nemausus8

Merci pour tout THANOS tu es un chef!!! Je vais donc faire tout ce que tu m'as indiqué.. Au fait l'informatique ce n'est pas si abstrait après-tout! Encore un GRAND MERCI

Encore moi..... dois réinstaller le service pack3 de windows? BONNE JOURNEE THANOS et bonne journée à tous

Salut Thanos, Voici le dernier rapport hitjackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:06, on 2008-07-09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\acer\Acer eConsole\MediaServerService.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Christophe\Bureau\Mis Limpiadores\SETUP ANTIVIRUS\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Classic TV Pro Remote] "C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe" O4 - HKLM\..\Run: [schedule] "C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10811} (FlyLoader Class) - http://www.flysuite.com/flyword/loaderword_win_fr.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1215036599015 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 10600 bytes Mon PC est plus rapide et le fenêtes pub semblent enfin neutralisées... encore une derniere petite chose si ce n'est pas trop abusé de ma part.. Je ne peut pas réinstaller ma version de word 2000, l'installation m'indique que ma clé de produit est obsolète!?

Salut Thanos, Voici le rapport MBMW : Malwarebytes' Anti-Malware 1.20 Version de la base de données: 931 Windows 5.1.2600 Service Pack 2 12:57:56 2008-07-08 mbam-log-7-8-2008 (12-57-56).txt Type de recherche: Examen complet (A:\|C:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|) Eléments examinés: 102092 Temps écoulé: 16 minute(s), 33 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7d8f380f-e933-4e5e-8646-cf8cd05ab32d} (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7d8f380f-e933-4e5e-8646-cf8cd05ab32d} (Trojan.Vundo) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP40\A0004689.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP40\A0004716.exe (Rogue.Installer) -> Quarantined and deleted successfully. Et le rapport dds : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:10, on 2008-07-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\acer\Acer eConsole\MediaServerService.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Documents and Settings\Christophe\Bureau\Mis Limpiadores\SETUP ANTIVIRUS\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {16290192-54F0-416B-8CF5-2236F422FF94} - (no file) O2 - BHO: (no name) - {36BDFA57-76DE-4815-B69F-5E99DF42434B} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {68B835C9-BF3E-4AD0-90C4-B34C51609A82} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7D8F380F-E933-4E5E-8646-CF8CD05AB32D} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {d2c60a23-2b4c-49df-ac18-73aab5ec9edc} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Classic TV Pro Remote] "C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe" O4 - HKLM\..\Run: [schedule] "C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10811} (FlyLoader Class) - http://www.flysuite.com/flyword/loaderword_win_fr.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1215036599015 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - Winlogon Notify: khfGvtuS - C:\WINDOWS\ O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (file missing) O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 11331 bytes BONNE JOURNEE......

Re, Impossible de supprimer : ccCommon LiveUpdate Norton Internet Security Norton Protection Center Norton Confidential Core Norton AntiVirus Norton AntiVirus Help Symantec Real Time Storage Protection Component car introuvables dans le menu Ajouter/Supprimer des programmes. Impossible de supprimer Norton dans program Files.. Voici tout de même le rapport de Combo Fix: ComboFix 08-07-05.1 - Christophe 2008-07-07 1:07:23.1 - FAT32x86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.394 [GMT 2:00] Endroit: C:\Documents and Settings\Christophe\Bureau\Mis Limpiadores\SETUP ANTIVIRUS\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Christophe\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\taskkill.exe C:\WINDOWS\system32\TCISrXyb.ini C:\WINDOWS\system32\TCISrXyb.ini2 . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-06 to 2008-07-06 )))))))))))))))))))))))))))))))))))) . 2008-07-06 15:34 . 2008-07-06 15:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP 2008-07-06 15:32 . 2008-07-06 15:32 <REP> d-------- C:\Program Files\Fichiers communs\Sonic Shared 2008-07-06 15:32 . 2008-07-06 15:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sonic 2008-07-06 15:27 . 2008-07-06 15:27 <REP> d-------- C:\Program Files\Hewlett-Packard 2008-07-06 15:27 . 2008-07-06 15:27 <REP> d-------- C:\Program Files\Fichiers communs\HP 2008-07-06 15:09 . 2008-07-06 15:09 655,840 --a------ C:\ImgCache.pvd 2008-07-06 15:09 . 2008-07-06 15:09 16 --a------ C:\ImgCache.pvi 2008-07-06 15:08 . 2008-07-06 15:08 <REP> d-------- C:\Program Files\HP 2008-07-06 15:06 . 2008-07-06 15:34 91,454 --a------ C:\WINDOWS\hpiins01.dat 2008-07-06 15:06 . 2005-11-23 02:09 0 --------- C:\WINDOWS\hpimdl01.dat 2008-07-06 14:59 . 2008-07-06 14:59 <REP> d-------- C:\Program Files\Ulead Systems 2008-07-06 14:53 . 2005-06-17 18:36 33,545 --a------ C:\WINDOWS\system32\drivers\Capt905c.sys 2008-07-06 14:53 . 2005-04-13 15:21 24,605 --a------ C:\WINDOWS\system32\drivers\Camd905c.sys 2008-07-06 14:51 . 2008-07-06 14:51 <REP> d-------- C:\Program Files\Fichiers communs\FotoWire 2008-07-06 14:51 . 2008-07-06 14:51 <REP> d-------- C:\Program Files\AGFAnet 2008-07-06 14:51 . 2008-07-06 14:51 <REP> d-------- C:\Program Files\Agfa 2008-07-06 14:51 . 2000-03-22 20:47 36,864 --a------ C:\WINDOWS\system32\agusbsti.dll 2008-07-06 14:51 . 2000-06-19 12:55 32,768 --a------ C:\WINDOWS\system32\snape50.bin 2008-07-06 14:51 . 2000-06-19 12:55 32,768 --a------ C:\WINDOWS\system32\snape40.bin 2008-07-06 14:50 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-07-06 14:47 . 2008-07-06 14:47 0 --a------ C:\WINDOWS\Export to web.INI 2008-07-06 14:45 . 2008-07-06 14:45 <REP> d-------- C:\Program Files\greenstreet 2008-07-06 14:45 . 1999-04-29 09:51 1,472,000 --------- C:\WINDOWS\system32\Rgt004.dll 2008-07-06 11:05 . 2008-07-06 11:05 <REP> d-------- C:\Deckard 2008-07-05 12:46 . 2008-07-05 12:46 <REP> d-------- C:\Program Files\AbiSuite2 2008-07-05 12:46 . 2008-07-05 12:46 <REP> d-------- C:\Documents and Settings\Christophe\AbiSuite 2008-07-05 12:41 . 2008-07-05 12:41 <REP> d-------- C:\Documents and Settings\Christophe\.thumbnails 2008-07-05 12:40 . 2008-07-05 12:40 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\gtk-2.0 2008-07-05 12:38 . 2008-07-05 12:38 <REP> d-------- C:\Documents and Settings\Christophe\.gimp-2.4 2008-07-05 12:37 . 2008-07-05 12:37 <REP> d-------- C:\Program Files\GIMP-2.0 2008-07-05 12:34 . 2008-07-05 12:34 <REP> d-------- C:\Program Files\PhotoFiltre 2008-07-05 12:28 . 2008-07-05 12:28 <REP> d-------- C:\FlySuite 2008-07-05 12:28 . 2008-07-05 12:28 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\FlySuite 2008-07-04 14:19 . 2008-07-04 14:19 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-07-04 14:19 . 2008-07-04 14:19 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\Malwarebytes 2008-07-04 14:19 . 2008-07-04 14:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-04 14:19 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-07-04 14:19 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-07-04 12:50 . 2008-07-04 12:50 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\OpenOffice.org1.9.79 2008-07-04 08:50 . 2008-07-04 08:50 <REP> d-------- C:\Program Files\OpenOffice.org 1.9.79 2008-07-03 23:45 . 2008-07-03 23:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LightScribe 2008-07-03 23:40 . 2008-07-03 23:40 <REP> d-------- C:\Program Files\Classic TV Pro Vision 2008-07-03 23:37 . 2008-07-03 23:37 <REP> d-------- C:\WINDOWS\Cache 2008-07-03 23:35 . 2008-07-03 23:36 <REP> d-------- C:\Program Files\Windows Media Components 2008-07-03 23:30 . 2008-07-03 23:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield 2008-07-03 23:29 . 2008-07-03 23:30 <REP> d-------- C:\TECHGEAR 2008-07-03 21:48 . 2008-07-03 21:48 <REP> d-------- C:\Program Files\USB 2008-07-03 21:48 . 2001-11-05 11:43 12,822 --a------ C:\WINDOWS\system32\drivers\usb2000.sys 2008-07-03 21:48 . 2001-11-05 11:43 6,566 --a------ C:\WINDOWS\system32\drivers\Pro2000.sys 2008-07-03 21:48 . 2001-11-05 11:43 5,766 --a------ C:\WINDOWS\system32\drivers\NIC2000.SYS 2008-07-03 18:46 . 2008-07-03 18:46 <REP> d--hs---- C:\FOUND.000 2008-07-03 09:28 . 2008-07-03 09:29 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\AdobeUM 2008-07-03 09:23 . 2008-07-03 09:23 <REP> d-------- C:\Program Files\Fichiers communs\Adobe 2008-07-03 09:12 . 2008-07-03 09:12 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\AdobeUM 2008-07-03 09:00 . 2008-07-03 09:00 <REP> d-------- C:\Documents and Settings\Khio\Application Data\Yahoo! 2008-07-03 08:58 . 2008-07-03 08:58 22 --a------ C:\WINDOWS\system32\ati64hlp.stb 2008-07-03 08:57 . 2008-07-03 08:57 <REP> d-------- C:\Documents and Settings\Khio\Application Data\Spyware Terminator 2008-07-03 08:56 . 2005-06-25 07:34 <REP> d--h----- C:\Documents and Settings\Khio\Voisinage r‚seau 2008-07-03 08:56 . 2005-06-25 07:34 <REP> d--h----- C:\Documents and Settings\Khio\Voisinage d'impression 2008-07-03 08:56 . 2005-06-25 07:34 <REP> d--h----- C:\Documents and Settings\Khio\ModŠles 2008-07-03 08:56 . 2008-07-03 08:57 <REP> dr------- C:\Documents and Settings\Khio\Mes documents 2008-07-03 08:56 . 2005-06-25 07:34 <REP> dr------- C:\Documents and Settings\Khio\Menu D‚marrer 2008-07-03 08:56 . 2008-07-03 08:57 <REP> dr------- C:\Documents and Settings\Khio\Favoris 2008-07-03 08:56 . 2005-06-25 07:34 <REP> d-------- C:\Documents and Settings\Khio\Bureau 2008-07-03 08:56 . 2005-06-25 07:51 <REP> d-------- C:\Documents and Settings\Khio\Application Data\Symantec 2008-07-03 08:56 . 2008-07-03 08:56 <REP> d-------- C:\Documents and Settings\Khio 2008-07-03 04:19 . 2008-07-03 04:19 <REP> d--hs---- C:\Documents and Settings\Christophe\! 2008-07-03 04:00 . 2008-07-03 04:00 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\LimeWire 2008-07-03 03:48 . 2008-07-03 03:48 <REP> d-------- C:\Program Files\WinClamAVShield 2008-07-03 03:47 . 2008-07-03 03:47 <REP> d-------- C:\Program Files\Spyware Terminator 2008-07-03 03:47 . 2008-07-03 03:47 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\Spyware Terminator 2008-07-03 03:47 . 2008-07-03 03:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2008-07-03 03:47 . 2008-07-03 03:47 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2008-07-03 03:46 . 2008-07-03 03:46 <REP> d-------- C:\Program Files\Alwil Software 2008-07-03 03:36 . 2008-07-03 03:36 <REP> d-------- C:\Program Files\Lavasoft 2008-07-03 03:36 . 2008-07-03 03:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-03 03:35 . 2008-07-03 03:35 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-07-03 03:34 . 2008-07-03 03:34 <REP> d-------- C:\Program Files\CCleaner 2008-07-03 03:32 . 2008-07-03 03:33 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-07-03 03:32 . 2008-07-03 03:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-03 03:30 . 2008-07-03 03:30 <REP> d-------- C:\Program Files\LimeWire 2008-07-03 03:29 . 2008-07-03 03:29 <REP> d-------- C:\Program Files\Avira 2008-07-03 03:29 . 2008-07-03 03:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-07-03 03:13 . 2008-07-03 03:13 <REP> d-------- C:\Documents and Settings\Christophe\Contacts 2008-07-03 03:12 . 2008-07-03 03:12 <REP> d-------- C:\WINDOWS\system32\DRVSTORE 2008-07-03 02:55 . 2008-07-03 02:55 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\MSNInstaller 2008-07-03 02:43 . 2004-03-09 00:00 1,081,616 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX 2008-07-03 02:42 . 2008-07-03 02:42 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\DivX 2008-07-03 02:41 . 2008-07-03 02:41 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\Yahoo! 2008-07-03 02:41 . 2008-07-03 02:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-07-03 02:40 . 2008-07-03 02:40 <REP> d-------- C:\Program Files\Yahoo! 2008-07-03 02:40 . 2008-07-03 02:40 <REP> d-------- C:\Program Files\DivX 2008-07-03 02:33 . 2008-07-03 02:33 22 --a------ C:\WINDOWS\system32\ati64hl2.stb 2008-07-03 02:29 . 2008-07-03 02:29 <REP> d-------- C:\Program Files\ATI Technologies 2008-07-03 02:28 . 2008-07-03 20:10 6 --a------ C:\ISACER.ID 2008-07-03 02:20 . 2008-07-06 19:03 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-07-03 01:20 . 2008-07-03 01:20 <REP> d-------- C:\Program Files\MSXML 4.0 2008-07-03 01:20 . 2008-07-03 01:20 <REP> d-------- C:\Program Files\Microsoft Money 2008-07-03 01:14 . 2008-07-03 01:14 <REP> d-------- C:\Program Files\Windows Sidebar 2008-07-03 01:13 . 2008-07-03 01:14 <REP> d-------- C:\Program Files\Norton Internet Security 2008-07-03 01:13 . 2008-07-05 11:31 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-07-03 01:13 . 2008-07-05 11:31 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2008-07-03 01:13 . 2008-07-05 11:31 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-07-03 01:13 . 2008-07-05 11:31 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-07-03 00:56 . 2008-07-03 00:56 <REP> d-------- C:\Documents and Settings\All Users\Symantec Temporary Files 2008-07-03 00:49 . 2008-04-23 06:16 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-07-03 00:49 . 2007-04-17 11:32 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-07-03 00:49 . 2007-03-08 07:10 1,048,576 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-07-03 00:49 . 2008-04-23 06:16 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-07-03 00:49 . 2008-04-23 06:16 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-07-03 00:49 . 2008-04-23 06:16 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-07-03 00:49 . 2008-04-23 06:16 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll 2008-07-03 00:49 . 2008-04-23 06:16 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-07-03 00:49 . 2008-04-22 09:39 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-07-03 00:31 . 2008-07-03 00:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IM 2008-07-03 00:29 . 2008-07-03 00:29 <REP> d-------- C:\Program Files\IncrediMail 2008-07-03 00:29 . 2008-07-03 00:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail 2008-07-03 00:18 . 2008-07-03 00:18 <REP> d-------- C:\Program Files\Windows Media Connect 2 2008-07-03 00:16 . 2008-07-03 00:16 <REP> d-------- C:\WINDOWS\system32\LogFiles 2008-07-03 00:16 . 2008-07-03 00:16 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-07-03 00:15 . 2008-07-03 00:15 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak 2008-07-03 00:04 . 2008-07-03 00:04 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe 2008-07-03 00:03 . 2008-07-03 00:03 <REP> d-------- C:\Documents and Settings\Christophe\Application Data\Ahead 2008-07-03 00:02 . 2008-07-03 00:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ahead 2008-07-02 23:58 . 2008-07-02 23:58 <REP> d-------- C:\Program Files\Nero . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-27 09:24 4,742,656 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys 2008-06-27 09:23 16,875,008 ----a-w C:\WINDOWS\RTHDCPL.exe 2008-06-19 14:42 2,808,832 ----a-w C:\WINDOWS\alcwzrd.exe 2008-06-19 14:27 9,715,200 ----a-w C:\WINDOWS\RTLCPL.exe 2008-06-19 14:20 57,344 ----a-w C:\WINDOWS\Alcmtr.exe 2008-06-18 16:01 77,824 ----a-w C:\WINDOWS\SoundMan.exe 2008-06-11 00:07 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys 2008-06-11 00:07 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-06-11 00:07 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys 2008-06-11 00:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll 2008-06-11 00:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe 2008-06-11 00:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe 2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys 2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll 2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll 2008-04-22 07:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe 2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-02 23:11 171448] "LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-05-15 17:12 484904] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21 153136] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-06-12 13:49 243072] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [X] "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15 45056] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 01:07 32768] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168] "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-21 15:39 110592] "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-06-21 15:28 425984] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-01-25 19:47 51048] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2008-02-07 00:49 718704] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 21:05 344064] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-07-03 03:47 1817600] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 06:03 221184] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 06:03 81920] "Classic TV Pro Remote"="C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe" [2006-04-04 18:30 241664] "Schedule"="C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe" [2006-06-22 14:14 98304] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-09-24 00:08 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe] "RTHDCPL"="RTHDCPL.EXE" [2008-06-27 11:23 16875008 C:\WINDOWS\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.VDOM"= vdowave.drv "VIDC.TR20"= tr2032.dll "vidc.vivo"= ivvideo.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "C:\\Program Files\\Messenger\\MSMSGS.EXE"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 07:00] R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-07-03 03:47] R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-01-25 19:47] R2 PCLinkBridge;USB-USB Network Bridge;C:\WINDOWS\system32\DRIVERS\pro2000.sys [2001-11-05 11:43] R3 NIC2000;USB-USB Network Bridge Adapter;C:\WINDOWS\system32\DRIVERS\NIC2000.sys [2001-11-05 11:43] S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-03-06 21:32] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 09:13] *Newly Created Service* - COMHOST [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe" . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-07-02 23:16:12 C:\WINDOWS\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Christophe.job" Bonne nuit...

