fred62200

En ce qui concerne le scan AVG Anti-spyware, je n'ai rien corrigé ni rien supprimé, parce que je n'ai pas vu ces options affichées à l'écran et je ne sais pas me servir de ce logiciel. Dans le doute, je me suis abstenu... Et donc je n'ai pas réussi à exécuter Ewido Anti-spyware.

Voila le rapport Sat Info : il y a eu 2 accès refusés aux objets suivants : c:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine(16) c:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp (16) Tue Mar 11 23:24:47 2008 EliBagle v11.13 ©2008 S.G.H. / Satinfo S.L. ---------------------------------------------- Lista de Acciones (por Acción Directa): Tue Mar 11 23:25:30 2008 EliBagle v11.13 ©2008 S.G.H. / Satinfo S.L. ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Nº Total de Directorios: 13614 Nº Total de Ficheros: 150504 Nº de Ficheros Analizados: 11203 Nº de Ficheros Infectados: 0 Nº de Ficheros Limpiados: 0

Voila le rapport HijackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:21:02, on 11/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {31150A86-0BBA-409F-BEB4-F3922D10BF34} (Gif89 Class) - http://212.175.206.228/xplug.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://71.189.209.83/activex/AxisCamControl.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F47E687B-551F-4043-89B3-F6E3F5DAD01E} (VideoDeviceControl Class) - http://82.242.226.218/VDControl.CAB O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 10053 bytes

Voila le rapport Kaspersky : ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Tuesday, March 11, 2008 11:08:13 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 11/03/2008 Kaspersky Anti-Virus database records: 624691 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 150536 Number of viruses found: 5 Number of infected objects: 11 Number of suspicious objects: 0 Duration of the scan process: 02:11:24 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-03-11_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08500F2A.exe Infected: Packed.Win32.PolyCrypt.d skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F145BDF.exe Infected: not-a-virus:AdWare.Win32.NaviPromo.gen skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4C55652B.exe Infected: Trojan.Win32.Obfuscated.cj skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\6B8046B0.TMP Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\96044632.TMP Object is locked skipped C:\Documents and Settings\FREDERICK\Cookies\index.dat Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\temp\fla9.tmp Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\temp\~DF926.tmp Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\temp\~DF938.tmp Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\Temporary Internet Files\Content.IE5\1VMUJ7FQ\kavwebscan[1].htm Object is locked skipped C:\Documents and Settings\FREDERICK\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\FREDERICK\NTUSER.DAT Object is locked skipped C:\Documents and Settings\FREDERICK\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal Object is locked skipped C:\Program Files\eMule 0.47c\eMule 0.47c\eMule\Incoming\Ewido.Networks.Ewido.Anti-Spyware.4.0.0.172.serial.keygen\Ewido.Networks.Ewido.Anti-Spyware.4.0.0.172.serial.keygen.exe Infected: Trojan-Downloader.Win32.Bagle.lb skipped C:\Program Files\eMule 0.47c\eMule 0.47c\eMule\Incoming\Ewido.Networks.Ewido.Anti-Spyware.4.0.0.172.serial.keygen.zip/Ewido.Networks.Ewido.Anti-Spyware.4.0.0.172.serial.keygen.exe Infected: Trojan-Downloader.Win32.Bagle.lb skipped C:\Program Files\eMule 0.47c\eMule 0.47c\eMule\Incoming\Ewido.Networks.Ewido.Anti-Spyware.4.0.0.172.serial.keygen.zip ZIP: infected - 1 skipped C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP68\A0012808.exe Infected: Trojan-Downloader.Win32.Bagle.lb skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP68\A0012810.exe Infected: Trojan-Downloader.Win32.Bagle.ky skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP68\A0012814.exe Infected: Trojan-Downloader.Win32.Bagle.lb skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP68\A0012816.exe Infected: Trojan-Downloader.Win32.Bagle.ky skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP68\A0012818.exe Infected: Trojan-Downloader.Win32.Bagle.lb skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP68\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped C:\WINDOWS\system32\drivers\etc\Hosts.bak Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

