCD;ElbyVCD;C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [2002-11-28 12:43] R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2003-05-30 10:05] R0 xmasbus;xmasbus;C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 18:24] R0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-23 03:15] R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys [2008-05-09 13:15] R3 ctgame;Game Port;C:\WINDOWS\system32\DRIVERS\ctgame.sys [2002-12-30 07:53] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ba7338e-d024-11db-a618-0006f40ce1e8}] \Shell\AutoRun\command - E:\LaunchU3.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' 2008-08-08 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20] . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\DOCUME~1\Patrick\Application Data\Mozilla\Firefox\Profiles\fn08kmur.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-08 13:37:53 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... ************************************************************************** . Temps d'accomplissement: 2008-08-08 13:42:29 ComboFix-quarantined-files.txt 2008-08-08 11:41:27 ComboFix2.txt 2008-08-05 16:52:29 Pre-Run: 30,137,679,872 octets libres Post-Run: 30,354,001,920 octets libres 295 --- E O F --- 2008-08-07 17:20:19

voila j'ai fais ce qui etait demande. le scan de antivir ne se fait pas. la fenetre du scan apparait et disparait aussi tot

desole pear mais ie se bloque, je ne sais pas scanner le pc avec rien. j'ai voulu faire un scan avec ad-aware 2008 et le pc a rbooter en boucle j'ai resuiis a faire un rapport hijakths que je poste: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:58:22, on 7/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe C:\Program Files\SMSC\Seticon.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE C:\WINDOWS\vsnpstd3.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Patrick\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" O4 - HKLM\..\Run: [setIcon] C:\Program Files\SMSC\Seticon.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb11.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\System32\hphmon06.exe O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB002" /M "Stylus D68" O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Color Calibration.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O4 - Global Startup: Recherche sur le bureau de Windows.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-be\bin\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Patrick\Mes documents\Mes fichiers reçus\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Patrick\Mes documents\Mes fichiers reçus\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 10326 bytes

bonjour pear, merci pour tout et antivirus choisit (antivir) connaissez vous un bon pare-feu gratuit? j'ai fais un edit: je rectifie je crois qu'il y a de nouveau une infection, explorer se bloque et antivi est stoppe et pas moyen de le reactiver

voiil scan d'antivir (que je vais laisser sur le pc) Avira AntiVir Personal Report file date: mardi 5 août 2008 22:32 Scanning for 1536642 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: Patrick Computer name: MON-4YHF1S8JLYR Version information: BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 4/08/2008 20:25:27 ANTIVIR3.VDF : 7.0.5.217 80896 Bytes 5/08/2008 20:25:28 Engineversion : 8.1.1.15 AEVDF.DLL : 8.1.0.5 102772 Bytes 9/07/2008 08:46:50 AESCRIPT.DLL : 8.1.0.61 311675 Bytes 5/08/2008 20:25:42 AESCN.DLL : 8.1.0.23 119156 Bytes 5/08/2008 20:25:41 AERDL.DLL : 8.1.0.20 418165 Bytes 9/07/2008 08:46:50 AEPACK.DLL : 8.1.2.1 364917 Bytes 5/08/2008 20:25:40 AEOFFICE.DLL : 8.1.0.21 192891 Bytes 5/08/2008 20:25:38 AEHEUR.DLL : 8.1.0.44 1343863 Bytes 5/08/2008 20:25:37 AEHELP.DLL : 8.1.0.15 115063 Bytes 9/07/2008 08:46:50 AEGEN.DLL : 8.1.0.32 315765 Bytes 5/08/2008 20:25:33 AEEMU.DLL : 8.1.0.7 430452 Bytes 5/08/2008 20:25:31 AECORE.DLL : 8.1.1.8 172406 Bytes 5/08/2008 20:25:30 AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42 AVWINLL.DLL : 1.0.0.12 15105 Bytes 9/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 5/08/2008 20:25:29 AVREG.DLL : 8.0.0.1 33537 Bytes 9/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mardi 5 août 2008 22:32 Starting search for hidden objects. The driver could not be initialized. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'aawservice.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 12 processes with 12 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Master boot sector HD2 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Master boot sector HD3 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Master boot sector HD4 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '68' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Toolbar SD\Backup-TB\Program Files\ShoppingReport\Uninst.exe [DETECTION] Contains recognition pattern of the DR/MartShop.2 dropper [NOTE] A backup was created as '4901c8e3.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] The driver could not be initialized. [NOTE] The file was deleted! End of the scan: mercredi 6 août 2008 00:06 Used time: 1:34:04 Hour(s) The scan has been done completely. 5667 Scanning directories 233754 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 1 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 233752 Files not concerned 1473 Archives were scanned 5 Warnings 1 Notes Rapport hijakthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:34:00, on 6/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe C:\Program Files\SMSC\Seticon.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\System32\hphmon06.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE C:\WINDOWS\vsnpstd3.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\RALINK\Common\RaUI.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Patrick\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" O4 - HKLM\..\Run: [setIcon] C:\Program Files\SMSC\Seticon.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb11.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\System32\hphmon06.exe O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB002" /M "Stylus D68" O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Color Calibration.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O4 - Global Startup: Recherche sur le bureau de Windows.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-be\bin\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Patrick\Mes documents\Mes fichiers reçus\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Patrick\Mes documents\Mes fichiers reçus\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 10717 bytes Merci pour tout je pense que c'est ok. il ne reste que des problemes materiel Bravo pour votre travail continue ainsi