Salut Thanos, Et oui j'ai bien réinstaller les programmes d'origine... tant pis pour mes fichiers... 4 ans de ma vie envolés, mais je m'en remetrais!... Antavir semble avoir fait un grand ménage... Vundo serait-il neutralisé!? à voir! je te post le dernier rapport HijackThis: Deckard's System Scanner v20071014.68 Run by Christophe on 2008-07-06 11:05:21 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 42: 2008-07-06 09:05:24 UTC - RP42 - Deckard's System Scanner Restore Point 41: 2008-07-05 11:06:24 UTC - RP41 - Point de vérification système 40: 2008-07-04 10:54:36 UTC - RP40 - OpenOffice.org 1.9.79 rimosso 39: 2008-07-04 10:36:19 UTC - RP39 - Spyware Terminator - restore point 38: 2008-07-04 10:28:31 UTC - RP38 - Spyware Terminator - restore point -- First Restore Point -- 1: 2008-07-03 07:02:20 UTC - RP1 - Point de vérification système Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-07-06 11:07:04 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\explorer.exe C:\Program Files\acer\Acer eConsole\MediaServerService.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\acer\Acer eMode Management\AspireService.exe C:\Program Files\acer\Acer eConsole\MediaSync.exe C:\WINDOWS\RTHDCPL.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Christophe\Bureau\Deckard's System Scanner (DSS).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {16290192-54F0-416B-8CF5-2236F422FF94} - (no file) O2 - BHO: (no name) - {36BDFA57-76DE-4815-B69F-5E99DF42434B} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll O2 - BHO: (no name) - {68B835C9-BF3E-4AD0-90C4-B34C51609A82} - C:\WINDOWS\system32\byXrSICT.dll (file missing) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Fichiers communs\Symantec Shared\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7D8F380F-E933-4E5E-8646-CF8CD05AB32D} - C:\WINDOWS\system32\khfGvtuS.dll (file missing) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll O2 - BHO: {cde9ce5b-aa37-81ca-fd94-c4b232a06c2d} - {d2c60a23-2b4c-49df-ac18-73aab5ec9edc} - C:\WINDOWS\system32\ingmck.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Classic TV Pro Remote] "C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe" O4 - HKLM\..\Run: [schedule] "C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10811} (FlyLoader Class) - http://www.flysuite.com/flyword/loaderword_win_fr.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1215036599015 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O20 - Winlogon Notify: khfGvtuS - C:\WINDOWS\system32\khfGvtuS.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 13926 bytes -- File Associations ----------------------------------------------------------- .reg - regfile - shell\open\command - regedit.exe "%1" %* .scr - scrfile - shell\open\command - "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 sp_rsdrv2 (Spyware Terminator Driver 2) - c:\windows\system32\drivers\sp_rsdrv2.sys R1 UBHelper - c:\windows\system32\drivers\ubhelper.sys R2 CX23880 (Conexant 23880 Video Capture) - c:\windows\system32\drivers\cx88vid.sys <Not Verified; Conexant Systems, Inc.; cx88vid.sys> R2 PCLinkBridge (USB-USB Network Bridge) - c:\windows\system32\drivers\pro2000.sys <Not Verified; Prolific Technology Inc. www.prolific.com.tw; USB-USB Network Bridge> R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft® ASPI Shell> R3 NIC2000 (USB-USB Network Bridge Adapter) - c:\windows\system32\drivers\nic2000.sys <Not Verified; Prolific Technology Inc. www.prolific.com.tw; USB-USB Network Bridge> R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; > -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Acer Media Server - "c:\program files\acer\acer econsole\mediaserverservice.exe" <Not Verified; Acer Inc.; Acer Media Server> R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator> S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318} Description: Clavier standard 101/102 touches ou clavier Microsoft Natural Keyboard PS/2 Device ID: ACPI\PNP0303\4&1A75BB9&0 Manufacturer: (Claviers standard) Name: Clavier standard 101/102 touches ou clavier Microsoft Natural Keyboard PS/2 PNP Device ID: ACPI\PNP0303\4&1A75BB9&0 Service: i8042prt -- Scheduled Tasks ------------------------------------------------------------- 2008-07-03 01:16:12 668 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Christophe.job -- Files created between 2008-06-06 and 2008-07-06 ----------------------------- 2008-07-05 12:46:55 0 d-------- C:\Documents and Settings\Christophe\AbiSuite 2008-07-05 12:46:39 0 d-------- C:\Program Files\AbiSuite2 2008-07-05 12:41:54 0 d-------- C:\Documents and Settings\Christophe\.thumbnails 2008-07-05 12:40:34 0 d-------- C:\Documents and Settings\Christophe\Application Data\gtk-2.0 2008-07-05 12:38:47 0 d-------- C:\Documents and Settings\Christophe\.gimp-2.4 2008-07-05 12:37:48 0 d-------- C:\Program Files\GIMP-2.0 2008-07-05 12:34:10 0 d-------- C:\Program Files\PhotoFiltre 2008-07-05 12:28:41 0 d-------- C:\FlySuite 2008-07-05 12:28:41 0 d-------- C:\Documents and Settings\Christophe\Application Data\FlySuite 2008-07-04 17:46:21 0 dr-h----- C:\Documents and Settings\Christophe\Recent 2008-07-04 14:19:47 0 d-------- C:\Documents and Settings\Christophe\Application Data\Malwarebytes 2008-07-04 14:19:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-04 14:19:38 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-07-04 12:50:00 0 d-------- C:\Documents and Settings\Christophe\Application Data\OpenOffice.org1.9.79 2008-07-04 08:50:11 0 d-------- C:\Program Files\OpenOffice.org 1.9.79 2008-07-03 23:45:22 0 d-------- C:\Documents and Settings\All Users\Application Data\LightScribe 2008-07-03 23:40:00 0 d-------- C:\Program Files\Classic TV Pro Vision 2008-07-03 23:37:43 0 d-------- C:\WINDOWS\Cache 2008-07-03 23:36:19 63808 --a------ C:\WINDOWS\system32\NSCMPS.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2008-07-03 23:36:17 278016 --a------ C:\WINDOWS\system32\VCT3216.dll <Not Verified; Voxware, Inc.; Voxware Compression Toolkit> 2008-07-03 23:36:15 261632 --a------ C:\WINDOWS\system32\accuimr5.dll <Not Verified; AccuSoft Corporation; AccuSoft Image Format Library/Windows NT> 2008-07-03 23:36:12 104832 --a------ C:\WINDOWS\wavtoasf.exe <Not Verified; Microsoft Corporation; Wave To ActiveMovie Stream Converter> 2008-07-03 23:36:11 78064 --a------ C:\WINDOWS\vidtoasf.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2008-07-03 23:36:11 23824 --a------ C:\WINDOWS\asx3test.exe <Not Verified; Microsoft Corporation; DirectShow> 2008-07-03 23:36:11 17792 --a------ C:\WINDOWS\asfchop.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2008-07-03 23:36:10 69120 --a------ C:\WINDOWS\system32\vdoenc32.dll <Not Verified; VDOnet Corp; vdoenc32.dll> 2008-07-03 23:36:10 67856 --a------ C:\WINDOWS\asfcheck.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2008-07-03 23:36:09 79360 --a------ C:\WINDOWS\system32\vdodec32.dll <Not Verified; VDOnet Corp.; Vdodec32.dll> 2008-07-03 23:36:09 66560 --a------ C:\WINDOWS\system32\tr2032.dll <Not Verified; The Duck Corporation; Duck TrueMotion® RT Video Codec> 2008-07-03 23:36:09 34240 --a------ C:\WINDOWS\system32\nserror.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services> 2008-07-03 23:36:08 416304 --a------ C:\WINDOWS\system32\MPG4C32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec> 2008-07-03 23:36:07 206336 --a------ C:\WINDOWS\system32\ivvideo.dll <Not Verified; Vivo Software; VivoActive H.263 Video Decompressor> 2008-07-03 23:36:07 140800 --a------ C:\WINDOWS\system32\encvw_32.dll <Not Verified; VDOnet Corp.; Encvw_32.dll> 2008-07-03 23:36:06 88464 --a------ C:\WINDOWS\system32\decvw_32.dll <Not Verified; VDOnet Corp.; Decvw_32.dll> 2008-07-03 23:35:58 0 d-------- C:\Program Files\Windows Media Components 2008-07-03 23:30:18 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield 2008-07-03 23:29:58 0 d-------- C:\TECHGEAR 2008-07-03 21:48:08 12822 --a------ C:\WINDOWS\system32\drivers\usb2000.sys <Not Verified; Prolific Technology Inc. www.prolific.com.tw; USB-USB Network Bridge> 2008-07-03 21:48:08 6566 --a------ C:\WINDOWS\system32\drivers\Pro2000.sys <Not Verified; Prolific Technology Inc. www.prolific.com.tw; USB-USB Network Bridge> 2008-07-03 21:48:08 5766 --a------ C:\WINDOWS\system32\drivers\NIC2000.SYS <Not Verified; Prolific Technology Inc. www.prolific.com.tw; USB-USB Network Bridge> 2008-07-03 21:48:08 0 d-------- C:\Program Files\USB 2008-07-03 21:04:47 0 --a------ C:\WINDOWS\system32\jwgntqpi.dll 2008-07-03 18:46:08 0 d--hs---- C:\FOUND.000 2008-07-03 09:28:58 0 d-------- C:\Documents and Settings\Christophe\Application Data\AdobeUM 2008-07-03 09:24:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2008-07-03 09:23:54 0 d-------- C:\Program Files\Fichiers communs\Adobe 2008-07-03 09:12:48 0 d-------- C:\Documents and Settings\LocalService\Application Data\AdobeUM 2008-07-03 09:11:55 0 d-------- C:\Documents and Settings\LocalService\Application Data\Adobe 2008-07-03 09:02:09 504087 --ahs---- C:\WINDOWS\system32\TCISrXyb.ini2 2008-07-03 09:01:05 0 d-------- C:\Documents and Settings\Khio\Application Data\Macromedia 2008-07-03 09:00:56 0 d-------- C:\Documents and Settings\Khio\Application Data\Yahoo! 2008-07-03 09:00:50 0 d-------- C:\Documents and Settings\Khio\Application Data\Google 2008-07-03 08:58:06 0 d-------- C:\Documents and Settings\Khio\Application Data\Help 2008-07-03 08:57:47 0 d-------- C:\Documents and Settings\Khio\Application Data\Spyware Terminator 2008-07-03 08:56:53 0 d--hs---- C:\Documents and Settings\Khio\Cookies 2008-07-03 08:56:53 0 d-------- C:\Documents and Settings\Khio\Bureau 2008-07-03 08:56:53 0 dr-h----- C:\Documents and Settings\Khio\Application Data 2008-07-03 08:56:53 0 d-------- C:\Documents and Settings\Khio\Application Data\Symantec 2008-07-03 08:56:53 0 d---s---- C:\Documents and Settings\Khio\Application Data\Microsoft 2008-07-03 08:56:53 0 d-------- C:\Documents and Settings\Khio\Application Data\Identities 2008-07-03 08:56:53 0 d-------- C:\Documents and Settings\Khio\Application Data\Adobe 2008-07-03 08:56:52 0 d--h----- C:\Documents and Settings\Khio\Voisinage réseau 2008-07-03 08:56:52 0 d--h----- C:\Documents and Settings\Khio\Voisinage d'impression 2008-07-03 08:56:52 0 dr-h----- C:\Documents and Settings\Khio\SendTo 2008-07-03 08:56:52 0 dr-h----- C:\Documents and Settings\Khio\Recent 2008-07-03 08:56:52 1310720 --ah----- C:\Documents and Settings\Khio\NTUSER.DAT 2008-07-03 08:56:52 0 d--h----- C:\Documents and Settings\Khio\Modèles 2008-07-03 08:56:52 0 dr------- C:\Documents and Settings\Khio\Mes documents 2008-07-03 08:56:52 0 dr------- C:\Documents and Settings\Khio\Menu Démarrer 2008-07-03 08:56:52 0 d--h----- C:\Documents and Settings\Khio\Local Settings 2008-07-03 08:56:52 0 dr------- C:\Documents and Settings\Khio\Favoris 2008-07-03 04:19:12 0 --a------ C:\WINDOWS\system32\taskkill.exe 2008-07-03 04:19:06 0 d--hs---- C:\Documents and Settings\Christophe\! 2008-07-03 04:00:36 0 d-------- C:\Documents and Settings\Christophe\Application Data\LimeWire 2008-07-03 03:48:38 0 d-------- C:\Program Files\WinClamAVShield 2008-07-03 03:47:39 141312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2008-07-03 03:47:39 0 d-------- C:\Documents and Settings\Christophe\Application Data\Spyware Terminator 2008-07-03 03:47:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2008-07-03 03:47:36 0 d-------- C:\Program Files\Spyware Terminator 2008-07-03 03:46:22 0 d-------- C:\Program Files\Alwil Software 2008-07-03 03:36:01 0 d-------- C:\Program Files\Lavasoft 2008-07-03 03:36:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-03 03:35:36 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-07-03 03:34:03 0 d-------- C:\Program Files\CCleaner 2008-07-03 03:32:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-03 03:30:34 0 d-------- C:\Program Files\LimeWire 2008-07-03 03:29:42 0 d-------- C:\Program Files\Avira 2008-07-03 03:29:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-07-03 03:13:54 0 d-------- C:\Documents and Settings\Christophe\Contacts 2008-07-03 03:12:48 0 d-------- C:\WINDOWS\system32\DRVSTORE 2008-07-03 02:55:54 0 d-------- C:\Documents and Settings\Christophe\Application Data\MSNInstaller 2008-07-03 02:42:04 0 d-------- C:\Documents and Settings\Christophe\Application Data\DivX 2008-07-03 02:41:17 0 d-------- C:\Documents and Settings\Christophe\Application Data\Yahoo! 2008-07-03 02:41:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-07-03 02:40:48 0 d-------- C:\Program Files\Yahoo! 2008-07-03 02:40:41 0 d-------- C:\Program Files\DivX 2008-07-03 02:33:23 0 d-------- C:\Documents and Settings\Christophe\Application Data\Help 2008-07-03 02:29:53 0 d-------- C:\Program Files\ATI Technologies 2008-07-03 01:20:47 0 d-------- C:\Program Files\Microsoft Money 2008-07-03 01:20:45 0 d-------- C:\Program Files\MSXML 4.0 2008-07-03 01:14:43 0 d-------- C:\Program Files\Windows Sidebar 2008-07-03 01:13:58 0 d-------- C:\Program Files\Norton Internet Security 2008-07-03 00:56:16 0 d-------- C:\Documents and Settings\All Users\Symantec Temporary Files 2008-07-03 00:31:11 0 d-------- C:\Documents and Settings\All Users\Application Data\IM 2008-07-03 00:29:07 0 d-------- C:\Program Files\IncrediMail 2008-07-03 00:29:07 0 d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail 2008-07-03 00:18:42 0 d-------- C:\Program Files\Windows Media Connect 2 2008-07-03 00:16:57 0 d-------- C:\WINDOWS\system32\LogFiles 2008-07-03 00:16:57 0 d-------- C:\WINDOWS\system32\drivers\UMDF 2008-07-03 00:15:51 0 d-------- C:\WINDOWS\system32\CatRoot_bak 2008-07-03 00:13:54 0 d-------- C:\WINDOWS\system32\PreInstall 2008-07-03 00:04:20 0 d-------- C:\Program Files\Fichiers communs\LightScribe 2008-07-03 00:03:13 0 d-------- C:\Documents and Settings\Christophe\Application Data\Ahead 2008-07-03 00:02:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead 2008-07-02 23:58:42 0 d-------- C:\Program Files\Nero 2008-07-02 23:58:42 0 d-------- C:\Program Files\Fichiers communs\Ahead 2008-07-02 23:58:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-07-02 23:57:29 0 d-------- C:\WINDOWS\RegisteredPackages 2008-07-02 23:39:34 0 d--hs---- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-07-02 23:39:16 0 d-------- C:\Program Files\Windows Live 2008-07-02 23:39:08 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-07-02 23:38:11 0 d--h----- C:\WINDOWS\msdownld.tmp 2008-07-02 23:37:58 0 d-------- C:\WINDOWS\system32\fr-fr 2008-07-02 23:36:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-07-02 23:28:35 0 d-------- C:\Program Files\Labtec 2008-07-02 23:23:07 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2008-07-02 23:18:04 0 d-------- C:\Program Files\ma-config.com 2008-07-02 23:18:04 0 d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-07-02 23:16:21 0 d-------- C:\Documents and Settings\Christophe\Application Data\Macromedia 2008-07-02 23:14:07 0 d-------- C:\Program Files\Alice 2008-07-02 23:11:46 0 d-------- C:\Documents and Settings\Christophe\Application Data\Google 2008-07-02 23:11:01 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ 2008-07-02 22:59:18 0 d-------- C:\Program Files\Google 2008-07-02 22:59:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Google 2008-07-02 22:55:34 0 d--h----- C:\Documents and