romian21

Eh bien ça semble être rentré dans l'ordre! Merci beaucoup beaucoup beaucoup!!... Bonne soirée...

Bonjour, Etant très novice, j'ai vraiment besoin d'aide... J'ai depuis quelques temps des problèmes avec la résolution (image floue et/ou étirée...). Je suis allé dans "personnaliser", dans "nvidia", mais rien n'y fait. La résolution souhaitée est 1680x1050 (fréquence 60Hz) mais celle-ci qui n'apparaissait plus qu'un jour sur deux, n'apparaît plus du tout. J'ai 1600x1200 mais ça ne convient pas... Que faire? Aidez-moi s'il vous plaît!!..... Mon matériel: Acer AL2002W - Nvidia GeForce 7500 LE Merci d'avance

Malwarebytes' Anti-Malware 1.20 Version de la base de données: 935 Windows 6.0.6001 Service Pack 1 12:38:43 10/07/2008 mbam-log-7-10-2008 (12-38-43).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 132463 Temps écoulé: 30 minute(s), 13 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Voici Main.txt: Deckard's System Scanner v20071014.68 Run by Florian on 2008-07-10 11:43:13 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 33: 2008-07-09 22:30:47 UTC - RP586 - ComboFix created restore point 32: 2008-07-09 14:11:00 UTC - RP585 - Opération de restauration 31: 2008-07-09 13:59:41 UTC - RP584 - Opération de restauration 30: 2008-07-09 13:45:45 UTC - RP583 - Windows Update 29: 2008-07-09 12:21:21 UTC - RP582 - Point de contrôle planifié -- First Restore Point -- 1: 2008-06-25 07:38:29 UTC - RP552 - Point de contrôle planifié Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Florian.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:45:30, on 10/07/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\WINDOWS\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\hp\kbd\kbd.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\mobsync.exe C:\Users\Florian\Desktop\dss.exe C:\Karcher\Florian.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 9346 bytes -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- All drivers whitelisted. -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S3 PACSPTISVR - "c:\program files\common files\sony shared\avlib\pacsptisvr.exe" <Not Verified; ; PACSPTISVR Module> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-07-10 11:10:00 258 --a------ C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job 2008-07-04 20:43:31 528 --a------ C:\Windows\Tasks\Norton Internet Security - Analyse système complète - Florian.job -- Files created between 2008-06-10 and 2008-07-10 ----------------------------- 2008-07-10 00:30:27 68096 --a------ C:\Windows\zip.exe 2008-07-10 00:30:27 49152 --a------ C:\Windows\VFind.exe 2008-07-10 00:30:27 136704 --a------ C:\Windows\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller> 2008-07-10 00:30:27 161792 --a------ C:\Windows\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor> 2008-07-10 00:30:27 98816 --a------ C:\Windows\sed.exe 2008-07-10 00:30:27 80412 --a------ C:\Windows\grep.exe 2008-07-10 00:30:27 89504 --a------ C:\Windows\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-07-10 00:30:07 212480 --a------ C:\Windows\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists> 2008-07-10 00:30:03 0 d-------- C:\327882R2FWJFW 2008-07-09 22:24:24 0 d-------- C:\Users\All Users\Malwarebytes 2008-07-09 22:24:23 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-07-09 21:15:33 0 d-------- C:\Karcher 2008-07-09 17:51:09 0 d-------- C:\Program Files\a-squared Anti-Malware 2008-07-09 17:23:21 0 d-------- C:\Users\All Users\Grisoft 2008-07-09 17:23:21 0 d-------- C:\Users\All Users\avg7 2008-07-09 14:43:56 37888 --a------ C:\Windows\system32\rar.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® 2000 Operating System> 2008-07-09 14:43:56 0 --a------ C:\Windows\system32\Installed.dat 2008-07-09 14:43:56 0 d-a------ C:\Users\All Users\TEMP 2008-07-07 23:49:25 0 d-------- C:\Users\All Users\Sony 2008-07-07 23:44:24 0 d-------- C:\Program Files\Sony Setup 2008-07-04 19:20:53 0 d-------- C:\Users\All Users\Sony Corporation 2008-07-03 22:13:11 0 d-------- C:\Windows\system32\Iosubsys 2008-07-03 22:12:51 0 d-------- C:\Program Files\Sony 2008-07-03 22:11:07 0 d-------- C:\Program Files\Common Files\Sony Shared 2008-06-12 09:27:01 0 d-------- C:\Program Files\Boilsoft ASF Converter -- Find3M Report --------------------------------------------------------------- 2008-07-10 11:39:36 669340 --a------ C:\Windows\system32\perfh00C.dat 2008-07-10 11:39:36 123350 --a------ C:\Windows\system32\perfc00C.dat 2008-07-09 22:24:28 0 d-------- C:\Users\Florian\AppData\Roaming\Malwarebytes 2008-07-09 17:32:19 