AVG Anti-spyware : 4 traces détectées aux emplacements suivants : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

Voila le rapport AVG Anti-spyware : --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 16:01:38 11/03/2008 + Résultat de l'analyse: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Ignoré. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Ignoré. HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Ignoré. HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Ignoré. :mozilla.134:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré. :mozilla.135:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré. :mozilla.15:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\Amandine\Cookies\amandine@partygaming.122.2o7[2].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@aoleusearch.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@aolfr.122.2o7[2].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@autoscout24.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@hotelscom.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@sonyeurope.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@aoleusearch.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@partygaming.122.2o7[2].txt -> TrackingCookie.2o7 : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@adbrite[2].txt -> TrackingCookie.Adbrite : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@4.adbrite[2].txt -> TrackingCookie.Adbrite : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@adbrite[1].txt -> TrackingCookie.Adbrite : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@adrevolver[2].txt -> TrackingCookie.Adrevolver : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@adtech[1].txt -> TrackingCookie.Adtech : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@adtech[2].txt -> TrackingCookie.Adtech : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@advertising[1].txt -> TrackingCookie.Advertising : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@advertising[2].txt -> TrackingCookie.Advertising : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@adviva[1].txt -> TrackingCookie.Adviva : Ignoré. C:\Documents and Settings\Amandine\Cookies\amandine@atdmt[1].txt -> TrackingCookie.Atdmt : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré. :mozilla.54:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@connextra[1].txt -> TrackingCookie.Connextra : Ignoré. :mozilla.23:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@estat[1].txt -> TrackingCookie.Estat : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@estat[1].txt -> TrackingCookie.Estat : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@fastclick[2].txt -> TrackingCookie.Fastclick : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ehg-citenumerique.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ehg-franceloisirs.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ehg-neuftelecom.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@ehg-corusentertainment.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@ehg-myspaceinc.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ilead.itrack[2].txt -> TrackingCookie.Itrack : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ivwbox[2].txt -> TrackingCookie.Ivwbox : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@ivwbox[2].txt -> TrackingCookie.Ivwbox : Ignoré. :mozilla.18:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@overture[1].txt -> TrackingCookie.Overture : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@overture[1].txt -> TrackingCookie.Overture : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@statcounter[2].txt -> TrackingCookie.Statcounter : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré. :mozilla.46:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Ignoré. :mozilla.19:C:\Documents and Settings\FREDERICK\Application Data\Mozilla\Firefox\Profiles\e21hck4x.default\cookies.txt -> TrackingCookie.Weborama : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@weborama[2].txt -> TrackingCookie.Weborama : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@weborama[1].txt -> TrackingCookie.Weborama : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@weborama[2].txt -> TrackingCookie.Weborama : Ignoré. C:\Documents and Settings\Amandine\Cookies\amandine@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré. C:\Documents and Settings\FREDERICK\Cookies\frederick@zedo[1].txt -> TrackingCookie.Zedo : Ignoré. C:\Documents and Settings\LocalService\Cookies\system@zedo[1].txt -> TrackingCookie.Zedo : Ignoré. C:\Documents and Settings\NATHALIE\Cookies\nathalie@zedo[1].txt -> TrackingCookie.Zedo : Ignoré. Fin du rapport

je me permets un re-up

Je pense que je n'ai plus de pare-feu. Norton Internet Security est maintenant une application win32 non-valide. Je n'ai pas non plus de message me demandant d'autoriser l'accès. (j'ai juste la fenêtre de Ewido avec marqué "Error" à l'intérieur de cette fenêtre. J'ai cliqué sur l'icône Ewido Networks en bas de la fenêtre et ça m'a dirigé vers une page de téléchargement de AVG anti-spyware 7.5, dois-je le télécharger ?

Pour Ewido, quand je clique pour ouvrir, une fenêtre apparaît avec affiché : Error.

Bonjour, Pourrais-je garder Poker Stars ? Ca fait un an que j'ai ce logiciel, il ne m'a jamais posé de problèmes. Nota Bene : C'est depuis que j'ai installé Everest Poker que j'ai ces problèmes.