Settings\Christophe\Voisinage réseau 2008-07-02 22:55:34 0 d--h----- C:\Documents and Settings\Christophe\Voisinage d'impression 2008-07-02 22:55:34 0 dr-h----- C:\Documents and Settings\Christophe\SendTo 2008-07-02 22:55:34 3407872 --ah----- C:\Documents and Settings\Christophe\NTUSER.DAT 2008-07-02 22:55:34 0 d--h----- C:\Documents and Settings\Christophe\Modèles 2008-07-02 22:55:34 0 dr------- C:\Documents and Settings\Christophe\Mes documents 2008-07-02 22:55:34 0 dr------- C:\Documents and Settings\Christophe\Menu Démarrer 2008-07-02 22:55:34 0 d--h----- C:\Documents and Settings\Christophe\Local Settings 2008-07-02 22:55:34 0 dr------- C:\Documents and Settings\Christophe\Favoris 2008-07-02 22:55:34 0 d--hs---- C:\Documents and Settings\Christophe\Cookies 2008-07-02 22:55:34 0 d-------- C:\Documents and Settings\Christophe\Bureau 2008-07-02 22:55:34 0 d--h----- C:\Documents and Settings\Christophe\Application Data 2008-07-02 22:55:34 0 d-------- C:\Documents and Settings\Christophe\Application Data\Symantec 2008-07-02 22:55:34 0 d-------- C:\Documents and Settings\Christophe\Application Data\Identities 2008-07-02 22:55:34 0 d-------- C:\Documents and Settings\Christophe\Application Data\Adobe 2008-07-02 22:54:33 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT 2008-07-02 22:54:30 0 d-------- C:\Documents and Settings\Default User\Application Data\Symantec 2008-07-02 22:54:30 0 d-------- C:\Documents and Settings\Default User\Application Data\Identities 2008-07-02 22:54:30 0 d-------- C:\Documents and Settings\Default User\Application Data\Adobe 2008-07-02 22:52:25 0 d-------- C:\WINDOWS\system32\SoftwareDistribution 2008-06-11 02:07:20 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-06-11 02:03:26 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2008-06-11 02:03:26 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-06-11 02:03:20 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2008-06-11 02:03:20 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2008-06-11 02:03:20 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®> 2008-06-11 02:03:20 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2008-06-11 02:03:18 683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> -- Find3M Report --------------------------------------------------------------- 2008-07-03 01:40:52 446984 --a------ C:\WINDOWS\system32\perfh00C.dat 2008-07-03 01:40:52 64724 --a------ C:\WINDOWS\system32\perfc00C.dat 2008-05-23 00:18:54 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{16290192-54F0-416B-8CF5-2236F422FF94}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36BDFA57-76DE-4815-B69F-5E99DF42434B}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] 30/06/2008 13:44 349552 --a------ C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68B835C9-BF3E-4AD0-90C4-B34C51609A82}] C:\WINDOWS\system32\byXrSICT.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] 03/07/2008 01:14 116088 --a------ C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7D8F380F-E933-4E5E-8646-CF8CD05AB32D}] C:\WINDOWS\system32\khfGvtuS.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d2c60a23-2b4c-49df-ac18-73aab5ec9edc}] C:\WINDOWS\system32\ingmck.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll [30/06/2008 13:44 349552] [-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}] [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1] [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [07/01/2005 17:07 C:\WINDOWS\system32\HdAShCut.exe] "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [11/05/2005 18:15] "@"="" [] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [15/07/2004 01:07] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [05/08/2004 05:00] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [05/08/2004 05:00] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 05:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 05:00] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25] "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [21/06/2005 15:39] "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [21/06/2005 15:28] "RTHDCPL"="RTHDCPL.EXE" [27/06/2008 11:23 C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [19/06/2008 16:20 C:\WINDOWS\Alcmtr.exe] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [01/03/2007 15:57] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [25/01/2008 19:47] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [07/02/2008 00:49] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [14/04/2005 21:05] "RegistryMechanic"="" [] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12/02/2008 10:06] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [03/07/2008 03:47] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [16/06/2004 06:03] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [16/06/2004 06:03] "Classic TV Pro Remote"="C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Remote.exe" [04/04/2006 18:30] "Schedule"="C:\Program Files\Classic TV Pro Vision\Classic TV Pro\Schedule.exe" [22/06/2006 14:14] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 01:19] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 05:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [02/07/2008 23:11] "LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [15/05/2007 17:12] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [01/06/2007 10:21] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12/06/2008 13:49] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43] "updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [30/03/2006 16:45] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/04/2008 03:38:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{7D8F380F-E933-4E5E-8646-CF8CD05AB32D}"= C:\WINDOWS\system32\khfGvtuS.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfGvtuS] khfGvtuS.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\byXrSICT [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" *Newly Created Service* - COMHOST [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe" -- End of Deckard's System Scanner: finished at 2008-07-06 11:09:10 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Édition familiale (build 2600) SP 2.0 Architecture: X86; Language: French CPU 0: Intel® Pentium® 4 CPU 2.93GHz Percentage of Memory in Use: 59% Physical Memory (total/avail): 895.36 MiB / 366.98 MiB Pagefile Memory (total/avail): 2168.87 MiB / 1544.95 MiB Virtual Memory (total/avail): 2047.88 MiB / 1915.86 MiB A: is Removable (No Media) C: is Fixed (FAT32) - 91.18 GiB total, 75.87 GiB free. E: is Fixed (FAT32) - 92.15 GiB total, 17.78 GiB free. F: is CDROM (No Media) G: is CDROM (No Media) H: is Removable (No Media) I: is Removable (No Media) J: is Removable (No Media) K: is Removable (No Media) \\.\PHYSICALDRIVE0 - ST320082 6AS SCSI Disk Device - 186.31 GiB - 3 partitions \PARTITION0 - Unknown - 2.93 GiB \PARTITION1 (bootable) - Unknown - 91.2 GiB - C: \PARTITION2 - Étendu avec Inter. 13 étendue - 92.17 GiB - E: \\.\PHYSICALDRIVE1 - Generic 2.0 Reader-CF USB Device \\.\PHYSICALDRIVE4 - Generic 2.0 Reader-MS USB Device \\.\PHYSICALDRIVE3 - Generic 2.0 Reader-SD USB Device \\.\PHYSICALDRIVE2 - Generic 2.0 Reader-SM/xD USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FirstRunDisabled is set. FW: Norton Internet Security v15.5.0.23 (Symantec Corporation) AV: Norton Internet Security v15.5.0.23 (Symantec Corporation) AV: Avira AntiVir PersonalEdition v8.0.1.18 (Avira GmbH) AV: avast! antivirus 4.8.1201 [VPS 080705-0] v4.8.1201 (ALWIL Software) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail" "C:\\Program Files\\Messenger\\MSMSGS.EXE"="C:\\Program Files\\Messenger\\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Christophe\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Fichiers communs COMPUTERNAME=CHRISTOPHE ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Christophe LOGONSERVER=\\CHRISTOPHE NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625;C:\Program Files\Fichiers communs\Ahead\Lib\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0401 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp TMP=C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp USERDOMAIN=CHRISTOPHE USERNAME=Christophe USERPROFILE=C:\Documents and Settings\Christophe windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Christophe (admin) Khio (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U --> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf AbiWord 2.6.3 --> C:\Program Files\AbiSuite2\UninstallAbiWord2.exe Acer eConsole --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC028E6B-F3F1-4192-B63E-A7C97302ED5A}\setup.exe" -l0x40c Acer eMode Management --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65CDEC30-4BF4-48FB-8059-9FC480E4E94F}\setup.exe" -l0x40c Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002} AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} ATI - Utilitaire de désinstallation du logiciel --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Control Panel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE ccCommon --> MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118} CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Classic TV Pro --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{ABE397F7-9C1B-43B9-BF59-39884FE3A7EB} /l1036 Classic TV Pro Driver --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{2E2AF13B-0E03-42F1-B290-08AF0BD6AE0B} Component Framework --> MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09} Correctif pour Windows XP (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Correctif Windows XP - KB867282 --> C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890047 --> C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe Correctif Windows XP - KB890175 --> C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB890923 --> "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe" Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Correctif Windows XP - KB893086 --> "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe" DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER FlySuite v.1.1 --> C:\Documents and Settings\Christophe\Application Data\FlySuite\uninstall.exe GIMP 2.4.6 --> "C:\Program Files\GIMP-2.0\setup\unins000.exe" Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" IncrediMail Xe --> C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020} Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Kit de Connexion Alice ADSL --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel LimeWire 4.18.3 --> "C:\Program Files\LimeWire\uninstall.exe" LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206} Ma-Config.com --> MsiExec.exe /X{06526E3A-92DD-4F45-90CD-902953F1A8D2} Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Money 2000 Standard --> C:\Program Files\Microsoft Money\setup\setup.exe Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB932823-v3) --> "C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP Nero 7 Essentials --> MsiExec.exe /X{1DED92A7-05FA-4736-8AEA-1BE2363F1036} neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Norton AntiVirus --> MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2} Norton AntiVirus Help --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555} Norton Confidential Core --> MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2} Norton Internet Security --> MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D} Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Setup.exe" /X Norton Protection Center --> MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB} NTI Backup NOW! 4 --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4 NTI CD & DVD-Maker --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 NTI HomeVideo-Maker --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}\setup.exe" -l0x40c PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe" PowerDVD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe" SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spyware Terminator --> "C:\Program Files\Spyware Terminator\unins000.exe" Symantec Real Time Storage Protection Component --> MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A} USB-USB Network Bridge v1.8.0.0 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACA86100-5677-11D4-ADCE-0050BABCD810}\Setup.exe" Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Tools 4.0 --> C:\Program Files\Windows Media Components\Tools\_insttoo.exe /U Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -- Application Event Log ------------------------------------------------------- Event Record #/Type1781 / Warning Event Submitted/Written: 07/06/2008 11:08:02 AM Event ID/Source: 4113 / Avira AntiVir Event Description: TR/Monder.104448.2C:\WINDOWS\system32\jwgntqpi.dll Event Record #/Type1775 / Warning Event Submitted/Written: 07/06/2008 10:18:37 AM Event ID/Source: 32068 / Microsoft Fax Event Description: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement. Code de pays/région : '*' Indicatif régional : '*' Event Record #/Type1774 / Warning Event Submitted/Written: 07/06/2008 10:18:37 AM Event ID/Source: 32026 / Microsoft Fax Event Description: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI). Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé. Event Record #/Type1771 / Warning Event Submitted/Written: 07/06/2008 10:18:09 AM Event ID/Source: 1001 / MsiInstaller Event Description: Échec de détection du produit '{2E2AF13B-0E03-42F1-B290-08AF0BD6AE0B}', fonctionnalité 'DefaultFeature' lors de la demande du composant '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}' Event Record #/Type1770 / Warning Event Submitted/Written: 07/06/2008 10:18:09 AM Event ID/Source: 1004 / MsiInstaller Event Description: Échec de détection du produit '{2E2AF13B-0E03-42F1-B290-08AF0BD6AE0B}', fonctionnalité 'DefaultFeature', composant '{5CC2D105-DDDD-4EC4-8B74-750194E57B99}. La ressource 'HKEY_CURRENT_USER\Software\InstallShield\UpdateService\' n'existe pas -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type3154 / Error Event Submitted/Written: 07/06/2008 10:34:39 AM Event ID/Source: 4 / SRTSP Event Description: Error loading virus definitions. Event Record #/Type3126 / Error Event Submitted/Written: 07/06/2008 10:18:44 AM Event ID/Source: 7000 / Service Control Manager Event Description: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur : %%1053 Event Record #/Type3125 / Error Event Submitted/Written: 07/06/2008 10:18:44 AM Event ID/Source: 7009 / Service Control Manager Event Description: Délai (30000 millisecondes) d'attente pour une connexion du service Planificateur LiveUpdate automatique. Event Record #/Type3122 / Warning Event Submitted/Written: 07/06/2008 10:17:37 AM Event ID/Source: 1007 / Dhcp Event Description: Votre ordinateur a automatiquement configuré l'adresse IP pour la carte avec l'adresse réseau 00507701FF8D. L'adresse IP utilisée est 169.254.55.114. Event Record #/Type3076 / Error Event Submitted/Written: 07/05/2008 00:17:57 PM Event ID/Source: 7000 / Service Control Manager Event Description: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur : %%1053 -- End of Deckard's System Scanner: finished at 2008-07-06 11:09:10 ------------ Oups je crois que je l'ai copier deux fois! sorry! Bon Dimanche à toi et à tous!