bonjour voici le rapport combo fix ComboFix 08-08-04.01 - Patrick 2008-08-05 18:42:16.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.294 [GMT 2:00] Endroit: C:\DOCUME~1\Patrick\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-05 to 2008-08-05 )))))))))))))))))))))))))))))))))))) . 2008-08-04 22:59 . 2008-08-04 23:07 <REP> d-------- C:\Lop SD 2008-08-04 22:43 . 2008-08-04 22:50 <REP> d-------- C:\Toolbar SD . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-05 16:45 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-08-04 20:48 --------- d-----w C:\Program Files\MSN Messenger 2008-07-31 17:50 90,112 ----a-w C:\WINDOWS\DUMP6793.tmp 2008-07-31 17:48 90,112 ----a-w C:\WINDOWS\DUMP67a4.tmp 2008-07-31 17:47 90,112 ----a-w C:\WINDOWS\DUMP68ac.tmp 2008-07-28 21:57 90,112 ----a-w C:\WINDOWS\DUMP883b.tmp 2008-07-27 19:35 --------- d-----w C:\Program Files\eMule 2008-07-26 16:49 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-07-25 15:05 90,112 ----a-w C:\WINDOWS\DUMP6b5c.tmp 2008-07-25 14:44 90,112 ----a-w C:\WINDOWS\DUMP6188.tmp 2008-07-25 14:40 90,112 ----a-w C:\WINDOWS\DUMP60cd.tmp 2008-07-25 14:29 90,112 ----a-w C:\WINDOWS\DUMP6002.tmp 2008-07-03 09:34 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys 2008-06-30 16:47 90,112 ----a-w C:\WINDOWS\DUMP8954.tmp 2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-09 19:34 90,112 ----a-w C:\WINDOWS\DUMP7b4a.tmp 2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-05-08 18:46 90,112 ----a-w C:\WINDOWS\DUMP74f1.tmp 2008-05-08 18:01 90,112 ----a-w C:\WINDOWS\DUMP7416.tmp 2008-05-08 17:55 90,112 ----a-w C:\WINDOWS\DUMP760a.tmp 2008-05-08 17:36 90,112 ----a-w C:\WINDOWS\DUMP6d02.tmp 2008-05-08 11:18 90,112 ----a-w C:\WINDOWS\DUMP7d4e.tmp 2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2008-04-13 11:28 456 -c--a-w C:\DOCUME~1\Patrick\Application Data\wklnhst.dat 2008-04-13 11:28 456 -c--a-w C:\DOCUME~1\Patrick\Application Data\wklnhst.dat 2008-01-30 19:23 37,192 -c--a-w C:\DOCUME~1\Patrick\Application Data\GDIPFONTCACHEV1.DAT 2008-01-30 19:23 37,192 -c--a-w C:\DOCUME~1\Patrick\Application Data\GDIPFONTCACHEV1.DAT 2006-06-04 13:41 24,576 -c--a-w C:\Program Files\axvlc.oca 2006-05-07 19:24 677 -c--a-w C:\Program Files\EN.lng 2006-05-07 19:23 741 -c--a-w C:\Program Files\FR.lng . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL" [2003-09-25 05:32 49152] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184] "RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe" [2002-11-21 10:33 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-09-25 05:32 5033984] "type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2004-03-19 06:30 184320] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2004-03-19 06:29 212992] "SBDrvDet"="C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 19:06 45056] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2004-07-28 15:00 155648] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-22 15:55 98304] "CloneCDElbyCDFL"="C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" [2002-11-02 08:33 45056] "CloneCDTray"="C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" [2002-12-02 16:17 73728] "SetIcon"="C:\Program Files\SMSC\Seticon.exe" [2003-05-01 14:37 40448] "HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb11.exe" [2004-04-06 12:28 172032] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 