0 d-------- C:\Users\Florian\AppData\Roaming\AVG7 2008-07-09 16:16:53 0 d-------- C:\Program Files\Common Files\Symantec Shared 2008-07-09 16:16:53 0 d-------- C:\Program Files\Common Files\SureThing Shared 2008-07-09 16:16:49 0 d-------- C:\Program Files\Windows Mail 2008-07-09 16:16:49 0 d-------- C:\Program Files\Microsoft Works 2008-07-09 16:16:49 0 d-------- C:\Program Files\Google 2008-07-08 21:24:58 0 d-------- C:\Users\Florian\AppData\Roaming\Sony 2008-07-08 20:20:03 0 d-------- C:\Program Files\Common Files\AVSMedia 2008-07-08 07:56:55 0 d-------- C:\Users\Florian\AppData\Roaming\OpenOffice.org2 2008-07-04 06:46:14 0 d-------- C:\Program Files\Windows Live Toolbar 2008-07-03 22:13:10 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-03 22:11:07 0 d-------- C:\Program Files\Common Files 2008-06-23 21:27:22 424 --a------ C:\Users\Florian\AppData\Roaming\wklnhst.dat 2008-05-31 14:38:43 174 --ahs---- C:\Program Files\desktop.ini 2008-05-31 14:29:14 0 d-------- C:\Program Files\Windows Calendar 2008-05-31 14:29:13 0 d-------- C:\Program Files\Windows Sidebar 2008-05-31 14:29:13 0 d-------- C:\Program Files\Movie Maker 2008-05-31 14:29:11 0 d-------- C:\Program Files\Windows Collaboration 2008-05-31 14:29:10 0 d-------- C:\Program Files\Windows Journal 2008-05-31 14:29:09 0 d-------- C:\Program Files\Windows Photo Gallery 2008-05-31 14:29:04 0 d-------- C:\Program Files\Windows Defender 2008-05-31 09:35:16 0 d-------- C:\Program Files\Norton Internet Security 2008-05-31 09:35:12 0 d-------- C:\Program Files\Symantec 2008-05-19 16:58:39 0 d-------- C:\Program Files\Neuf 2008-05-19 16:09:40 0 d-------- C:\Program Files\eMule -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [28/09/2006 15:42] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [20/11/2006 13:34] "KBD"="C:\HP\KBD\KbdStub.EXE" [08/12/2006 17:16] "RtHDVCpl"="RtHDVCpl.exe" [15/01/2008 11:26 C:\WINDOWS\RtHDVCpl.exe] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [17/02/2005 00:11] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [09/01/2007 22:59] "osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [26/10/2006 18:18] "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25/07/2007 16:02] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25/07/2007 16:06] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [16/09/2007 10:52] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/02/2008 00:13] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [29/01/2008 17:38] "NvSvc"="C:\Windows\system32\nvsvc.dll" [27/08/2007 18:59] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [27/08/2007 18:59] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [27/08/2007 18:59] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19/01/2008 09:33] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19/01/2008 09:33] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [16/02/2005 18:15] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34] "Neuf Media Center"="C:\Program Files\Neuf\Media Center\MediaCenter.exe" [29/08/2007 16:42] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19/01/2008 09:33] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "Launcher"=%WINDIR%\SMINST\launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableUIADesktopToggle"=0 (0x0) "DisableRegistryTools"=0 (0x0) "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca9b676f-bcf8-11dc-8f0c-00112ffcab8a}] AutoRun\command- K:\LaunchU3.exe *Newly Created Service* - COMHOST [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-07-10 11:47:31 ------------ Voici extra.txt: Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Édition Familiale Premium (build 6001) SP 1.0 Architecture: X86; Language: French CPU 0: AMD Athlon 64 X2 Dual Core Processor 4600+ Percentage of Memory in Use: 42% Physical Memory (total/avail): 2045.82 MiB / 1173.76 MiB Pagefile Memory (total/avail): 4330.17 MiB / 3264.34 MiB Virtual Memory (total/avail): 2047.88 MiB / 1898.51 MiB C: is Fixed (NTFS) - 292.93 GiB total, 171.2 GiB free. D: is Fixed (NTFS) - 5.16 GiB total, 3.98 GiB free. E: is CDROM (No Media) F: is Removable (No Media) G: is Removable (No Media) H: is Removable (No Media) I: is Removable (No Media) J: is Removable (No Media) \\.\PHYSICALDRIVE0 - ST3320820AS ATA Device - 298.09 GiB - 2 partitions \PARTITION0 (bootable) - Système de fichiers installable - 292.93 GiB - C: \PARTITION1 - Système de fichiers installable - 5.16 GiB - D: \\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device \\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device \\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device \\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device \\.