et voilà la catastrophe est arrivée. Une surtentension EDF et windows a été endommagé. Impossible de redemmarer mon PC. il tourne en boucle entre la page ACER et la debut de page windows qui ne se relance pas. ni en mode sans échec, ni en mode bios... J'ai donc redemmmarer avec le CD master et bien évidemment j'ai perdu tous mes fichiers . Y a t-il un hypothétique moyen de lesreccuperer je ne sais ou? J'ai ensuite reintaller quelques programmes de bases et antivir me lance une alerte trojan Mundo/gen pour les fichiers suivants : byXrSICT.dll et KhfGvtus.dll Que dois-je faire? Quels antivirus, antispywares ect dois privilegier sur mon PC? Décidemment l'informatique est vraiment une énigme pour moi!!! Bonne journée à toi Thanos et à tout le monde!

voivi le dernier rapport : Fichier SystemInfo32.sys reçu le 2008.06.29 13:44:37 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/33 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: ___. L'heure estimée de démarrage est entre ___ et ___ . Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.6.27.1 2008.06.29 - AntiVir 7.8.0.59 2008.06.28 - Authentium 5.1.0.4 2008.06.29 - Avast 4.8.1195.0 2008.06.28 - AVG 7.5.0.516 2008.06.29 - BitDefender 7.2 2008.06.29 - CAT-QuickHeal 9.50 2008.06.28 - ClamAV 0.93.1 2008.06.28 - DrWeb 4.44.0.09170 2008.06.28 - eSafe 7.0.17.0 2008.06.26 - eTrust-Vet 31.6.5911 2008.06.27 - Ewido 4.0 2008.06.27 - F-Prot 4.4.4.56 2008.06.29 - F-Secure 7.60.13501.0 2008.06.26 - Fortinet 3.14.0.0 2008.06.29 - GData 2.0.7306.1023 2008.06.29 - Ikarus T3.1.1.26.0 2008.06.29 - Kaspersky 7.0.0.125 2008.06.29 - McAfee 5327 2008.06.27 - Microsoft 1.3704 2008.06.29 - NOD32v2 3225 2008.06.29 - Norman 5.80.02 2008.06.27 - Panda 9.0.0.4 2008.06.29 - Prevx1 V2 2008.06.29 - Rising 20.50.62.00 2008.06.29 - Sophos 4.30.0 2008.06.29 - Sunbelt 3.0.1176.1 2008.06.26 - Symantec 10 2008.06.29 - TheHacker 6.2.96.364 2008.06.28 - TrendMicro 8.700.0.1004 2008.06.27 - VBA32 3.12.6.8 2008.06.29 - VirusBuster 4.5.11.0 2008.06.23 - Webwasher-Gateway 6.6.2 2008.06.29 - Information additionnelle File size: 14 bytes MD5...: 58d904a2fa970bc23b636c47cb60e649 SHA1..: 480556e9f81dbeec70c59cd54a21303bcf232d33 SHA256: e8fe555c024b59bff681e653e4bb1b5550f4d8052147a335d8487d6d3a976545 SHA512: 0b5e41c989518dc1c6fc4aa9439eb3a7d559bb28a1d168458a12a4e6f7ac6a0b 250bce7faa42091ffdaaae3082fc2a542452b1f1d160838408f6286a59d70fc0 PEiD..: - PEInfo: - le dossier : C:\63576975dda3d7b88dc8a59a contient un dossier update et des fichiers Dll . Comment te le faire parvenir??? Bon dimanche !

dans le fichier C:/63576975dda3d7b88dc8a59a il y le dossier update et des fichiers DLL @+ et bon dimanche dans le fichier C:/63576975dda3d7b88dc8a59a il y le dossier update et des fichiers DLL @+ et bon dimanche

voici le resultat de virustotal : Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.6.27.1 2008.06.27 - AntiVir 7.8.0.59 2008.06.28 - Authentium 5.1.0.4 2008.06.29 - Avast 4.8.1195.0 2008.06.28 - AVG 7.5.0.516 2008.06.29 - BitDefender 7.2 2008.06.29 - CAT-QuickHeal 9.50 2008.06.28 - ClamAV 0.93.1 2008.06.28 - DrWeb 4.44.0.09170 2008.06.28 - eSafe 7.0.17.0 2008.06.26 - eTrust-Vet 31.6.5911 2008.06.27 - Ewido 4.0 2008.06.27 - F-Prot 4.4.4.56 2008.06.29 - F-Secure 7.60.13501.0 2008.06.26 - Fortinet 3.14.0.0 2008.06.28 - GData 2.0.7306.1023 2008.06.29 - Ikarus T3.1.1.26.0 2008.06.29 - Kaspersky 7.0.0.125 2008.06.29 - McAfee 5327 2008.06.27 - Microsoft 1.3704 2008.06.29 - NOD32v2 3225 2008.06.29 - Norman 5.80.02 2008.06.27 - Panda 9.0.0.4 2008.06.28 - Prevx1 V2 2008.06.29 - Rising 20.50.52.00 2008.06.28 - Sophos 4.30.0 2008.06.29 - Sunbelt 3.0.1176.1 2008.06.26 - Symantec 10 2008.06.29 - TheHacker 6.2.96.364 2008.06.28 - TrendMicro 8.700.0.1004 2008.06.27 - VBA32 3.12.6.8 2008.06.28 - VirusBuster 4.5.11.0 2008.06.23 - Webwasher-Gateway 6.6.2 2008.06.28 - Information additionnelle File size: 14 bytes MD5...: 58d904a2fa970bc23b636c47cb60e649 SHA1..: 480556e9f81dbeec70c59cd54a21303bcf232d33 SHA256: e8fe555c024b59bff681e653e4bb1b5550f4d8052147a335d8487d6d3a976545 SHA512: 0b5e41c989518dc1c6fc4aa9439eb3a7d559bb28a1d168458a12a4e6f7ac6a0b 250bce7faa42091ffdaaae3082fc2a542452b1f1d160838408f6286a59d70fc0 PEiD..: - PEInfo: -