16:18 241664] "HPHmon06"="C:\WINDOWS\System32\hphmon06.exe" [2004-06-07 06:43 659456] "EPSON Stylus D68 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" [2005-01-25 06:00 98304] "snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2004-12-16 19:55 339968] "CTSysVol"="C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 10:18 49152] "CTDVDDet"="C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 02:00 45056] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-07-03 11:34 368640] "nwiz"="nwiz.exe" [2003-09-25 05:32 741376 C:\WINDOWS\system32\nwiz.exe] "CTHelper"="CTHELPER.EXE" [2003-04-10 03:36 28672 C:\WINDOWS\system32\CTHELPER.EXE] "AsioReg"="CTASIO.DLL" [2003-03-25 07:21 118784 C:\WINDOWS\system32\CTASIO.DLL] "nForce Tray Options"="sstray.exe" [2003-08-13 06:25 73728 C:\WINDOWS\system32\sstray.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360] C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\D‚marrage\ Color Calibration.lnk - C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe [2005-01-19 19:09:37 36864] InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2005-02-13 14:40:21 77824] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360] Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe [2007-08-07 13:24:53 659456] Recherche sur le bureau de Windows.lnk - C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-be\bin\WindowsSearch.exe [2005-09-20 18:10:04 238080] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.3iv2"= 3ivxVfWCodec.dll "VIDC.VP31"= vp31vfw.dll "msacm.l3fhg"= mp3fhg.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\quake 3\\quake3.exe"= "C:\\Program Files\\MSN Gaming Zone\\Windows\\chkrzm.exe"= "C:\\Program Files\\eMule\\emule.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 ElbyVCD;ElbyVCD;C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [2002-11-28 12:43] R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2003-05-30 10:05] R0 xmasbus;xmasbus;C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 18:24] R0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-23 03:15] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-07-03 11:34] R3 ctgame;Game Port;C:\WINDOWS\system32\DRIVERS\ctgame.sys [2002-12-30 07:53] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ba7338e-d024-11db-a618-0006f40ce1e8}] \Shell\AutoRun\command - E:\LaunchU3.exe *Newly Created Service* - CATCHME *Newly Created Service* - CCB0F56C *Newly Created Service* - PROCEXP90 . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' 2008-08-05 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20] . - - - - ORPHANS REMOVED - - - - HKCU-Run-BitTorrent - C:\Program Files\BitTorrent\bittorrent.exe HKCU-Run-ares - C:\Program Files\Ares\Ares.exe HKLM-Run-HPHUPD06 - C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe HKLM-Run-BearShare - C:\Program Files\BearShare\BearShare.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\DOCUME~1\Patrick\Application Data\Mozilla\Firefox\Profiles\fn08kmur.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-05 18:48:40 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ . Temps d'accomplissement: 2008-08-05 18:52:28 ComboFix-quarantined-files.txt 2008-08-05 16:51:26 Pre-Run: 29,319,630,848 octets libres Post-Run: 30,106,136,576 octets libres 155 --- E O F --- 2008-07-16 15:59:43