Voila le rapport HijackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:20, on 2008-03-11 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {31150A86-0BBA-409F-BEB4-F3922D10BF34} (Gif89 Class) - http://212.175.206.228/xplug.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://71.189.209.83/activex/AxisCamControl.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F47E687B-551F-4043-89B3-F6E3F5DAD01E} (VideoDeviceControl Class) - http://82.242.226.218/VDControl.CAB O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 9665 bytes

Le scan s'est déroulé normalement. Ensuite un écran bleu avec les messages : "rapport en cours de préparation. ne pas démarrer d'autre programme avant que ce soit fini.", et un curseur qui clignote. Comme ça pendant 2 heures. J'ai du redémarrer l'ordinateur. Voila le rapport que j'ai récupéré : ComboFix 08-03-03.15 - FREDERICK 2008-03-10 21:19:05.5 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.184 [GMT 1:00] Endroit: C:\Documents and Settings\FREDERICK\Bureau\Combo-Fix.exe Command switches used :: C:\Documents and Settings\FREDERICK\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\muxmp4.bat . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\muxmp4.bat C:\Program Files\Everest Poker C:\Program Files\Everest Poker\casino.exe C:\Program Files\Everest Poker\CStart.exe C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt C:\Program Files\Everest Poker\data\mp-poker\shared.gvt C:\Program Files\Everest Poker\data\shared\fr\country.txt C:\Program Files\Everest Poker\data\shared\fr\language.txt C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt C:\Program Files\Everest Poker\data\startup\fr\cstart.txt C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg C:\Program Files\Everest Poker\Everest Poker.exe C:\Program Files\Everest Poker\gvbase.dll C:\Program Files\Everest Poker\gvcrt.dll C:\Program Files\Everest Poker\gvgfx-dib.dll C:\Program Files\Everest Poker\gvgfx.dll C:\Program Files\Everest Poker\gvmain.dll C:\Program Files\Everest Poker\gvmain.exe C:\Program Files\Everest Poker\gvnetwork.dll C:\Program Files\Everest Poker\gvsound.dll C:\Program Files\Everest Poker\history\3.txt C:\Program Files\Everest Poker\history\4.txt C:\Program Files\Everest Poker\init.ini C:\Program Files\Everest Poker\log.dat C:\Program Files\Everest Poker\settings.ini C:\Program Files\Everest Poker\toc_fr.ini C:\Program Files\Everest Poker\var\content-fr.dat . ---- Previous Run ------- . C:\WINDOWS\system32\drivers\down C:\WINDOWS\system32\drivers\hldrrr.exe C:\WINDOWS\system32\drivers\srosa.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_SROSA -------\srosa ((((((((((((((((((((((((((((( Fichiers créés 2008-02-10 to 2008-03-10 )))))))))))))))))))))))))))))))))))) . 2008-03-08 22:39 . 2008-03-08 22:51 <REP> d-------- C:\Program Files\Macromedia 2008-03-08 22:39 . 2008-03-08 22:39 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia Shared 2008-03-08 22:39 . 2008-03-08 22:45 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia 2008-03-08 22:39 . 2002-01-05 07:48 974,848 --------- C:\WINDOWS\system32\mfc70.dll 2008-03-08 22:39 . 2002-01-05 07:10 61,440 --------- C:\WINDOWS\system32\mfc70fra.dll 2008-03-05 09:56 . 2008-03-05 09:56 <REP> d-------- C:\Documents and Settings\FREDERICK\Application Data\PSpad 2008-03-05 09:53 . 2008-03-05 09:56 <REP> d-------- C:\Program Files\PSPad editor 2008-02-22 16:34 . 2008-02-22 16:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Macrovision 2008-02-22 12:05 . 2008-02-22 12:05 <REP> d-------- C:\Program Files\windirstat 2008-02-14 01:40 . 2008-02-14 01:42 1,374 --a------ C:\WINDOWS\imsins.BAK . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-09 13:57 --------- d-----w C:\Program Files\PokerStars 2008-03-08 21:47 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-04 14:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-03-03 22:27 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-02-29 09:14 17,360 ----a-w C:\Documents and Settings\FREDERICK\Application Data\wklnhst.dat 2008-02-27 07:28 1,262 ----a-w C:\Documents and Settings\NATHALIE\Application Data\wklnhst.dat 2008-02-26 14:02 --------- d-----w C:\Program Files\PC_Taito.Legends.2 -(rip)-(ToeD) 2008-02-22 16:10 --------- d-----w C:\Program Files\Total War 2008-02-22 16:10 --------- d-----w C:\Program Files\Tetris Game Gold 2008-02-22 16:08 --------- d-----w C:\Program Files\Namco 2008-02-12 03:18 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-02-12 03:18 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL 2008-02-12 03:18 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-02-12 03:18 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-02-12 03:18 --------- d-----w C:\Program Files\Symantec 2008-02-09 21:05 --------- d-----w C:\Program Files\Warcraft III 2008-02-07 14:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-01-26 22:33 --------- d-----w C:\Program Files\Weflirt 2008-01-26 22:33 --------- d-----w C:\Documents and Settings\FREDERICK\Application Data\Weflirt 2008-01-25 21:31 --------- d-----w C:\Program Files\EasyFlirt Messenger 2008-01-22 18:06 --------- d-----w C:\Program Files\NewTek 2008-01-22 14:02 --------- d-----w C:\Program Files\Ulead Systems 2008-01-22 14:02 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-01-22 14:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-01-22 14:00 --------- d-----w C:\Documents and Settings\FREDERICK\Application Data\Ulead Systems 2008-01-22 13:49 --------- d-----w C:\Program Files\eMule 0.47c 2008-01-22 13:14 --------- d-----w C:\Documents and Settings\FREDERICK\Application Data\Shareaza 2008-01-22 13:12 --------- d-----w C:\Program Files\eMule 2008-01-16 19:30 --------- d-----w C:\Program Files\Dynamic Toolbar 2008-01-15 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2008-01-15 17:07 --------- d-----w C:\Program Files\CCleaner 2008-01-15 10:03 --------- d-----w C:\Program Files\Microsoft LifeCam 2008-01-15 08:54 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat 2008-01-15 04:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf 2008-01-14 19:16 --------- d-----w C:\Program Files\Winamp 2008-01-14 19:16 --------- d-----w C:\Program Files\QuickTime 2008-01-14 19:16 --------- d-----w C:\Program Files\PowerISO 2008-01-12 17:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys 2008-01-12 10:53 4,131,192 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe 2008-01-12 10:53 --------- d-----w C:\Program Files\Illustrate.dBpowerAMP.Music.Converter.v12.0.Full.Retail-ZWT 2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll 2008-01-10 21:49 --------- d-----w C:\Documents and Settings\NATHALIE\Application Data\Skype 2007-12-20 22:11 81,920 ----a-w C:\WINDOWS\system32\IEDFix.exe 2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll 2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys 2007-04-13 15:50 41,146,288 ----a-w C:\Program Files\Install_NortonInternetSecurity2007_FR.exe 2007-04-13 15:46 35,261,488 ----a-w C:\Program Files\Install_NortonAntiVirus2007_FR.exe 2007-02-03 10:48 56 --sh--r C:\WINDOWS\system32\ED6F5C6BBE.sys 2007-02-03 10:48 5,852 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-06 23:14 5562368] "nwiz"="nwiz.exe" [] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-06 23:14 86016] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 19:04 77824 C:\WINDOWS\SOUNDMAN.EXE] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-03-10 16:40 115816] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2008-03-10 16:40 26248] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-05 13:00 160768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] "MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-19 02:47 8720384] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) Microsoft Windows XP [version 5.1.2600] © Copyright 1985-2001 Microsoft Corp.

Le scan est terminé et j'ai encore un écran bleu avec affiché : "rapport en cours de préparation", mais malheureusement ça ne bouge pas depuis une demi-heure. (j'écris depuis un autre ordinateur). Je ne sais pas quoi faire.