Bonjour Thanos, Je te poste le dernier rapport que tu m'as demandé. Mon PC retrouve de la vigueur, je peux télécharger certains fichiers.exe (commeDr.Web Cureit par ex) mais je ne peux toujours pas faire toutes les mises à jour logicielles comme celles de mes drivers par" touslesdrivers.com" Voici donc le dernier rapport... il y a eu encore un sacré nettoyage! à croire que je ne fais pas le ménage très souvent!!! maconfservice.exe c:\program files\ma-config.com Probablement BACKDOOR.Trojan a C:\ Trojan.Packed.512 Supprimé. Process.exe C:\WINDOWS\system32 Tool.Prockill IEDFix.exe C:\WINDOWS\system32 BackDoor.IRC.Chazz.38 Supprimé. 404Fix.exe C:\WINDOWS\system32 BackDoor.IRC.Chazz.38 Supprimé. IEDFix.C.exe C:\WINDOWS\system32 BackDoor.IRC.Chazz.38 Supprimé. RegUBP2b-nemausus8.reg C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2 Trojan.StartPage.1505 Supprimé. 404Fix.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix BackDoor.IRC.Chazz.38 Supprimé. GenericRenosFix.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix BackDoor.IRC.Chazz.38 Supprimé. IEDFix.C.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix BackDoor.IRC.Chazz.38 Supprimé. IEDFix.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix BackDoor.IRC.Chazz.38 Supprimé. Process.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix Tool.Prockill 404Fix.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix.1 BackDoor.IRC.Chazz.38 Supprimé. GenericRenosFix.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix.1 BackDoor.IRC.Chazz.38 Supprimé. IEDFix.C.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix.1 BackDoor.IRC.Chazz.38 Supprimé. IEDFix.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix.1 BackDoor.IRC.Chazz.38 Supprimé. Process.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\SmitfraudFix.1 Tool.Prockill ComboFix.exe\327882R2FWJFW\psexec.cfexe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\ANTIVIRAUX!!!\ComboFix.exe Program.PsExec.171 ComboFix.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\ANTIVIRAUX!!! L'archive contient des éléments infectés Quarantaine. VirtumundoBeGone.exe\data005 C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\ANTIVIRAUX!!!\VirtumundoBeGone.exe Tool.Prockill VirtumundoBeGone.exe C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\SETUP et Outils ANTIVIRAUX\ANTIVIRAUX!!! L'archive contient des éléments infectés Quarantaine. backup-20080625-224444-575.dll C:\Documents and Settings\nemausus8\Bureau\MIS LIMPIADORES\backups Trojan.Fakealert Supprimé. A0004848.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP6 Trojan.Virtumod.based.18 Supprimé. A0004849.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP6 Trojan.Virtumod.based.18 Supprimé. A0004865.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP8 Tool.ShutDown.11 A0004874.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP8 Trojan.Virtumod.based.18 Supprimé. A0004875.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP8 Trojan.Virtumod.based.18 Supprimé. A0005993.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP17 Tool.ShutDown.11 A0006219.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP17 Trojan.Fakealert Supprimé. A0006226.DLL C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18 Trojan.Virtumod.based.18 Supprimé. A0006229.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18 Trojan.Virtumod.based.18 Supprimé. A0006230.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18 Trojan.Virtumod.based.18 Supprimé. A0006231.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18 Trojan.Virtumod.based.18 Supprimé. A0007093.exe\SmitfraudFix\404Fix.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18\A0007093.exe BackDoor.IRC.Chazz.38 A0007093.exe\SmitfraudFix\GenericRenosFix.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18\A0007093.exe BackDoor.IRC.Chazz.38 A0007093.exe\SmitfraudFix\IEDFix.C.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18\A0007093.exe BackDoor.IRC.Chazz.38 A0007093.exe\SmitfraudFix\IEDFix.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18\A0007093.exe BackDoor.IRC.Chazz.38 A0007093.exe\SmitfraudFix\Process.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18\A0007093.exe Tool.Prockill A0007093.exe\SmitfraudFix\restart.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18\A0007093.exe Tool.ShutDown.11 A0007093.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP18 L'archive contient des éléments infectés Quarantaine. A0007216.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007217.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007218.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007219.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007220.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007221.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007222.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007223.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0007224.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP19 Trojan.Virtumod.based.18 Supprimé. A0008086.exe\327882R2FWJFW\psexec.cfexe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21\A0008086.exe Program.PsExec.171 A0008086.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 L'archive contient des éléments infectés Quarantaine. A0008114.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008115.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008116.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008117.reg C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 Trojan.StartPage.1505 Supprimé. A0008118.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008119.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008120.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008121.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008122.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008123.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008124.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008125.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 BackDoor.IRC.Chazz.38 Supprimé. A0008126.exe\327882R2FWJFW\psexec.cfexe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21\A0008126.exe Program.PsExec.171 A0008126.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 L'archive contient des éléments infectés Quarantaine. A0008127.exe\data005 C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21\A0008127.exe Tool.Prockill A0008127.exe C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 L'archive contient des éléments infectés Quarantaine. A0008128.dll C:\System Volume Information\_restore{E27BA98E-2CFC-424E-BDA2-9BF88577901F}\RP21 Trojan.Fakealert Supprimé. bhstkokn.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. cdftycde.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. gpbpnwsr.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. icoroabh.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. msbsvrjh.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. rjiexfvl.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. uvpirepb.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. vynirndo.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. xxchbnhd.dll.vir C:\Recycled\Dc1\Quarantine\C\WINDOWS\system32 Trojan.Virtumod.based.18 Supprimé. Bon week-end à toi et à tous @+

Pour le moment mon PC a retrouvé de la rapidité. Je ne peux toujours pas faire de mise à jour de logiciel! pb de parefeu??? ou autre, i don't know! Le poste de travail met toujours trois plombes pour s'afficher! JE VAIS CRAQUER! non je plaisante! Merci encore Thanos et bonne fin de soirée.