\PHYSICALDRIVE5 - HP Photosmart C4190 USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FW: Norton Internet Security v2007 (Symantec Corporation) Disabled AV: Norton Internet Security v2007 (Symantec Corporation) AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) AS: Norton Internet Security v2007 (Symantec Corporation) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\Florian\AppData\Roaming CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=PC-DE-FLORIAN ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\Florian LOCALAPPDATA=C:\Users\Florian\AppData\Local LOGONSERVER=\\PC-DE-FLORIAN NUMBER_OF_PROCESSORS=2 OnlineServices=Services en ligne OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PCBRAND=Pavilion PLATFORM=HPD PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=4b02 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip RoxioCentral=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\Florian\AppData\Local\Temp TMP=C:\Users\Florian\AppData\Local\Temp USERDOMAIN=PC-de-Florian USERNAME=Florian USERPROFILE=C:\Users\Florian windir=C:\Windows -- User Profiles --------------------------------------------------------------- Florian Joséphine -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003} Adobe Reader 8.1.2 Security Update 1 (KB403742) --> AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA} ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3} Compact Wireless-G USB Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}\setup.exe" -l0x40c DNA --> "C:\Users\Florian\Program Files\DNA\btdna.exe" /UNINSTALL eMule --> "C:\Program Files\eMule\Uninstall.exe" FLV Player --> C:\Program Files\FLV Player\uninstall.exe Free WMA to MP3 Converter 1.16 --> "C:\Program Files\Free WMA to MP3 Converter\unins000.exe" Google Earth --> MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90} Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" HijackThis 2.0.2 --> "C:\Karcher\HijackThis.exe" /uninstall HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly HP Easy Setup - Core --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9 HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly HP On-Screen Caps/Num/Scroll Lock Indicator --> C:\Windows\system32\OsdRemove.exe HP Photosmart Essential 2.01 --> C:\Program Files\Hewlett-Packard\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Picasso Media Center Add-In --> MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B} HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8} Logitech QuickCam --> MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0} MainConcept for Software Encoder --> c:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862} Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Media Manager for WALKMAN 1.1 --> MsiExec.exe /X{125CF05E-8533-478F-AD92-314A000D9164} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works --> MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} Mozilla Firefox (2.0.0.2) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69} MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MVision --> MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93} Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe Neuf - Media Center --> C:\Program Files\Neuf\Media Center\uninstall.exe Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0} Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164} Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A} Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34} Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B} Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B} Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555} Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43} Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8} NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI OcxSetup --> MsiExec.exe /I{C3DC29BC-A8CF-4578-9DFC-37F049C44771} OpenMG Secure Module 4.7.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL OpenOffice.org 2.3 --> MsiExec.exe /I{FADB55D0-403F-4413-A268-CF0A6F1185C2} Outils de diagnostic du matériel --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe Programme de gestion Camera de Logitech® --> "C:\Program Files\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT Python 2.4.3 --> MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313} QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067} RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver --> RtlUpd.exe -r -m Roxio Creator Audio --> MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82} Roxio Creator Basic v9 --> MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} Roxio Creator Copy --> MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} Roxio Creator Data --> MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87} Roxio Creator EasyArchive --> MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} Roxio Creator Tools --> MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF} Roxio Express Labeler 3 --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Shop for HP Supplies --> C:\Program Files\Hewlett-Packard\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Solution de clavier multimédia amélioré --> C:\HP\KBD\Install.exe /u SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D} Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D} -- Application Event Log ------------------------------------------------------- Event Record #/Type79981 / Error Event Submitted/Written: 07/10/2008 11:10:58 AM Event ID/Source: 1010 / Perflib Event Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Event Record #/Type79971 / Success Event Submitted/Written: 07/10/2008 10:48:35 AM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type79968 / Success Event Submitted/Written: 07/10/2008 10:48:30 AM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type79961 / Success Event Submitted/Written: 07/10/2008 10:48:21 AM Event ID/Source: 902 / Software Licensing Service Event Description: Le service de gestion des licences du logiciel a démarré. Event Record #/Type79945 / Error Event Submitted/Written: 07/10/2008 10:45:18 AM Event ID/Source: 1000 / Application Error Event Description: Application défaillante gmer.exe, version 1.0.14.14536, horodatage 0x4807a13f, module défaillant gmer.dll, version 1.0.14.14536, horodatage 0x4807a134, code d’exception 0xc0000005, décalage d’erreur 0x0000c6a4, ID du processus 0x14cc, heure de début de l’application 0xgmer.exe0. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type196633 / Error Event Submitted/Written: 07/10/2008 10:49:34 AM Event ID/Source: 7000 / Service Control Manager Event Description: Parallel port driver%%1058 Event Record #/Type196584 / Error Event Submitted/Written: 07/10/2008 10:48:13 AM Event ID/Source: 15016 / HTTP Event Description: \Device\Http\ReqQueueKerberos Event Record #/Type196570 / Error Event Submitted/Written: 07/10/2008 10:48:07 AM Event ID/Source: 6008 / EventLog Event Description: L'arrêt système précédant à 10:46:41 le 10/07/2008 n'était pas prévu. Event Record #/Type196508 / Error Event Submitted/Written: 07/10/2008 10:26:33 AM Event ID/Source: 7000 / Service Control Manager Event Description: Parallel port driver%%1058 Event Record #/Type196465 / Error Event Submitted/Written: 07/10/2008 10:26:08 AM Event ID/Source: 15016 / HTTP Event Description: \Device\Http\ReqQueueKerberos -- End of Deckard's System Scanner: finished at 2008-07-10 11:47:31 ------------ Voici moved.txt: Directories/Files moved to C:\Deckard\System Scanner\backup 2008-07-10 10:50:09 974 --a------ C:\Users\Florian\AppData\Local\Temp\callingapps.xml 2008-07-10 00:53:18 0 d-------- C:\Users\Florian\AppData\Local\Temp\Google Toolbar 2008-07-10 10:54:02 170 --a------ C:\Users\Florian\AppData\Local\Temp\jusched.log 2008-07-10 11:40:09 0 d-------- C:\Users\Florian\AppData\Local\Temp\Low 2008-07-10 10:50:16 1392 --a------ C:\Users\Florian\AppData\Local\Temp\LVCOMSX.LOG 2008-07-10 10:50:09 195862 --a------ C:\Users\Florian\AppData\Local\Temp\qcemptysound.wav 2008-07-10 10:49:09 0 d-------- C:\Users\Florian\AppData\Local\Temp\WPDNSE 2008-07-10 10:12:51 0 d-------- C:\Users\Florian\AppData\Local\Temp\{34f7dca3-1506-4ae0-81e0-b5d1c1bf2887} 2008-07-10 00:56:54 16384 --a------ C:\Users\Florian\AppData\Local\Temp\~DF60CB.tmp 2008-07-10 00:56:54 512 --a-----t C:\Users\Florian\AppData\Local\Temp\~DF60DE.tmp 2008-07-09 23:23:36 114688 --a------ C:\Users\Florian\AppData\Local\Temp\~DFC9C2.tmp 2008-07-10 10:50:20 0 --a------ C:\Windows\temp\ehprivjob.log 2008-07-10 10:28:41 0 --a------ C:\Windows\temp\ehprivjob1.log 2008-07-10 11:38:13 1754 --a------ C:\Windows\temp\LVCOMSX.LOG 2008-07-10 02:07:20 1272 --a------ C:\Windows\temp\MpCmdRun.log 2008-07-10 10:32:09 0 d-------- C:\Windows\temp\slu4b43.tmp 2008-07-10 11:13:26 58760 --a------ C:\Windows\temp\symlcsv1.exe 2008-03-24 19:33:02 1527056 --a------ C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe <Verified; Adobe Systems Incorporated; Adobe® Flash® Player ActiveX> -*- End of Logfile -*-

Oui pour Registry+Files+Services. Voici le rapport Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:31:47, on 10/07/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\WINDOWS\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\hp\kbd\kbd.exe C:\Windows\system32\taskeng.exe C:\Users\Florian\Desktop\gmer.exe C:\Karcher\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 9491 bytes

Je n'ai pas eu de rapport mais : "Gmer hasn't found any system modification" dans une fenêtre.

GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2008-07-10 11:06:02 Windows 6.0.6001 Service Pack 1 ---- System - GMER 1.0.14 ---- SSDT 873C42E8 ZwAlertResumeThread SSDT 873C4710 ZwAlertThread SSDT 873C21F8 ZwAllocateVirtualMemory SSDT 86B1B288 ZwConnectPort SSDT 873C4098 ZwCreateMutant SSDT 873C2388 ZwCreateThread SSDT 873C4F38 ZwFreeVirtualMemory SSDT 873C4168 ZwImpersonateAnonymousToken SSDT 873C4228 ZwImpersonateThread SSDT 873C4E58 ZwMapViewOfSection SSDT 873BCF90 ZwOpenEvent SSDT 873C22C8 ZwOpenProcessToken SSDT 873C4BF8 ZwOpenThreadToken SSDT 8735DEE0 ZwResumeThread SSDT 873C4B38 ZwSetContextThread SSDT 873C4CC8 ZwSetInformationProcess SSDT 873C4A68 ZwSetInformationThread SSDT 873BCED0 ZwSuspendProcess SSDT 873C48E8 ZwSuspendThread SSDT 873C2468 ZwTerminateProcess SSDT 873C49A8 ZwTerminateThread SSDT 873C4D98 ZwUnmapViewOfSection SSDT 873C4008 ZwWriteVirtualMemory ---- EOF - GMER 1.0.14 ----

GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2008-07-10 10:59:58 Windows 6.0.6001 Service Pack 1 ---- Devices - GMER 1.0.14 ---- AttachedDevice \Driver\tdx \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) ---- EOF - GMER 1.0.14 ----

Alors... le scan ne veut pas se faire. J'ai essayé 2 ou 3 fois mais l'ordinateur redémarre à chaque fois. J'ai eu un message en anglais m'indiquant que windows a dû être fermé pour éviter d'éventuels dommages, et un autre pour dire que windows a un problème qui l'empêche de fonctionner normalement et qu'on me sonnera plus tard si windows a trouvé une solution!! Cependant, à part ça, tout semble revenu à la normale: plus de sablier omniprésent, internet fonctionne bien, plus de ralenti à l'extrême!... Faut-il effectué une vérification? essayer de relancer Gmer?...

Ok merci! Je ne pense pas avoir désactivé moi-même l'UAC parce que je ne sais même pas ce que c'est!!

Il est bon ce rapport? Maintenant pour n'importe quel action, n'importe quel clic, ça met 10 sec à réagir... J'espère que c'est normal et que ça va s'arranger!! Tu m'abandonnes pas, hein??!!

Maintenant ça rame à mort!! ça fait peur! ComboFix 08-07-09.2 - Florian 2008-07-10 0:31:50.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.889 [GMT 2:00] Endroit: C:\Users\Florian\Desktop\ComboFix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\system32\WinSecure.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-06-09 to 2008-07-09 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-09 22:32 --------- d---a-w C:\ProgramData\TEMP 2008-07-09 22:31 1,310,720 --sha-w C:\Users\Joséphine\ntuser.dat 2008-07-09 22:31 1,310,720 --sha-w C:\Users\Joséphine\ntuser.dat 2008-07-09 20:24 --------- d-----w C:\Users\Florian\AppData\Roaming\Malwarebytes 2008-07-09 20:24 --------- d-----w C:\ProgramData\Malwarebytes 2008-07-09 20:24 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware 2008-07-09 19:13 318,369 ----a-w C:\HiJackThis.zip 2008-07-09 18:59 --------- d-----w C:\Program Files\a-squared Anti-Malware 2008-07-09 18:58 --------- d-----w C:\ProgramData\avg7 2008-07-09 18:54 --------- d-----w C:\ProgramData\Symantec 2008-07-09 15:32 --------- d-----w C:\Users\Florian\AppData\Roaming\AVG7 2008-07-09 15:31 9,216 ----a-w C:\Windows\System32\avgwlntf.dll 2008-07-09 15:31 55,304 ----a-w C:\Windows\system32\drivers\avgwfp.sys 2008-07-09 15:23 --------- d-----w C:\ProgramData\Grisoft 2008-07-09 14:16 --------- d-----w C:\Program Files\Windows Mail 2008-07-09 14:16 --------- d-----w C:\Program Files\Microsoft Works 2008-07-09 14:16 --------- d-----w C:\Program Files\Google 2008-07-09 14:16 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-07-09 14:16 --------- d-----w C:\Program Files\Common Files\SureThing Shared 2008-07-09 12:59 37,888 ----a-w C:\Windows\System32\rar.exe 2008-07-08 19:25 --------- d-----w C:\Program Files\Sony 2008-07-08 19:24 --------- d-----w C:\Users\Florian\AppData\Roaming\Sony 2008-07-08 19:23 --------- d-----w C:\ProgramData\Sony 2008-07-08 19:20 --------- d-----w C:\Program Files\Sony Setup 2008-07-08 18:20 --------- d-----w C:\Program Files\Common Files\AVSMedia 2008-07-08 05:56 --------- d-----w C:\Users\Florian\AppData\Roaming\OpenOffice.org2 2008-07-07 15:35 34,296 ----a-w C:\Windows\system32\drivers\mbamcatchme.sys 2008-07-07 15:35 17,144 ----a-w C:\Windows\system32\drivers\mbam.sys 2008-07-04 17:20 --------- d-----w C:\ProgramData\Sony Corporation 2008-07-04 04:46 --------- d-----w C:\Program Files\Windows Live Toolbar 2008-07-03 20:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-03 20:13 --------- d-----w C:\Program Files\Common Files\Sony Shared 2008-06-24 15:22 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2008-06-23 19:27 424 ----a-w C:\Users\Florian\AppData\Roaming\wklnhst.dat 2008-06-17 17:54 --------- d-----w C:\ProgramData\Roxio 2008-06-12 08:04 --------- d-----w C:\Program Files\Boilsoft ASF Converter 2008-06-02 19:01 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-05-31 12:38 174 --sha-w C:\Program Files\desktop.ini 2008-05-31 12:29 --------- d-----w C:\Program Files\Windows Sidebar 2008-05-31 12:29 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-05-31 12:29 --------- d-----w C:\Program Files\Windows Journal 2008-05-31 12:29 --------- d-----w C:\Program Files\Windows Defender 2008-05-31 12:29 --------- d-----w C:\Program Files\Windows Collaboration 2008-05-31 12:29 --------- d-----w C:\Program Files\Windows Calendar 2008-05-31 11:46 82,432 ----a-w C:\Windows\System32\axaltocm.dll 2008-05-31 11:46 101,888 ----a-w C:\Windows\System32\ifxcardm.dll 2008-05-31 07:35 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF 2008-05-31 07:35 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS 2008-05-31 07:35 10,671 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT 2008-05-31 07:35 --------- d-----w C:\Program Files\Symantec 2008-05-31 07:35 --------- d-----w C:\Program Files\Norton Internet Security 2008-05-19 14:58 --------- d-----w C:\Program Files\Neuf 2008-05-19 14:09 --------- d-----w C:\Program Files\eMule 2008-05-17 09:27 --------- d-----w C:\ProgramData\eMule 2008-05-10 03:35 564,736 ----a-w C:\Windows\System32\emdmgmt.dll 2008-05-10 01:33 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys 2008-05-08 21:59 90,112 ----a-w C:\Windows\System32\wshext.dll 2008-05-08 21:59 430,080 ----a-w C:\Windows\System32\vbscript.dll 2008-05-08 21:59 180,224 ----a-w C:\Windows\System32\scrobj.dll 2008-05-08 21:59 172,032 ----a-w C:\Windows\System32\scrrun.dll 2008-05-08 21:59 155,648 ----a-w C:\Windows\System32\wscript.exe 2008-05-08 21:58 135,168 ----a-w C:\Windows\System32\cscript.exe 2008-04-26 08:25 3,600,952 ----a-w C:\Windows\System32\ntkrnlpa.exe 2008-04-26 08:25 3,549,240 ----a-w C:\Windows\System32\ntoskrnl.exe 2008-04-26 08:08 1,314,816 ----a-w C:\Windows\System32\quartz.dll 2008-04-25 04:35 826,880 ----a-w C:\Windows\System32\wininet.dll 2008-04-23 04:42 428,544 ----a-w C:\Windows\System32\EncDec.dll 2008-04-23 04:42 293,376 ----a-w C:\Windows\System32\psisdecd.dll 2008-04-12 03:32 784,896 ----a-w C:\Windows\System32\rpcrt4.dll 2007-11-07 15:05 202 ----a-w C:\Users\Joséphine\AppData\Roaming\wklnhst.dat 2007-09-25 19:16 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2007-09-25 19:16 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2007-09-25 19:16 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 18:15 221184] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "Neuf Media Center"="C:\Program Files\Neuf\Media Center\MediaCenter.exe" [2007-08-29 16:42 1008880] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 15:42 65536] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 13:34 155648] "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 17:16 65536] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 00:11 49152] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59 115816] "osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [2006-10-26 18:18 22696] "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-16 10:52 185632] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 18:59 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 18:59 8473120] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 18:59 81920] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\WINDOWS\RtHDVCpl.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{50CC2844-217B-4AEF-AFD2-09CB49A1F12A}"= Disabled:UDP:C:\WINDOWS\System32\P2P Networking\P2P Networking.exe:P2P Networking "{719B36BD-6778-42DF-BB48-BD352E8D1254}"= Disabled:TCP:C:\WINDOWS\System32\P2P Networking\P2P Networking.exe:P2P Networking "{809A9DBC-EF69-4059-980B-455D73F77BA9}"= UDP:C:\Program Files\Neuf\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player Neuf Cegetel) "{7221522F-AF3E-461D-9E49-153B54E240F2}"= TCP:C:\Program Files\Neuf\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player Neuf Cegetel) "{5BD500B7-5201-4820-BB9D-9B132F216DFA}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{BD14E3F3-7029-4BBC-B36A-C4878CA12B92}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{2D579097-3F6E-4CCE-8992-BC44D8525898}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{92A5D683-41C3-4F4C-A796-2D5EC58554C7}"= UDP:C:\Program Files\DNA\btdna.exe:DNA "{6CB0AFD5-089E-49D5-BDE6-592927F3E02F}"= TCP:C:\Program Files\DNA\btdna.exe:DNA "{524B7A53-420D-49FB-B769-FA0F3696328A}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent "{D5C893BD-5B0A-4AFC-8AC8-0F3F2136F888}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent "{6320EE6D-C66F-43F3-84E2-65166A7C4C2E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{9CCF6148-03B8-43E6-B75C-40162FAB337C}"= UDP:C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.1 "{E76716CF-ACB9-4AF8-AD8F-B72A7B002C1D}"= TCP:C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.1 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent S3 3xHybrid;ASUSTek SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-09-19 18:57] S3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-07-09 17:31] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca9b676f-bcf8-11dc-8f0c-00112ffcab8a}] \shell\AutoRun\command - K:\LaunchU3.exe *Newly Created Service* - CATCHME *Newly Created Service* - COMHOST . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-07-04 18:43:31 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - Florian.job" - c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK: "2008-07-09 22:10:05 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . - - - - ORPHANS REMOVED - - - - HKCU-Run-BitTorrent DNA - C:\Users\Florian\Program Files\DNA\btdna.exe HKU-Default-Run-msnmsgr - C:\Program Files\MSN Messenger\msnmsgr.exe ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-10 00:35:42 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... ? [796] ? [4288] ? [31684] ? [30028] ? [35740] ? [23688] ? [36216] Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-07-10 0:50:25 ComboFix-quarantined-files.txt 2008-07-09 22:48:35 Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. Post-Run: 183,640,272,896 octets libres 192 --- E O F --- 2008-07-09 13:47:12 Merci pour tout ce que tu fais pour moi!...

Malwarebytes' Anti-Malware 1.20 Version de la base de données: 935 Windows 6.0.6001 Service Pack 1 00:22:21 10/07/2008 mbam-log-7-10-2008 (00-22-21).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 138634 Temps écoulé: 34 minute(s), 54 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

C'est bon, j'ai lancé l'examen à nouveau... A tout à l'heure (!!!!)

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:24:06, on 09/07/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Neuf\Media Center\MediaCenter.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\hp\kbd\kbd.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Karcher\HijackThis.exe C:\WINDOWS\System32\WinSecure.exe C:\WINDOWS\System32\WinSecure.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 4507 bytes Je crois que dorénavant je me contenterai d'une ou deux chansons sur emule!!

Est-ce normal que le sablier (ou cercle bleu) soit toujours actif??

Voilà, c'est fait! J'ai suivi toutes ces indications. Malwarebytes' Anti-Malware 1.20 Version de la base de données: 935 Windows 6.0.6001 Service Pack 1 23:15:49 09/07/2008 mbam-log-7-9-2008 (23-15-49).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 138265 Temps écoulé: 34 minute(s), 35 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Users\Florian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WPAZT5J\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Users\Florian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS2LMCUB\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Users\Florian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K5CBBJYH\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Users\Florian\AppData\Local\Temp\ddcCUoOF.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Users\Florian\AppData\Local\Temp\ljJBQKAS.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Users\Florian\AppData\Local\Temp\wvUNEUOI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

OK. C'est noté! Merci!

J'ai oublié de préciser que le programme sur lequel j'ai cliqué ne s'est même pas ouvert. Je crains un virus ou qqchose dans le genre car mon ordi rame comme jamais!!

Bonjour! J'ai téléchargé un programme sur emule "MP4 Portable", et quand je l'ai dézippé j'ai obtenu un programme sur lequel j'ai cliqué. Depuis mon ordi est très ralenti et il y a continuellement le sablier (cercle bleu depuis vista!) à côté de ma flèche de souris. J'ai Norton mais il ne m'a rien signalé. J'ai lancé une analyse qui n'a rien trouvé. J'ai essayé avec d'autres anti-virus type AntiMalware, AVG, et ça n'a pas non plus abouti. Je ne sais plus quoi faire. En plus je suis loin d'être un pro de l'informatique!! Je me suis ballader sur le forum et j'ai cru comprendre que dans ces cas là il fallait utiliser Hijackthis pour mieux comprendre. Voici donc le rapport: (merci d'avance à celui qui aura la gentillesse de se pencher sur ce qui est pour moi du charabia!!) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:16:42, on 09/07/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Neuf\Media Center\MediaCenter.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\Program Files\Neuf\Media Center\httpd\httpd.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\hp\kbd\kbd.exe C:\Windows\system32\taskeng.exe C:\Karcher\HijackThis.exe c:\program files\google\googletoolbar2user.exe C:\WINDOWS\System32\WinSecure.exe C:\WINDOWS\System32\WinSecure.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Florian\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Tool] WinSecure.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 10546 bytes