Voila le rapport ComboFix : ComboFix 08-03-03.15 - FREDERICK 2008-03-10 16:05:01.4 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.196 [GMT 1:00]Endroit: C:\Documents and Settings\FREDERICK\Bureau\Combo-Fix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\drivers\down C:\WINDOWS\system32\drivers\hldrrr.exe C:\WINDOWS\system32\drivers\srosa.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_SROSA -------\srosa ((((((((((((((((((((((((((((( Fichiers créés 2008-02-10 to 2008-03-10 )))))))))))))))))))))))))))))))))))) . 2008-03-08 22:39 . 2008-03-08 22:51 <REP> d-------- C:\Program Files\Macromedia 2008-03-08 22:39 . 2008-03-08 22:39 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia Shared 2008-03-08 22:39 . 2008-03-08 22:45 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia 2008-03-08 22:39 . 2002-01-05 07:48 974,848 --------- C:\WINDOWS\system32\mfc70.dll 2008-03-08 22:39 . 2002-01-05 07:10 61,440 --------- C:\WINDOWS\system32\mfc70fra.dll 2008-03-05 09:56 . 2008-03-05 09:56 <REP> d-------- C:\Documents and Settings\FREDERICK\Application Data\PSpad 2008-03-05 09:53 . 2008-03-05 09:56 <REP> d-------- C:\Program Files\PSPad editor 2008-03-03 23:25 . 2008-03-07 23:27 <REP> d-------- C:\Program Files\Everest Poker 2008-02-22 16:34 . 2008-02-22 16:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Macrovision 2008-02-22 12:05 . 2008-02-22 12:05 <REP> d-------- C:\Program Files\windirstat 2008-02-14 01:40 . 2008-02-14 01:42 1,374 --a------ C:\WINDOWS\imsins.BAK . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-09 13:57 --------- d-----w C:\Program Files\PokerStars 2008-03-08 21:47 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-04 14:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-03-03 22:27 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-02-29 09:14 17,360 ----a-w C:\Documents and Settings\FREDERICK\Application Data\wklnhst.dat 2008-02-27 07:28 1,262 ----a-w C:\Documents and Settings\NATHALIE\Application Data\wklnhst.dat 2008-02-26 14:02 --------- d-----w C:\Program Files\PC_Taito.Legends.2 -(rip)-(ToeD) 2008-02-22 16:10 --------- d-----w C:\Program Files\Total War 2008-02-22 16:10 --------- d-----w C:\Program Files\Tetris Game Gold 2008-02-22 16:08 --------- d-----w C:\Program Files\Namco 2008-02-12 03:18 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-02-12 03:18 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-02-12 03:18 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-02-12 03:18 --------- d-----w C:\Program Files\Symantec 2008-02-09 21:05 --------- d-----w C:\Program Files\Warcraft III 2008-02-07 14:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-01-26 22:33 --------- d-----w C:\Program Files\Weflirt 2008-01-26 22:33 --------- d-----w C:\Documents and Settings\FREDERICK\Application Data\Weflirt 2008-01-25 21:31 --------- d-----w C:\Program Files\EasyFlirt Messenger 2008-01-22 18:06 --------- d-----w C:\Program Files\NewTek 2008-01-22 14:02 --------- d-----w C:\Program Files\Ulead Systems 2008-01-22 14:02 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-01-22 14:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-01-22 14:00 --------- d-----w C:\Documents and Settings\FREDERICK\Application Data\Ulead Systems 2008-01-22 13:49 --------- d-----w C:\Program Files\eMule 0.47c 2008-01-22 13:14 --------- d-----w C:\Documents and Settings\FREDERICK\Application Data\Shareaza 2008-01-22 13:12 --------- d-----w C:\Program Files\eMule 2008-01-16 19:30 --------- d-----w C:\Program Files\Dynamic Toolbar 2008-01-15 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2008-01-15 17:07 --------- d-----w C:\Program Files\CCleaner 2008-01-15 10:03 --------- d-----w C:\Program Files\Microsoft LifeCam 2008-01-15 08:54 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat 2008-01-15 04:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf 2008-01-14 19:16 --------- d-----w C:\Program Files\Winamp 2008-01-14 19:16 --------- d-----w C:\Program Files\QuickTime 2008-01-14 19:16 --------- d-----w C:\Program Files\PowerISO 2008-01-12 17:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys 2008-01-12 10:53 --------- d-----w C:\Program Files\Illustrate.dBpowerAMP.Music.Converter.v12.0.Full.Retail-ZWT 2008-01-10 21:49 --------- d-----w C:\Documents and Settings\NATHALIE\Application Data\Skype 2007-12-18 20:57 359 ----a-w C:\muxmp4.bat 2007-04-13 15:50 41,146,288 ----a-w C:\Program Files\Install_NortonInternetSecurity2007_FR.exe 2007-04-13 15:46 35,261,488 ----a-w C:\Program Files\Install_NortonAntiVirus2007_FR.exe 2007-02-03 10:48 56 --sh--r C:\WINDOWS\system32\ED6F5C6BBE.sys 2007-02-03 10:48 5,852 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-06 23:14 5562368] "nwiz"="nwiz.exe" [] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-06 23:14 86016] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 19:04 77824 C:\WINDOWS\SOUNDMAN.EXE] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-03-10 16:40 115816] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2008-03-10 16:40 26248] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-05 13:00 160768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] "MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-19 02:47 8720384] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) Microsoft Windows XP [version 5.1.2600] © Copyright 1985-2001 Microsoft Corp.

Excusez-moi, mais j'avais oublié que j'avais posé la même question hier midi. Du coup, j'ai reposé la même question dans la partie Software. Et du coup, j'ai lancé suite aux instructions un processus ComboFix qui se déroule en ce moment (mais l'ordinateur rame énormément). (j'écris d'un autre ordinateur)

Bonjour, C'est normal l'icône avec un bâton de dynamite ? IoI

C'est bon. J'ai redémarré l'ordinateur et Combo-Fix a démarré. Le processus est en cours.

Bonjour, J'ai lancé Comfix, un écran bleu apparaît avec un curseur qui clignote mais il ne se passe rien.

Bonjour, J'ai téléchargé HijackThis et il refuse de s'ouvrir. Le message suivant s'affiche "c:/programFiles/TrendMicro/HijackThis.exe n'est pas une application Win32 valide." Ca fait le 4ème logiciel que je télécharge : rien à faire. Qui peut m'aider SVP ?

Bonjour, Je n'arrive pas à installer HijackThis sur mon PC. Quand j'essaye de l'ouvrir après l'avoir installé dans le dossier Trend Micro dans Program Files, un message apparaît : "c:programFiles/TrendMicro/HijackThis.exe n'est pas une application Win32 valide." Merci à l'avance de votre aide.

Merci les gars pour votre aide, mais j'ai déjà essayé tout ça. Je vais m'acheter une nouvelle carte son Creative à 30 € et comme ça, ça fonctionnera.

Eh Non, ça n'a pas marché, le problème reste le même : je n'ai toujours du son que sur l'enceinte de droite.

Non, ça n'a pas marché, le problème reste le même : je n'ai toujours du son que sur l'enceinte de droite.

Merci pour ta réponse. Je me lance.

Bonjour, mon problème à l'origine, c'est de n'avoir du son que sur l'enceinte de droite avec un sifflement en bruit de fond. J'ai vérifié les câbles et les enceintes. J'ai aussi installé le dernier pilote en vogue. Je pense avoir trouvé la solution sur "développez.net - comment utiliser le bios", mais je me demande si il ne faut pas être un initié pour le faire : Ce n'est pas une carte son mais un chips que tu as. - désinstaller la carte son (dans le Gestionnaire de périphériques) - éteindre le PC - allumer le pc - désactiver la carte son (dans le BIOS) - démarrer le pc (l'OS) - éteindre le PC - allumer le pc - réactiver la carte son (dans le BIOS) - démarrer le pc (l'OS) - résinstaller la carte son Faut-il s'y connaître pour manipuler le bios ? Doit-je appliquer cette procédure ?