çà y est! mais c'est super long le rapport de Combofix.. je le poste comme convenu : ComboFix 08-06-20.4 - nemausus8 2008-06-26 20:00:56.1 - FAT32x86 Endroit: C:\Documents and Settings\nemausus8\Bureau\ComboFix.exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BM313e2b3d.xml C:\WINDOWS\cookies.ini C:\WINDOWS\photos.zip C:\WINDOWS\pskt.ini C:\WINDOWS\system32\bhstkokn.dll C:\WINDOWS\system32\bISrCJjl.ini C:\WINDOWS\system32\bISrCJjl.ini2 C:\WINDOWS\system32\bLmnmnpo.ini C:\WINDOWS\system32\bLmnmnpo.ini2 C:\WINDOWS\system32\byolnqgw.ini C:\WINDOWS\system32\cdftycde.dll C:\WINDOWS\system32\CIPqAcdd.ini C:\WINDOWS\system32\CIPqAcdd.ini2 C:\WINDOWS\system32\dvaururf.ini C:\WINDOWS\system32\emxerugi.ini C:\WINDOWS\system32\eNUBaccf.ini C:\WINDOWS\system32\eNUBaccf.ini2 C:\WINDOWS\system32\extdsfph.ini C:\WINDOWS\system32\gpbpnwsr.dll C:\WINDOWS\system32\gupvtdrb.ini C:\WINDOWS\system32\gupvtdrb.ini2 C:\WINDOWS\system32\gupvtdrb.tmp C:\WINDOWS\system32\hqlxtwob.ini C:\WINDOWS\system32\icoroabh.dll C:\WINDOWS\system32\iqljugnw.ini C:\WINDOWS\system32\iyajffqj.ini C:\WINDOWS\system32\kimbpwug.ini C:\WINDOWS\system32\KTwFLkkj.ini C:\WINDOWS\system32\KTwFLkkj.ini2 C:\WINDOWS\system32\LRAcKkkj.ini C:\WINDOWS\system32\LRAcKkkj.ini2 C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\msbsvrjh.dll C:\WINDOWS\system32\MTutsBeg.ini C:\WINDOWS\system32\MTutsBeg.ini2 C:\WINDOWS\system32\muhaobyn.ini C:\WINDOWS\system32\nekcbjsf.ini C:\WINDOWS\system32\oavfqvbm.ini C:\WINDOWS\system32\qqyeytlk.ini C:\WINDOWS\system32\rffmweqq.ini C:\WINDOWS\system32\rjiexfvl.dll C:\WINDOWS\system32\rqBbaGgh.ini C:\WINDOWS\system32\rqBbaGgh.ini2 C:\WINDOWS\system32\sugbfxfg.ini C:\WINDOWS\system32\TAbHPXyb.ini C:\WINDOWS\system32\TAbHPXyb.ini2 C:\WINDOWS\system32\uvpirepb.dll C:\WINDOWS\system32\veknrtrx.ini C:\WINDOWS\system32\vynirndo.dll C:\WINDOWS\system32\xdpjmbrl.ini C:\WINDOWS\system32\xxchbnhd.dll C:\WINDOWS\system32\YcLUvyay.ini C:\WINDOWS\system32\YcLUvyay.ini2 C:\WINDOWS\system32\yyFLoqru.ini C:\WINDOWS\system32\yyFLoqru.ini2 . ((((((((((((((((((((((((((((( Fichiers créés 2008-05-26 to 2008-06-26 )))))))))))))))))))))))))))))))))))) . 2008-06-26 13:22 . 2008-06-26 13:22 <REP> d-------- C:\VundoFix Backups 2008-06-25 17:29 . 2008-06-25 17:29 <REP> d-------- C:\WINDOWS\DirectX 2008-06-25 08:26 . 2008-06-25 08:26 262,144 --a------ C:\ntuser.dat 2008-06-25 06:09 . 2008-06-25 06:09 <REP> d-------- C:\Program Files\BillP Studios 2008-06-25 06:09 . 2008-06-25 06:09 <REP> d-------- C:\Documents and Settings\nemausus8\Application Data\WinPatrol 2008-06-25 04:45 . 2008-06-25 04:45 <REP> d-------- C:\Program Files\Avira 2008-06-25 04:45 . 2008-06-25 04:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-06-24 22:44 . 2008-06-24 22:44 <REP> d-------- C:\WINDOWS\ClamWin Portable 2008-06-24 12:44 . 2008-06-24 12:44 <REP> d-------- C:\Program Files\Trend Micro 2008-06-24 12:41 . 2008-06-24 12:41 <REP> d-------- C:\Program Files\Lavasoft 2008-06-24 12:40 . 2008-06-24 12:40 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-06-23 21:01 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-06-23 21:01 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-06-23 21:01 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe 2008-06-23 21:01 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-06-23 21:01 . 2008-06-15 15:28 81,920 --a------ C:\WINDOWS\system32\IEDFix.C.exe 2008-06-23 21:01 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe 2008-06-23 21:01 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-06-23 21:01 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-06-23 21:01 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-06-23 20:16 . 2008-06-23 20:16 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-06-23 20:12 . 2008-06-25 06:35 5,058 --a------ C:\WINDOWS\system32\tmp.reg 2008-06-23 19:57 . 2008-06-23 19:57 <REP> d-------- C:\Program Files\Spyware Terminator 2008-06-23 19:57 . 2008-06-23 19:57 <REP> d-------- C:\Documents and Settings\nemausus8\Application Data\Spyware Terminator 2008-06-23 19:57 . 2008-06-23 19:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2008-06-23 19:57 . 2008-06-23 19:57 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2008-06-23 17:28 . 2008-06-23 17:28 41 --a------ C:\WINDOWS\system32\Filzip.ini 2008-06-23 12:31 . 2008-06-23 12:31 <REP> d-------- C:\Program Files\Wyzo 2008-06-22 12:51 . 2008-06-22 12:51 <REP> d-------- C:\Program Files\Philips Flat Panel Adjust 2008-06-22 12:39 . 2008-06-22 12:39 22 --a------ C:\WINDOWS\system32\ati64hlp.stb 2008-06-22 10:53 . 2008-06-22 10:53 <REP> d-------- C:\WINDOWS\IE5 2008-06-22 10:42 . 2008-06-22 10:42 22 --a------ C:\WINDOWS\system32\ati64hl2.stb 2008-06-21 08:20 . 2005-04-15 16:39 299,008 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2008-06-21 08:20 . 2005-04-09 08:42 87,540 -ra------ C:\WINDOWS\system32\atiicdxx.dat 2008-06-21 08:20 . 2005-01-29 06:12 9,684 -ra------ C:\WINDOWS\system32\atifglpf.xml 2008-06-21 01:07 . 2008-06-25 14:30 58,760 --a------ C:\symlcsv1.exe 2008-06-19 21:18 . 2008-06-19 21:18 <REP> d-a------ C:\Program Files\lg_fwupdate 2008-06-19 21:18 . 1998-07-22 00:00 102,160 -ra------ C:\WINDOWS\system32\VB6KO.DLL 2008-06-19 21:18 . 2006-02-17 14:19 16,384 -ra------ C:\WINDOWS\system32\lgfwunis.exe 2008-06-19 21:18 . 2008-06-20 08:16 324 -ra------ C:\WINDOWS\lgfwup.ini 2008-06-19 21:10 . 2008-06-19 21:10 <REP> d-a------ C:\MyWorks 2008-06-19 21:09 . 2001-03-08 18:30 24,064 -ra------ C:\WINDOWS\system32\msxml3a.dll 2008-06-19 21:06 . 2008-06-19 21:06 54,156 -ra------ C:\WINDOWS\QTFont.qfn 2008-06-19 21:06 . 2008-06-19 21:06 1,409 -ra------ C:\WINDOWS\QTFont.for 2008-06-19 07:54 . 2008-06-20 08:23 41 -ra------ C:\WINDOWS\Filzip.ini 2008-06-19 07:52 . 2008-06-19 07:52 <REP> d-a------ C:\LameAC3 2008-06-19 07:49 . 2008-06-19 07:49 <REP> d-a------ C:\Program Files\Filzip 2008-06-18 23:32 . 2008-06-18 23:32 <REP> d-a------ C:\Program Files\VirtualDubMOD 2008-06-17 22:11 . 2008-06-17 22:11 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\DVD X Studios 2008-06-17 22:11 . 2008-06-17 22:11 14 -ra------ C:\WINDOWS\system32\SystemInfo32.sys 2008-06-17 21:38 . 2008-06-17 21:38 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\CyberLink 2008-06-17 20:47 . 2008-06-17 20:47 <REP> d-a------ C:\Documents and Settings\nemaus8\Application Data\Todae 2008-06-17 19:15 . 2008-06-17 21:02 11 -ra------ C:\WINDOWS\egypte.ini 2008-06-17 19:14 . 1998-02-06 23:39 304,128 -ra------ C:\WINDOWS\unin040c.exe 2008-06-17 05:28 . 2008-06-17 05:28 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-16 21:33 . 2008-06-16 21:33 <REP> d-a------ C:\Documents and Settings\nemausus8\Application Data\DivX 2008-06-16 21:07 . 2008-05-23 00:22 129,784 -ra------ C:\WINDOWS\system32\pxafs.dll 2008-06-16 21:07 . 2008-05-23 00:22 9,464 -ra------ C:\WINDOWS\system32\drivers\cdralw2k.sys 2008-06-16 21:07 . 2008-05-23 00:22 9,336 -ra------ C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-06-16 21:01 . 2008-06-16 21:01 <REP> d-a------ C:\Program Files\MediaInfo 2008-06-16 20:03 . 2008-06-16 20:03 <REP> d--hs---- C:\FOUND.035 2008-06-16 19:54 . 2008-06-16 23:37 23,392 -ra------ C:\WINDOWS\system32\nscompat.tlb 2008-06-16 19:54 . 2008-06-16 23:37 16,832 -ra------ C:\WINDOWS\system32\amcompat.tlb 2008-06-16 19:48 . 2008-06-16 19:48 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\NtiDvdCopy 2008-06-16 18:47 . 2008-06-16 18:47 <REP> d-a------ C:\Documents and Settings\nemausus8\Application Data\vlc 2008-06-16 18:46 . 2008-06-16 18:46 <REP> d-a------ C:\Documents and Settings\nemausus8\Application Data\dvdcss 2008-06-16 18:44 . 2008-06-16 18:45 <REP> d-a------ C:\Program Files\VideoLAN 2008-06-16 15:43 . 2005-05-03 18:43 69,632 -ra------ C:\WINDOWS\Alcmtr.exe 2008-06-16 15:28 . 2008-06-16 15:28 <REP> d--hs---- C:\FOUND.034 2008-06-16 07:33 . 2008-06-16 07:33 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\ATI 2008-06-16 07:26 . 2008-06-16 07:26 <REP> d-a------ C:\Documents and Settings\nemausus8Application Data\Logitech 2008-06-16 07:26 . 2008-06-16 07:26 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\LogiShrd 2008-06-16 07:24 . 2008-06-16 07:24 0 -ra------ C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-06-16 07:24 . 2008-06-16 07:24 0 -ra------ C:\WINDOWS\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf 2008-06-16 07:24 . 2008-06-16 07:24 0 -ra------ C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2008-06-16 07:23 . 2008-05-02 02:38 301,656 -ra------ C:\WINDOWS\system32\BtCoreIf.dll 2008-06-16 07:23 . 2008-05-02 02:39 170,512 -ra------ C:\WINDOWS\system32\kemutb.dll 2008-06-16 07:23 . 2008-05-02 02:39 145,936 -ra------ C:\WINDOWS\system32\KemUtil.dll 2008-06-16 07:23 . 2008-05-02 02:40 117,264 -ra------ C:\WINDOWS\system32\KemWnd.dll 2008-06-16 07:23 . 2008-05-02 02:40 84,496 -ra------ C:\WINDOWS\system32\KemXML.dll 2008-06-16 07:22 . 2008-06-16 07:22 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\Logitech 2008-06-16 07:19 . 2008-06-16 07:19 <REP> d-a------ C:\Program Files\WIDCOMM 2008-06-16 07:19 . 2008-06-16 07:19 <REP> d-a------ C:\Program Files\Logitech 2008-06-16 07:19 . 2008-06-16 07:19 <REP> d-a------ C:\Documents and Settings\nemausus8\Application Data\InstallShield 2008-06-16 07:19 . 2006-12-04 14:33 863,402 -ra------ C:\WINDOWS\system32\drivers\btkrnl.sys 2008-06-16 07:19 . 2006-12-04 14:33 329,901 -ra------ C:\WINDOWS\system32\drivers\btaudio.sys 2008-06-16 07:19 . 2006-12-04 14:33 106,557 -ra------ C:\WINDOWS\system32\btw_ci.dll 2008-06-16 07:19 . 2006-12-04 14:33 30,459 -ra------ C:\WINDOWS\system32\drivers\btport.sys 2008-06-16 07:09 . 2008-06-16 07:09 <REP> d-a------ C:\Program Files\Fichiers communs\LogiShrd 2008-06-16 07:09 . 2008-06-16 07:09 <REP> d-a------ C:\Program Files\Fichiers communs\Labtec 2008-06-16 07:09 . 2003-02-21 04:42 348,160 -ra------ C:\WINDOWS\system\msvcr71.dll 2008-06-16 07:09 . 2007-03-06 17:51 129,824 -ra------ C:\WINDOWS\system32\lvci1051.dll 2008-06-16 07:09 . 2007-03-06 16:03 13,398 -ra------ C:\WINDOWS\system32\Repository.reg 2008-06-16 07:08 . 2008-06-16 07:08 <REP> d-a------ C:\Program Files\Labtec 2008-06-16 07:03 . 2008-06-16 07:03 <REP> d-a------ C:\Pilotes-USB-SX202 2008-06-15 23:07 . 2008-06-15 23:07 <REP> d-a------ C:\Documents and Settings\nemausus8\Application Data\ATI 2008-06-15 00:51 . 2008-06-15 00:51 <REP> d-a------ C:\WINDOWS\PIF 2008-06-15 00:10 . 2008-06-15 00:10 <REP> d--hs---- C:\FOUND.033 2008-06-14 23:53 . 2008-06-14 23:53 0 -ra------ C:\WINDOWS\ativpsrm.bin 2008-06-14 23:46 . 2008-06-14 23:46 <REP> d-a------ C:\TECHGEAR 2008-06-14 21:23 . 2004-04-29 08:09 651,480 -ra------ C:\WINDOWS\system32\drivers\kb835221.exe 2008-06-14 21:22 . 2001-11-13 21:24 35,587 -ra------ C:\WINDOWS\system32\rm5287.exe 2008-06-14 21:22 . 2006-02-24 22:47 24,887 -ra------ C:\WINDOWS\system32\unM5287.exe 2008-06-14 21:22 . 2005-12-28 03:32 9,621 -ra------ C:\WINDOWS\system32\drivers\ulisata.cat 2008-06-14 21:16 . 2008-06-14 21:16 <REP> d-a------ C:\Program Files\ma-config.com 2008-06-14 21:16 . 2008-06-14 21:16 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-06-14 20:28 . 2008-06-14 20:57 315,392 -ra------ C:\WINDOWS\HideWin.exe 2008-06-14 19:39 . 2008-06-14 19:39 <REP> d-a------ C:\Program Files\ATI Technologies 2008-06-14 19:20 . 2002-04-27 11:39 226,816 -ra------ C:\WINDOWS\system32\htvcdsvcd70.ax 2008-06-14 19:18 . 2008-06-14 19:18 <REP> d-a------ C:\Program Files\Fichiers communs\NewTech Infosystems 2008-06-14 18:20 . 2008-06-14 18:20 <REP> d-a------ C:\Program Files\PC Inspector File Recovery 2008-06-14 18:20 . 2002-02-18 18:40 6,200 -ra------ C:\WINDOWS\system32\INT13EXT.VXD 2008-06-14 14:26 . 2008-06-14 14:26 <REP> d-a------ C:\Program Files\AC3Filter 2008-06-14 14:15 . 2008-06-14 14:15 <REP> d-a------ C:\WINDOWS\Downloaded Installations 2008-06-14 14:14 . 2008-06-14 14:14 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation 2008-06-14 14:01 . 2008-06-14 14:01 <REP> d-a------ C:\ATI 2008-06-14 13:57 . 2007-11-14 15:18 553 -ra------ C:\WINDOWS\USetup.iss 2008-06-14 13:56 . 2007-11-20 18:15 1,826,816 -ra------ C:\WINDOWS\SkyTel.exe 2008-06-14 13:56 . 2008-04-02 09:27 1,196,032 -ra------ C:\WINDOWS\RtlUpd.exe 2008-06-14 13:53 . 2008-06-14 13:53 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\SymplisIT 2008-06-14 11:20 . 2008-06-14 11:20 <REP> d--hs---- C:\FOUND.032 2008-06-14 11:09 . 2008-06-14 11:09 <REP> d-a------ C:\63576975dda3d7b88dc8a59a 2008-06-14 10:47 . 2008-05-08 16:02 203,136 -ra------ C:\WINDOWS\system32\dllcache\rmcast.sys 2008-06-14 10:46 . 2008-04-14 17:59 272,768 -ra------ C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-14 09:24 . 2005-06-13 16:28 671,744 -ra------ C:\WINDOWS\system32\DolbyHph.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-17 19:35 505,128 ----a-r C:\WINDOWS\system32\msvcp71.dll 2008-06-17 19:35 353,576 ----a-r C:\WINDOWS\system32\msvcr71.dll 2008-06-14 17:17 6,144 ----a-r C:\WINDOWS\system32\drivers\NTIDrvr.sys 2008-06-14 12:14 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-06-14 12:14 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL 2008-06-14 12:14 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-06-14 12:14 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-06-02 16:10 4,752,384 ----a-r C:\WINDOWS\system32\drivers\RtkHDAud.sys 2008-05-30 23:22 823,296 ----a-r C:\WINDOWS\system32\divx_xx0c.dll 2008-05-30 23:22 823,296 ----a-r C:\WINDOWS\system32\divx_xx07.dll 2008-05-30 23:22 815,104 ----a-r C:\WINDOWS\system32\divx_xx0a.dll 2008-05-30 23:22 802,816 ----a-r C:\WINDOWS\system32\divx_xx11.dll 2008-05-30 23:22 683,520 ----a-r C:\WINDOWS\system32\DivX.dll 2008-05-30 23:22 593,920 ----a-r C:\WINDOWS\system32\dpuGUI11.dll 2008-05-30 23:22 57,344 ----a-r C:\WINDOWS\system32\dpv11.dll 2008-05-30 23:22 53,248 ----a-r C:\WINDOWS\system32\dpuGUI10.dll 2008-05-30 23:22 344,064 ----a-r C:\WINDOWS\system32\dpus11.dll 2008-05-30 23:22 294,912 ----a-r C:\WINDOWS\system32\dpu11.dll 2008-05-30 23:22 294,912 ----a-r C:\WINDOWS\system32\dpu10.dll 2008-05-28 12:52 16,862,720 ----a-r C:\WINDOWS\RTHDCPL.exe 2008-05-22 22:22 524,288 ----a-r C:\WINDOWS\system32\DivXsm.exe 2008-05-22 22:22 43,528 ----a-r C:\WINDOWS\system32\drivers\PxHelp20.sys 2008-05-22 22:22 3,596,288 ----a-r C:\WINDOWS\system32\qt-dx331.dll 2008-05-22 22:22 120,056 ----a-r C:\WINDOWS\system32\pxcpyi64.exe 2008-05-22 22:22 118,520 ----a-r C:\WINDOWS\system32\pxinsi64.exe 2008-05-22 22:20 200,704 ----a-r C:\WINDOWS\system32\ssldivx.dll 2008-05-22 22:20 1,044,480 ----a-r C:\WINDOWS\system32\libdivx.dll 2008-05-22 22:19 81,920 ----a-r C:\WINDOWS\system32\dpl100.dll 2008-05-22 22:19 196,608 ----a-r C:\WINDOWS\system32\dtu100.dll 2008-05-22 22:19 161,096 ----a-r C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-05-22 22:18 12,288 ----a-r C:\WINDOWS\system32\DivXWMPExtType.dll 2008-05-22 18:55 --------- d---a-w C:\Program Files\Registry Defender Platinum 2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-05-16 07:33 --------- d---a-w C:\Program Files\Norton Security Scan 2008-05-12 16:30 3,007,488 ----a-r C:\WINDOWS\system32\drivers\ati2mtag.sys 2008-05-12 16:30 3,007,488 ----a-r C:\WINDOWS\system32\dllcache\ati2mtag.sys 2008-05-12 15:54 305,152 ------w C:\WINDOWS\system32\ati2dvag.dll 2008-05-12 15:45 139,264 ----a-r C:\WINDOWS\system32\Oemdspif.dll 2008-05-12 15:32 3,203,168 ------w C:\WINDOWS\system32\ati3duag.dll 2008-05-12 15:22 1,999,616 ------w C:\WINDOWS\system32\ativvaxx.dll 2008-05-12 15:09 47,104 ----a-r C:\WINDOWS\system32\amdpcom32.dll 2008-05-12 15:03 49,152 ----a-r C:\WINDOWS\system32\drivers\ati2erec.dll 2008-05-12 14:57 548,864 ------w C:\WINDOWS\system32\ati2cqag.dll 2008-05-11 19:29 --------- d---a-w C:\Program Files\Sun 2008-05-08 14:02 203,136 ----a-r C:\WINDOWS\system32\drivers\RMCast.sys 2008-05-07 05:11 1,294,336 ----a-r C:\WINDOWS\system32\quartz.dll 2008-05-07 05:11 1,294,336 ----a-r C:\WINDOWS\system32\dllcache\quartz.dll 2008-05-01 10:34 --------- d---a-w C:\Program Files\Windows Sidebar 2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys 2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys 2008-04-23 20:16 3,591,680 ----a-r C:\WINDOWS\system32\dllcache\mshtml.dll 2008-04-22 07:41 70,656 ----a-r C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-04-22 07:41 625,664 ----a-r C:\WINDOWS\system32\dllcache\iexplore.exe 2008-04-22 07:39 13,824 ----a-r C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-04-21 06:43 32,768 ----a-r C:\WINDOWS\system32\SET8A.tmp 2008-04-20 05:07 161,792 ----a-r C:\WINDOWS\system32\dllcache\ieakui.dll 2008-04-13 17:50 1,804 ----a-r C:\WINDOWS\system32\Dcache.bin 2008-04-13 17:37 332,800 ----a-r C:\WINDOWS\system32\netsetup.exe 2008-04-13 17:33 98,816 ----a-r C:\WINDOWS\system32\psbase.dll 2008-04-13 17:32 86,073 ----a-r C:\WINDOWS\system32\dllcache\voicesub.dll 2008-04-13 17:32 764,416 ----a-r C:\WINDOWS\system32\winntbbu.dll 2008-04-13 17:32 76,288 ----a-r C:\WINDOWS\system32\uniime.dll 2008-04-13 17:32 76,288 ----a-r C:\WINDOWS\system32\dllcache\uniime.dll 2008-04-13 17:32 67,584 ----a-r C:\WINDOWS\system32\dllcache\pmigrate.dll 2008-04-13 17:32 61,471 ----a-r C:\WINDOWS\system32\odbcji32.dll 2008-04-13 17:32 53,760 ----a-r C:\WINDOWS\system32\dllcache\pintlcsd.dll 2008-04-13 17:32 5,632 ----a-r C:\WINDOWS\system32\wmi.dll 2008-04-13 17:32 426,041 ----a-r C:\WINDOWS\system32\dllcache\voicepad.dll 2008-04-13 17:32 175,104 ----a-r C:\WINDOWS\system32\dllcache\pintlcsa.dll 2008-04-13 17:32 15,872 ----a-r C:\WINDOWS\system32\dllcache\padrs404.dll 2008-04-13 17:32 15,360 ----a-r C:\WINDOWS\system32\dllcache\padrs804.dll 2008-04-13 17:32 10,240 ----a-r C:\WINDOWS\system32\dllcache\tmigrate.dll 2008-04-13 17:07 2,147,328 ----a-r C:\WINDOWS\system32\ntoskrnl.exe 2008-04-13 17:07 2,025,984 ----a-r C:\WINDOWS\system32\ntkrnlpa.exe 2008-04-13 17:06 4,096 ----a-r C:\WINDOWS\system32\dsprpres.dll 2008-04-13 17:04 93,184 ----a-r C:\WINDOWS\system32\msxml6r.dll 2008-04-13 17:04 93,184 ----a-r C:\WINDOWS\system32\dllcache\msxml6r.dll 2008-04-13 17:03 81,920 ----a-r C:\WINDOWS\system32\msshavmsg.dll 2008-04-13 17:02 50,688 ----a-r C:\WINDOWS\system32\inetres.dll 2008-04-13 17:01 572,416 ----a-r C:\WINDOWS\system32\shdoclc.dll 2008-04-13 16:59 10,240 ----a-r C:\WINDOWS\system32\gpkrsrc.dll 2008-04-13 16:58 1,845,760 ----a-r C:\WINDOWS\system32\win32k.sys 2008-04-13 16:58 1,647,616 ----a-r C:\WINDOWS\system32\winbrand.dll 2008-04-13 16:57 70,144 ----a-r C:\WINDOWS\system32\browselc.dll 2008-04-13 16:54 103,936 ----a-r C:\WINDOWS\system32\dpcdll.dll 2008-04-13 16:53 23,680 ----a-r C:\WINDOWS\system32\dllcache\mouclass.sys 2008-04-13 10:16 141,056 ----a-r C:\WINDOWS\system32\dllcache\ks.sys 2008-04-13 09:45 60,160 ----a-r C:\WINDOWS\system32\dllcache\drmk.sys 2008-04-13 09:45 49,408 ----a-r C:\WINDOWS\system32\dllcache\stream.sys 2008-04-13 09:45 17,664 ----a-r C:\WINDOWS\system32\watchdog.sys 2008-04-13 09:40 445,440 ----a-r C:\WINDOWS\system32\xpob2res.dll 2008-04-13 09:36 2,986,496 ----a-r C:\WINDOWS\system32\xpsp2res.dll 2008-04-13 09:35 24,064 ----a-r C:\WINDOWS\system32\pidgen.dll 2008-04-13 09:35 197,632 ----a-r C:\WINDOWS\system32\xpsp1res.dll 2008-04-13 09:31 7,424 ----a-r C:\WINDOWS\system32\kd1394.dll 2008-04-13 09:30 61,440 ----a-r C:\WINDOWS\system32\msvcrt40.dll 2008-04-13 08:37 208,384 ----a-r C:\WINDOWS\system32\rsaenh.dll 2008-04-13 08:37 138,752 ----a-r C:\WINDOWS\system32\dssenh.dll 2008-04-13 08:26 12,288 ----a-r C:\WINDOWS\system32\odbcp32r.dll 2006-02-02 11:53 56 --sha-r C:\WINDOWS\system32\B71FF28657.sys . ------- Sigcheck ------- 2008-04-13 19:34 14336 e4bdf223cd75478bf44567b4d5c2634d C:\WINDOWS\system32\svchost.exe 2008-04-13 19:34 14336 e4bdf223cd75478bf44567b4d5c2634d C:\WINDOWS\ServicePackFiles\i386\svchost.exe 2004-08-19 16:10 14336 2979b03d5382a602623c0535b16ab9c0 C:\WINDOWS\$NtServicePackUninstall$\svchost.exe 2008-04-13 19:33 579584 e853f84d3ce2faa2a802e33cf89ac023 C:\WINDOWS\system32\user32.dll 2005-03-02 20:20 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll 2007-03-08 17:50 579072 4d88aaf39adabfe45958ea1384e2c4ff C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll 2004-08-05 05:00 578048 e46fb493e3b33704f0715020cf52106b C:\WINDOWS\$NtUninstallKB890859$\user32.dll 2005-03-02 20:10 578048 0df75fb73f705b011630159a43d7c354 C:\WINDOWS\$NtUninstallKB925902$\user32.dll 2008-04-13 19:33 579584 e853f84d3ce2faa2a802e33cf89ac023 C:\WINDOWS\ServicePackFiles\i386\user32.dll 2007-03-08 17:37 578560 753354f594809a9b96f73999b435a533 C:\WINDOWS\$NtServicePackUninstall$\user32.dll 2008-04-13 19:33 82432 fb836f9e62d82904c983ad21296a5d9c C:\WINDOWS\system32\ws2_32.dll 2008-04-13 19:33 82432 fb836f9e62d82904c983ad21296a5d9c C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll 2004-08-19 16:09 82944 eed74b969b2ca1acc558ff60fb420e28 C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll 2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\system32\wininet.dll 2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\system32\dllcache\wininet.dll 2007-10-11 07:13 663552 d2fd027e5d3af96dee6c5cc225079df0 C:\WINDOWS\SoftwareDistribution\Download\e4818ecd57ac16436508f06dc02ac643\sp2gdr\wininet.dll 2007-10-11 06:59 670208 0465cde31add22f6233ffb4fe4af01cf C:\WINDOWS\SoftwareDistribution\Download\e4818ecd57ac16436508f06dc02ac643\sp2qfe\wininet.dll 2008-04-21 08:30 670720 82b3264706b9921c67b196319fda51de C:\WINDOWS\SoftwareDistribution\Download\f13b1130c899601342787d172211ab01\sp3qfe\wininet.dll 2008-04-21 08:43 670208 7af7d7d178f2863e7e7c880b55c88b76 C:\WINDOWS\SoftwareDistribution\Download\f13b1130c899601342787d172211ab01\sp3gdr\wininet.dll 2008-03-01 14:58 826368 8e027981ddffa690d456fe18b37415a0 C:\WINDOWS\SoftwareDistribution\Download\eaa17b1d205a9fb8b12c43359acd2d18\SP2GDR\wininet.dll 2008-03-01 14:34 827392 5a0093f59b505c008ed0cee615563c72 C:\WINDOWS\SoftwareDistribution\Download\eaa17b1d205a9fb8b12c43359acd2d18\SP2QFE\wininet.dll 2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\SoftwareDistribution\Download\054c3b7a8a3c5c57c0110276bdacfc86\SP2GDR\wininet.dll 2008-04-23 09:19 827392 78d3d2b0be6ad3e6d82ccb115cf74310 C:\WINDOWS\SoftwareDistribution\Download\054c3b7a8a3c5c57c0110276bdacfc86\SP2QFE\wininet.dll 2005-01-27 19:12 662016 66a10b98f18fd804236ab2d90301de04 C:\WINDOWS\$hf_mig$\KB867282\SP2QFE\wininet.dll 2005-03-10 09:48 662016 06ad0b0f43286cd50af283762eb56763 C:\WINDOWS\$hf_mig$\KB890923\SP2QFE\wininet.dll 2005-10-21 04:39 665600 d327378ceef9a141c7352691fc30a0da C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\wininet.dll 2006-03-04 06:00 667648 241dbc4c2714b2f39afded49459ed420 C:\WINDOWS\$hf_mig$\KB912812\SP2QFE\wininet.dll 2006-05-10 07:26 667648 44fcc339191adb8892520dfa473c455f C:\WINDOWS\$hf_mig$\KB916281\SP2QFE\wininet.dll 2006-06-23 13:25 668672 582953780721ac5d38f98cab229ec7b9 C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\wininet.dll 2006-09-14 09:38 668672 b8b6f05885a6f42724e8d6bfede6bd3f C:\WINDOWS\$hf_mig$\KB922760\SP2QFE\wininet.dll 2007-03-23 11:29 823296 375b58a68a016546535a84060092325c C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll 2007-04-25 10:26 823808 47ddad237f60729dea2b9e0e2382b58f C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll 2007-06-27 16:14 824320 7201d19b81883b57d5ffe8ebb5a83e8b C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll 2007-08-20 11:49 825344 2dd1b0f579c80562edcb8848ff7ea9f6 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll 2007-10-11 00:22 825344 871ae10d6ae8877e9636ae5017953d52 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll 2007-12-07 02:42 825344 f4fd487241d3ac291046a22cebd2cf71 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll 2008-03-01 14:34 827392 5a0093f59b505c008ed0cee615563c72 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll 2008-04-21 08:30 670720 82b3264706b9921c67b196319fda51de C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll 2008-04-23 09:19 827392 78d3d2b0be6ad3e6d82ccb115cf74310 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll 2004-08-05 05:00 660480 58fe94ef42e074f4cad8bf02e70e6478 C:\WINDOWS\$NtUninstallKB867282$\wininet.dll 2005-01-27 19:14 660992 b16b02f3c804f057dab099cc15ed0206 C:\WINDOWS\$NtUninstallKB890923$\wininet.dll 2006-06-23 13:11 663040 4f343f414f05e81cf61b1001634fc6b7 C:\WINDOWS\$NtUninstallKB922760$\wininet.dll 2008-06-22 11:20 249442 eeb0e471b50822f2eb305b44d7f591c7 C:\WINDOWS\IE5\1036\WININET.DLL 2005-03-10 10:04 660992 ba7cda9917332a6e1faa1b46bc3ab5fd C:\WINDOWS\$NtUninstallKB905915$\wininet.dll 2008-04-13 19:33 670208 4a6e04ea20f48d750d9bfed8600d516b C:\WINDOWS\ServicePackFiles\i386\wininet.dll 2005-10-21 04:41 662528 e41e8fdf62cf20f2e2b16d800d96eb51 C:\WINDOWS\$NtUninstallKB912812$\wininet.dll 2006-09-14 09:40 663040 b1e994472f3574db141266f1aa905433 C:\WINDOWS\$NtUninstallKB950759$\wininet.dll 2004-08-19 16:09 660480 4e958b97efc3d801f49283d1820f48b7 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll 2006-03-04 05:35 662528 19e1a21f21bc938a92ee8be630994493 C:\WINDOWS\$NtUninstallKB916281$\wininet.dll 2006-05-10 07:24 662528 343fabbf09312842816e92947aacf73a C:\WINDOWS\$NtUninstallKB918899$\wininet.dll 2008-04-13 12:20 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\system32\drivers\tcpip.sys 2005-05-25 20:07 359936 63fdfea54eb53de2d863ee454937ce1e C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys 2006-01-13 18:07 360448 5562cc0a47b2aef06d3417b733f3c195 C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys 2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys 2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys 2004-08-05 05:00 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys 2005-05-25 20:04 359808 88763a98a4c26c409741b4aa162720c9 C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys 2008-04-13 12:20 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\ServicePackFiles\i386\tcpip.sys 2007-10-30 18:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys 2006-01-13 03:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys 2008-04-13 19:34 512000 dd73d6b9f6b4cb630cf35b438b540174 C:\WINDOWS\system32\winlogon.exe 2008-04-13 19:34 512000 dd73d6b9f6b4cb630cf35b438b540174 C:\WINDOWS\ServicePackFiles\i386\winlogon.exe 2004-08-19 16:10 506368 123eea158f74d0f67a51dcdf065d1091 C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe 2008-04-13 12:20 182656 1df7f42665c94b825322fae71721130d C:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 12:20 182656 1df7f42665c94b825322fae71721130d C:\WINDOWS\ServicePackFiles\i386\ndis.sys 2004-08-05 05:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\$NtServicePackUninstall$\ndis.sys 2008-04-13 11:53 36608 3bb22519a194418d5fec05d800a19ad0 C:\WINDOWS\system32\drivers\ip6fw.sys 2008-04-13 11:53 36608 3bb22519a194418d5fec05d800a19ad0 C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys 2004-08-05 05:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\$NtServicePackUninstall$\ip6fw.sys 2008-04-13 19:07 2025984 92e82482cdb39929cf7b541a9648afae C:\WINDOWS\system32\ntkrnlpa.exe 2005-03-02 20:07 2058880 73fa9c95d235844a36968c7852c7dbdd C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe 2005-03-02 10:13 2059008 5311776074b6c13f983dc75baeac9c0c C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe 2006-12-19 19:45 2061440 8b039efbe4c9aa23f152ffa0e238b8fa C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe 2007-02-28 18:08 2061440 7a56a64eb50399613587e90292dd2aab C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe 2004-08-05 05:00 2058880 f252fae094c54572ece38a039f2103c4 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe 2005-03-02 19:08 2017280 50b3a210b6fa8d3089a36a32e7d8b21f C:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe 2006-12-19 19:22 2017792 2f8266048eee98d49b8e41c4c630e42a C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe 2008-04-13 19:07 2067968 b71a8f101cefaf82fc5ec16130a54a3f C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe 2007-02-28 18:02 2017792 11c942f6519575079baa9f14aee35e88 C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe 2008-04-13 19:07 2147328 b10c36956eb7a8b1586dbe3b43875280 C:\WINDOWS\system32\ntoskrnl.exe 2005-03-02 20:08 2181376 63729dd0f2aae36cc52b89c05505146c C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe 2005-03-02 20:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe 2006-12-19 19:45 2184064 1f3fa2065e6e043a1d82a487b5da309c C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe 2007-02-28 18:08 2184192 8e244108562e0e452eb68dff64cb08a9 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe 2004-08-05 05:00 2183040 7d38ce4398e6aa6339b4644feadcc0d8 C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe 2005-03-02 19:07 2137600 e75f7aa5a33479f29c636fd0890f5762 C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe 2006-12-19 19:22 2138112 e2316621e46a445acaffe3d5640167dc C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe 2008-04-13 19:08 2191104 099d639da1ef6968d4e41795bb507e6b C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe 2007-02-28 18:02 2138112 c7a39c47c064ae50417a944b60f37b6a C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe 2008-04-13 19:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd C:\WINDOWS\explorer.exe 2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe 2008-04-13 19:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd C:\WINDOWS\ServicePackFiles\i386\explorer.exe 2007-06-13 15:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe 2004-08-05 05:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 2008-04-13 19:34 109056 54cb50058851d95e56ec70d09f70857f C:\WINDOWS\system32\services.exe 2008-04-13 19:34 109056 54cb50058851d95e56ec70d09f70857f C:\WINDOWS\ServicePackFiles\i386\services.exe 2004-08-19 16:10 108544 63dcde1a0d86eeb8924d6738ff616ead C:\WINDOWS\$NtServicePackUninstall$\services.exe 2008-04-13 19:34 13312 91e6024d6d4dcdecdb36c43ecf9bbecb C:\WINDOWS\system32\lsass.exe 2008-04-13 19:34 13312 91e6024d6d4dcdecdb36c43ecf9bbecb C:\WINDOWS\ServicePackFiles\i386\lsass.exe 2004-08-19 16:09 13312 259af82a0932eea4f316f92db94707b6 C:\WINDOWS\$NtServicePackUninstall$\lsass.exe 2008-04-13 19:34 15360 59dc5bb82e4c8e0b3eadcfdbc44ba6e4 C:\WINDOWS\system32\ctfmon.exe 2008-04-13 19:34 15360 59dc5bb82e4c8e0b3eadcfdbc44ba6e4 C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe 2004-08-19 16:09 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] 2008-06-17 14:23 349552 --a------ C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] 2008-05-01 12:34 116088 -ra------ C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-01 03:33 68856] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21 153136] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-01-25 19:47 51048] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 06:03 221184] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 06:03 81920] "ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15 45056] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 21:05 344064] "RegistryMechanic"="" [] "High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-17 16:10 61952 C:\WINDOWS\system32\HDAudPropShortcut.exe] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440] "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 17:48 488984] "LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 17:58 1060376] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 03:12 76304 C:\WINDOWS\KHALMNPR.Exe] "RTHDCPL"="RTHDCPL.EXE" [2008-05-28 14:52 16862720 C:\WINDOWS\RTHDCPL.exe] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 15:10 56928] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 22:55 54832] "LGODDFU"="C:\Program Files\lg_fwupdate\fwupdate.exe" [2006-08-17 13:45 249856] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-06-23 19:57 1817600] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "WinPatrol"="C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe" [2005-12-12 23:18 222784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-09-09 10:13:42 962667] Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-03-08 12:28:41 125624] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-06-16 07:23:07 805392] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoFavoritesMenu"= 0 (0x0) "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoInstrumentation"= 0 (0x0) "NoSimpleStartMenu"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoFavoritesMenu"= 0 (0x0) "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoUserNameInStartMenu"= 1 (0x1) "NoInstrumentation"= 0 (0x0) "NoStartMenuPinnedList"= 0 (0x0) "ForceStartMenuLogoff"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1] Source= C:\Program Files\AnfyTeam\Applet\bookflip\preview.html FriendlyName= Anfy BOOKFLIP [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll 2008-05-02 02:42 72208 c:\Program Files\Fichiers communs\LogiShrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= DivXa32.acm "VIDC.HFYU"= huffyuv.dll "VIDC.VDOM"= vdowave.drv "VIDC.TR20"= tr2032.dll "vidc.vivo"= ivvideo.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\outlook.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= *Newly Created Service* - CATCHME [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe" . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-06-16 07:31:34 C:\WINDOWS\Tasks\dfrg.job" - C:\WINDOWS\system32\dfrg.msc . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-26 21:03:54 Windows 5.1.2600 Service Pack 3 FAT NTAPI Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-06-26 21:05:01 ComboFix-quarantined-files.txt 2008-06-26 19:04:58 Pre-Run: 47,505,113,088 octets libres Post-Run: 47,745,236,992 octets libres 511 --- E O F --- 2008-06-15 23:35:37

Merci THANOS! je fais ça au plus vite! demain au boulot sur une clé USB vu qu'IE refuse tout téléchargement.. Je te tiens au courant et merci encore.

Pour la bidouille.. je ne sais pas trop!!! les enfants se sont servi du PC et patatrac.... oui je sais vous allez me dire les enfats ont bon dos, mais c'est vrai! Une bande d'ados sur un PC une après-midi et c'est la catastrophe. J'ai pu en chargeant des antivirus sur une clé USB, obtenir les rapports suivants : (il y a un trojan TR/Agent.tvbmais je ne retrouve plus le rapport, le trojan est en quarantaine) je vous les soummets donc. Si vela peut permettre de trouver une piste. BONNE JOURNEE A TOUS. PS: COMMENT FAIRE POUE AVOIR LES PRIVILEGES ADMINISTRATEUR SUE MON PC.. MERCI SmitFraudFix v2.328 Rapport fait à 6:34:39,59, 25/06/2008 Executé à partir de C:\Documents and Settings\RICO CHRISTOPHE\Bureau\MIS LIMPIADORES\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process »»»»»»»»»»»»»»»»»»»»»»»» hosts Fichier hosts corrompu ! 127.0.0.1 www.legal-at-spybot.info 127.0.0.1 legal-at-spybot.info »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\svchost.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RICO CHRISTOPHE »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RICO CHRISTOPHE\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\RICOCH~1\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="C:\\Program Files\\AnfyTeam\\Applet\\bookflip\\preview.html" "SubscribedURL"="?" "FriendlyName"="Anfy BOOKFLIP" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "LoadAppInit_DLLs"=dword:00000001 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin -------------------------------------- Scan started: Tue Jun 24 22:45:06 2008 ERROR: Can't open file C:\WINDOWS\Temp\Perflib_Perfdata_6fc.dat ERROR: Can't open file C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG ERROR: Can't open file C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat ERROR: Can't open file C:\Documents and Settings\NetworkService\ntuser.dat.LOG ERROR: Can't open file C:\Documents and Settings\NetworkService\NTUSER.DAT ERROR: Can't open file C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG ERROR: Can't open file C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat ERROR: Can't open file C:\Documents and Settings\LocalService\ntuser.dat.LOG ERROR: Can't open file C:\Documents and Settings\LocalService\NTUSER.DAT ERROR: Can't open file C:\Documents and Settings\RICO CHRISTOPHE\ntuser.dat ERROR: Can't open file C:\Documents and Settings\RICO CHRISTOPHE\ntuser.dat.LOG ERROR: Can't open file C:\Documents and Settings\RICO CHRISTOPHE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG ERROR: Can't open file C:\Documents and Settings\RICO CHRISTOPHE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat ERROR: Can't open file C:\pagefile.sys ERROR: Can't open file C:\hiberfil.sys -- summary -- Known viruses: 62665 Engine version: 0.88.3 Scanned directories: 7895 Scanned files: 78568 Infected files: 0 Data scanned: 35875.88 MB Time: 21211.829 sec (353 m 31 s) -------------------------------------- Completed -------------------------------------- SmitFraudFix v2.328 Rapport fait à 6:34:39,59, 25/06/2008 Executé à partir de C:\Documents and Settings\RICO CHRISTOPHE\Bureau\MIS LIMPIADORES\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process »»»»»»»»»»»»»»»»»»»»»»»» hosts Fichier hosts corrompu ! 127.0.0.1 www.legal-at-spybot.info 127.0.0.1 legal-at-spybot.info »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\svchost.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RICO CHRISTOPHE »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RICO CHRISTOPHE\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\RICOCH~1\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="C:\\Program Files\\AnfyTeam\\Applet\\bookflip\\preview.html" "SubscribedURL"="?" "FriendlyName"="Anfy BOOKFLIP" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "LoadAppInit_DLLs"=dword:00000001 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin