l'oreleï

Cher falkra Encore merci¨... L'orelei

Cher Falkra L'informatique est une source inépuisable de rebondissements, cette apres midi en rallumant mon portable, qui etait en veille, j'ai eu un écran bleu, avec toutes les mises en garde qui accompagnent cette apparition, un écran bleu c'est un peu comme un rayon vert on pense que ca n'existe que dans les films de Rohmer. Pour cette raison en plus du rapport main texte, je te livre les lignes d'écriture d'une erreur sérieuse qui s'est produite peu avant le grand bleu, et que faute d'internet je n'adresse qu'à toi. Dois-je m'inquiter? J'ai rallumé depuis mon portable sans reproduction du problème mais tjrs avec ses deux erreurs de chargement Merci L'oreleï Deckard's System Scanner v20071014.68 Run by Biketo on 2008-07-30 23:01:19 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Biketo.exe) ---------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:01:40, on 30/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iFinger\iFinger.exe C:\Program Files\Softissimo\Lexibase Pro\exe\L-Express.exe C:\Program Files\Softissimo\Lexibase Pro\exe\lexibase.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Softissimo\Lexibase Pro\exe\lexibase.exe C:\Program Files\QuickTime\PrintKey 2000 Fr\Printkey 2000 Fr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Biketo\Bureau\dss.exe C:\PROGRA~1\HIJACK~1\Biketo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\thqhfrqq.dll",s O4 - HKLM\..\Run: [1ccba4c9] rundll32.exe "C:\WINDOWS\system32\ldoaoyfb.dll",b O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\mp\devdpll.exe O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\QuickTime\PrintKey 2000 Fr\Printkey 2000 Fr.exe O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O4 - Global Startup: Lexibase Express.lnk = C:\Program Files\Softissimo\Lexibase Pro\exe\L-Express.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing) O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe (file missing) -- End of file - 6534 bytes -- Files created between 2008-06-30 and 2008-07-30 ----------------------------- 2008-07-29 11:17:44 0 d-------- C:\Documents and Settings\Biketo\Application Data\Malwarebytes 2008-07-29 11:17:36 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-07-29 11:17:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-28 11:10:46 0 d-------- C:\WINDOWS\ERUNT -- Find3M Report --------------------------------------------------------------- 2008-07-29 09:32:39 0 d-------- C:\Program Files\Yahoo! 2008-07-23 23:53:45 0 d-------- C:\Program Files\DivX 2008-06-07 19:27:13 0 d-------- C:\Program Files\QuickTime -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [30/04/2008 13:48] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [29/06/2007 06:24] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [14/10/2005 20:53] "SoundMan"="SOUNDMAN.EXE" [24/04/2003 16:53 C:\WINDOWS\SOUNDMAN.EXE] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [28/07/2003 15:12] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [] "BM1ff89755"="C:\WINDOWS\system32\thqhfrqq.dll" [] "1ccba4c9"="C:\WINDOWS\system32\ldoaoyfb.dll" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 18:24] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [20/01/2008 23:40] "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [20/08/2004 01:09] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "NISUM"=2 (0x2) "ccPxySvc"=2 (0x2) "ccPwdSvc"=3 (0x3) "ccEvtMgr"=2 (0x2) "avast! Web Scanner"=3 (0x3) "avast! Mail Scanner"=3 (0x3) "avast! Antivirus"=2 (0x2) "aswUpdSv"=2 (0x2) "AVG Anti-Spyware Guard"=2 (0x2) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp -- End of Deckard's System Scanner: finished at 2008-07-30 23:02:10 ------------ BCCode : 1000007f BCP1 : 00000008 BCP2 : 80042000 BCP3 : 00000000 BCP4 : 00000000 OSVer : 5_1_2600 SP : 2_0 Product : 768_1 C:\DOCUME~1\Biketo\LOCALS~1\Temp\WER0942.dir00\Mini073008-01.dmp C:\DOCUME~1\Biketo\LOCALS~1\Temp\WER0942.dir00\sysdata.xml

Cher Falkra Avec tes précieux conseils, j'ai presque retrouvé toutes les fonctionnalités de mon portable. Quelques infos pour ta gouverne. En premier lieu l'intrus ne se manifeste plus merci tres fort!! En deuxième lieu, j'ai fait un détour par exe:msconfig et j'ai remis en service la fonction demarrage en mode normale, toutes les actions qui avaient besoin des sercices sont reparties (cle USB, Son, reconnaissance de CD...!!) En troisième lieu quand je redémarre et que le bureau s'installe, il ouvre une fenetre qui avertit: "2 erreurs de chargement, C:windows\système32\ideaoyfb.dll le module spécidié est introuvable, idem avec C:windows\système32\thqhfrrqq.dll Comment m'en débarrasser? Pour internet j'ai essayé, mais je suis configurée avec la neufbox et ma tentative actuelle s'effectue via Tele2box. Selon toi je dois reconfigurer pour passer du FAI 9 au FAI tele2? Quoi qu'il soit: En corps merci Falkra pour ta généreuse disponibilité et ta vundofermeté L'Oreleï

Falkra Je vais suivre ton conseil pour les perturbations du système, et je t'informerai des résultats. Bonne nuit et Grencore merci l'oreleï

Cher Falkra Une observation, pourquoi le rapport du scan antivir effectué apres le nettoyage de MBAM a t-il trouvé des traces importantes de Vundo , pourquoi MBAM n'a-il pas deleté lui même les fichiers infectés? Je ne crois pas que ces fichiers aient été detruits par Antivir, ça me parait trop simple! Mais peut être que je souffre de paranoïa Merci de ta réponse. Pour la réponse à ta question c'est apparu avec l'intru et sa prise de possession de mon ordi, mais les fichiers de démarrage ont ils une incidence sur ces éléments car il se peut que j'ai tripo.. j'atttends tes commentaires L'Oreleï

Cher Falkra Je constate avec toi que la bête sommeille, Antivir a beaucoup chuinté durant son scan, et les fichiers siffleurs sont dans Système 32, comme un poisson dans l'eau! Quand penses-tu empoisonner le bain des silènes? J'ai récupéré un système un peu bancale! J'ai plus de reconnaissance des clés USB, j'ai plus de son pour la musique, Window média ne reconnait plus les CDrom, et ma liaison internet est défectueuse. Mais j'arrive à ouvrir le bureau sans que l'alerte stridente ne se mette en route. J'ai bien imaginé, histoire de pousser les intrus dehors, lacher Vundofix dans Grand Corp Malade, mais, en mémoire de Sev la tartineuse, qui m'a autrefois gourmandée pour mes initiatives audacieuses, j'ai opté pour la reconnaissance et l'humilité! C'est dans cette disposition que j'attends tes nouvelles instructions Merci de ton appui L'oreleï

Falkra Je poste le log hijacthis apres malwarebytes et le rapport du scan d'antivir que j'ai effectué par la suite. Je me tiens en veille L'oreleï Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:07:46, on 29/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hijackthis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-21-2118766884-1228678561-669110067-1007\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?') O4 - HKUS\S-1-5-21-2118766884-1228678561-669110067-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-2118766884-1228678561-669110067-1007\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 -- End of file - 3824 bytes Avira AntiVir Personal Report file date: mardi 29 juillet 2008 15:50 Scanning for 1302528 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: Biketo Computer name: CÉLINE Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 30/04/2008 11:48:39 AVSCAN.DLL : 8.1.1.0 53505 Bytes 30/04/2008 11:48:39 LUKE.DLL : 8.1.2.9 151809 Bytes 30/04/2008 11:48:39 LUKERES.DLL : 8.1.2.1 12033 Bytes 30/04/2008 11:48:39 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 12:42:00 ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 16:35:14 ANTIVIR3.VDF : 7.0.4.118 376832 Bytes 30/05/2008 16:35:21 Engineversion : 8.1.0.50 AEVDF.DLL : 8.1.0.5 102772 Bytes 30/04/2008 11:48:40 AESCRIPT.DLL : 8.1.0.37 270715 Bytes 30/05/2008 16:35:41 AESCN.DLL : 8.1.0.20 119157 Bytes 30/05/2008 16:35:39 AERDL.DLL : 8.1.0.20 418165 Bytes 30/04/2008 11:48:40 AEPACK.DLL : 8.1.1.5 364918 Bytes 30/05/2008 16:35:38 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 30/04/2008 11:48:40 AEHEUR.DLL : 8.1.0.29 1253750 Bytes 30/05/2008 16:35:35 AEHELP.DLL : 8.1.0.15 115063 Bytes 30/05/2008 16:35:27 AEGEN.DLL : 8.1.0.24 307573 Bytes 30/05/2008 16:35:26 AEEMU.DLL : 8.1.0.6 430451 Bytes 09/05/2008 17:27:55 AECORE.DLL : 8.1.0.30 168311 Bytes 30/05/2008 16:35:23 AVWINLL.DLL : 1.0.0.7 14593 Bytes 30/04/2008 11:48:39 AVPREF.DLL : 8.0.0.1 25857 Bytes 30/04/2008 11:48:39 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVREG.DLL : 8.0.0.0 30977 Bytes 30/04/2008 11:48:39 AVARKT.DLL : 1.0.0.23 307457 Bytes 30/04/2008 11:48:39 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 30/04/2008 11:48:39 SQLITE3.DLL : 3.3.17.1 339968 Bytes 30/04/2008 11:48:40 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 30/04/2008 11:48:40 NETNT.DLL : 8.0.0.1 7937 Bytes 30/04/2008 11:48:39 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 30/04/2008 11:48:30 RCTEXT.DLL : 8.0.32.0 86273 Bytes 30/04/2008 11:48:30 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: mardi 29 juillet 2008 15:50 Starting search for hidden objects. '53170' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'msmsgs.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'QTTask.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 16 processes with 16 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] In the drive 'D:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( '20' files ). Starting the file scan: Begin scan in 'C:\' <HDD> C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001327.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was deleted! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001329.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was deleted! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001330.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was deleted! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001331.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '48bf27b0.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001332.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was deleted! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001333.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '48bf27b9.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001334.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was deleted! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001335.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '48bf27c3.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001337.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '48bf27cb.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001338.exe [DETECTION] Is the Trojan horse TR/Drop.Softomat.AN [NOTE] The file was moved to '48bf27cd.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001342.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '48bf27d1.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001343.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '48bf27d4.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001345.dll [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '48bf27d9.qua'! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0001346.exe [DETECTION] Is the Trojan horse TR/Killav.28714 [NOTE] The file was moved to '48bf27de.qua'! C:\WINDOWS\NirCmd.exe [DETECTION] Contains detection pattern of the application APPL/NirCmd.3 [NOTE] The file was moved to '49012849.qua'! C:\WINDOWS\system32\crtytkrs.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '49032e3a.qua'! C:\WINDOWS\system32\hcwdtsdn.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '49062e42.qua'! C:\WINDOWS\system32\jqrfroas.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '49012e5d.qua'! C:\WINDOWS\system32\sksowirg.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '49022e87.qua'! C:\WINDOWS\system32\tvhcelgu.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48f72ea0.qua'! C:\WINDOWS\system32\wvnrxunp.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48fd2eb4.qua'! C:\WINDOWS\system32\wvokqpxd.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48fe2eb7.qua'! Begin scan in 'D:\' Search path D:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'E:\' Search path E:\ could not be opened! Fonction incorrecte. End of the scan: mardi 29 juillet 2008 16:52 Used time: 1:02:04 min The scan has been done completely. 6829 Scanning directories 205554 Files were scanned 22 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 5 files were deleted 0 files were repaired 17 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 205532 Files not concerned 6725 Archives were scanned 3 Warnings 22 Notes 53170 Objects were scanned with rootkit scan 0 Hidden objects were found

Cher Falkra Voilà la suite, vundo m'a corrompu beaucoup de fichiers mais je crois qu'on progresse! Malwarebytes' Anti-Malware 1.23 Version de la base de données: 985 Windows 5.1.2600 Service Pack 2 11:25:00 29/07/2008 mbam-log-7-29-2008 (11-25-00).txt Type de recherche: Examen rapide Eléments examinés: 37936 Temps écoulé: 4 minute(s), 10 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 15 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 20 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\opnlLDtt.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\gdioscjp.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{664a3104-25bf-4786-9e45-ea61e46dfe9f} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{664a3104-25bf-4786-9e45-ea61e46dfe9f} (Trojan.Vundo) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\AntiSpywareExpert (Rogue.AntiSpywareExpert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm1ff89755 (Trojan.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\opnlldtt -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\opnlldtt -> Delete on reboot. Dossier(s) infecté(s): C:\WINDOWS\system32\mp (Trojan.Agent) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\gdioscjp.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\opnlLDtt.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\ttDLlnpo.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ttDLlnpo.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dmyrvhdw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wdhvrymd.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\klqysged.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uwjhyhlo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wgokpgdl.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cjwickvd.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rjfbqlhu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ueqkcbat.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hxjqulcx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nbnfpkoq.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\ljJYOeBS.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM1ff89755.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM1ff89755.txt (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully. Mreci de ton aide L'oreleï

Cher Falkra Voilà le Log version 2.0.2, Sdfix a bien travaillé, je constate que le méchant trojan Vundo.gen est tjrs là!!!(O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s) Antivir l'avait repéré, mais que je n'ai jamais pu éliminer, car qd je le tiens par la barbichette dans système 32, il me défit par ses protections multiples même en mode sans échec! Je compte sur ta fermeté L'oreileï Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:23:17, on 29/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hijackthis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-21-2118766884-1228678561-669110067-1007\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?') O4 - HKUS\S-1-5-21-2118766884-1228678561-669110067-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-2118766884-1228678561-669110067-1007\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 -- End of file - 3465 bytes

falkra Dur dur de lancer mon portable mais réparer est une idée fixe!! SDFix est passé mais je sens que tout n'a pas été fait Je t'envoie le résultat et mes espoirs! Bonne lecture L'oreleï SDFix: Version 1.208 Run by Administrateur on 28/07/2008 at 11:51 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\system32\rqRKEWNh.dll - Deleted C:\WINDOWS\system32\msnav32.ax - Deleted C:\WINDOWS\system32\pac.txt - Deleted C:\WINDOWS\system32\wsnpoem\video.dll - Deleted C:\WINDOWS\system32\wsnpoem\audio.dll - Deleted Folder C:\WINDOWS\system32\pnVes01 - Removed Folder C:\WINDOWS\system32\wsnpoem - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-28 12:05:18 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... C:\Documents and Settings\Biketo\Mes documents\quatrième année science po\culture générale\DROIT\reforme etat\Réforme de l'adm territoriale\Fiches concours la réforme de l’administration territoriale de l’Etat - catégorie A - La Documentation française_fichiers\Thumbs.db:encryptable 0 bytes hidden from API scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 1 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\\Program Files\\Real\\RealOne Player\\realplay.exe"="C:\\Program Files\\Real\\RealOne Player\\realplay.exe:*:Enabled:RealOne Player" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\BIT4.tmp" Sun 1 Jun 2008 12,800 ..SH. --- "C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\certiff.dll" Sun 1 Jun 2008 86,016 ..SH. --- "C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe" Finished! Logfile of HijackThis v1.99.1 Scan saved at 12:37:40, on 28/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Biketo\Bureau\dss.exe C:\DOCUME~1\Biketo\Bureau\Biketo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: {b2a1fb2b-93e4-801b-d4d4-85e9303d5ef1} - {1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} - C:\WINDOWS\system32\gdioscjp.dll O2 - BHO: (no name) - {91FE419D-C575-4CEB-9297-BC136FF5FCD0} - C:\WINDOWS\system32\opnlLDtt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1

Falkra Je disparais jusqu'à dimanche soir Bonne continuation L'oreleï

Falkra Petit pb qd j'ai voulu rallumer mon Packard apres les manips d'hier, bruit stridant, plus de bureau, et au seul menu: Press F2 to enter Bios set up- F12 to boot net work. J'imagine que ça te parle plus qu'a moi! Je reste en observation Merci L'oreleï

Falkra j'ai effectué tes recommandations, DSS a parfaitemant accepté de se réouvrir sur le Packard (via un CD car pas de lecteur de disquette)et j'ai pu rappatrier les fichiers textes demandés via un logiciel Sonic qui m'a sauvé la mise! Je te livre quatre fichiers contre deux demandés, de peur de selectionner les mauvais. Bonne reception et merci de ton aide Lorelië Deckard's System Scanner v20071014.68 Run by Biketo on 2008-07-23 23:30:53 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Biketo.exe) ---------------------------------------------- Unable to find log (file not found); running clone. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-07-23 23:31:55 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe E:\dss.exe C:\Documents and Settings\Biketo\Bureau\Biketo.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe, O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\APPS\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: {b2a1fb2b-93e4-801b-d4d4-85e9303d5ef1} - {1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} - C:\WINDOWS\system32\gdioscjp.dll O2 - BHO: (no name) - {42F7811C-B8B3-4D48-AD62-66121630B72D} - C:\WINDOWS\system32\opnlLDtt.dll O2 - BHO: (no name) - {7BEEF273-942D-47E7-8A30-0955B149FC30} - C:\WINDOWS\system32\rqRKEWNh.dll O2 - BHO: (no name) - {A6C54318-5AC7-477D-B0A7-49AF5189300C} - C:\WINDOWS\system32\mlJCUOee.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s O4 - HKCU\..\Run: [lsass] C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL O20 - Winlogon Notify: mlJCUOee - C:\WINDOWS\system32\mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\system32\rqRKEWNh.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe -- End of file - 7059 bytes -- Files created between 2008-06-23 and 2008-07-23 ----------------------------- 2008-06-23 23:29:48 102464 --a------ C:\WINDOWS\system32\gdioscjp.dll -- Find3M Report --------------------------------------------------------------- 2008-07-23 23:30:55 558224 --ahs---- C:\WINDOWS\system32\ttDLlnpo.ini2 2008-06-18 16:37:09 102464 --a------ C:\WINDOWS\system32\hxjqulcx.dll 2008-06-18 16:34:15 94272 --a------ C:\WINDOWS\system32\dmyrvhdw.dll 2008-06-18 16:34:07 102464 --a------ C:\WINDOWS\system32\nbnfpkoq.dll 2008-06-17 17:03:04 25392 --a------ C:\WINDOWS\system32\ljJYOeBS.dll 2008-06-17 16:31:01 102976 --a------ C:\WINDOWS\system32\tvhcelgu.dll 2008-06-16 11:17:33 104000 --a------ C:\WINDOWS\system32\uwjhyhlo.dll 2008-06-16 11:14:33 102976 --a------ C:\WINDOWS\system32\hcwdtsdn.dll 2008-06-16 10:14:28 104000 --a------ C:\WINDOWS\system32\ueqkcbat.dll 2008-06-15 09:25:28 104512 --a------ C:\WINDOWS\system32\klqysged.dll 2008-06-15 09:19:48 102976 --a------ C:\WINDOWS\system32\sksowirg.dll 2008-06-13 19:41:54 102976 --a------ C:\WINDOWS\system32\cjwickvd.dll 2008-06-13 19:40:07 104000 --a------ C:\WINDOWS\system32\jqrfroas.dll 2008-06-11 16:09:12 103488 --a------ C:\WINDOWS\system32\rjfbqlhu.dll 2008-06-11 16:09:05 103488 --a------ C:\WINDOWS\system32\wvokqpxd.dll 2008-06-10 15:10:42 103488 --a------ C:\WINDOWS\system32\wgokpgdl.dll 2008-06-10 15:07:41 103488 --a------ C:\WINDOWS\system32\wvnrxunp.dll 2008-06-10 13:07:40 103488 --a------ C:\WINDOWS\system32\crtytkrs.dll 2008-06-07 19:27:13 0 d-------- C:\Program Files\QuickTime 2008-05-25 13:28:16 0 d-------- C:\Documents and Settings\Biketo\Application Data\DivX 2008-05-24 23:24:23 26480 --a------ C:\WINDOWS\system32\rqRKEWNh.dll 2008-04-30 14:07:32 283136 -----n--- C:\WINDOWS\system32\opnlLDtt.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b}] 23/06/2008 23:29 102464 --a------ C:\WINDOWS\system32\gdioscjp.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{42F7811C-B8B3-4D48-AD62-66121630B72D}] 30/04/2008 14:07 283136 --------- C:\WINDOWS\system32\opnlLDtt.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7BEEF273-942D-47E7-8A30-0955B149FC30}] 24/05/2008 23:24 26480 --a------ C:\WINDOWS\system32\rqRKEWNh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6C54318-5AC7-477D-B0A7-49AF5189300C}] C:\WINDOWS\system32\mlJCUOee.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [30/04/2008 13:48] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [29/06/2007 06:24] "BM1ff89755"="C:\WINDOWS\system32\nbnfpkoq.dll" [18/06/2008 16:34] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "lsass"="C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe" [01/06/2008 18:35] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [20/01/2008 23:40] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [20/08/2004 01:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 18:24] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{A6C54318-5AC7-477D-B0A7-49AF5189300C}"= C:\WINDOWS\system32\mlJCUOee.dll [ ] "{7BEEF273-942D-47E7-8A30-0955B149FC30}"= C:\WINDOWS\system32\rqRKEWNh.dll [24/05/2008 23:24 26480] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe," [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJCUOee] mlJCUOee.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqRKEWNh] rqRKEWNh.dll 24/05/2008 23:24 26480 C:\WINDOWS\system32\rqRKEWNh.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\opnlLDtt [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^iFinger 2.0.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\iFinger 2.0.lnk backup=C:\WINDOWS\pss\iFinger 2.0.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lexibase Express.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lexibase Express.lnk backup=C:\WINDOWS\pss\Lexibase Express.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Biketo^Menu Démarrer^Programmes^Démarrage^DW_Start.lnk] path=C:\Documents and Settings\Biketo\Menu Démarrer\Programmes\Démarrage\DW_Start.lnk backup=C:\WINDOWS\pss\DW_Start.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Biketo^Menu Démarrer^Programmes^Démarrage^PrintKey 2000 Fr.lnk] path=C:\Documents and Settings\Biketo\Menu Démarrer\Programmes\Démarrage\PrintKey 2000 Fr.lnk backup=C:\WINDOWS\pss\PrintKey 2000 Fr.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1ccba4c9] rundll32.exe "C:\WINDOWS\system32\ldoaoyfb.dll",b [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM1ff89755] Rundll32.exe "C:\WINDOWS\system32\thqhfrqq.dll",s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lsass] C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "NISUM"=2 (0x2) "ccPxySvc"=2 (0x2) "ccPwdSvc"=3 (0x3) "ccEvtMgr"=2 (0x2) "avast! Web Scanner"=3 (0x3) "avast! Mail Scanner"=3 (0x3) "avast! Antivirus"=2 (0x2) "aswUpdSv"=2 (0x2) "xmlprov"=3 (0x3) "WZCSVC"=2 (0x2) "wuauserv"=2 (0x2) "wscsvc"=2 (0x2) "WmiApSrv"=3 (0x3) "WmdmPmSN"=3 (0x3) "winmgmt"=2 (0x2) "WebClient"=2 (0x2) "W32Time"=2 (0x2) "VSS"=3 (0x3) "VCSSecS"=2 (0x2) "UxTuneUp"=2 (0x2) "UPS"=3 (0x3) "upnphost"=3 (0x3) "UMWdf"=2 (0x2) "TrkWks"=2 (0x2) "Themes"=2 (0x2) "TermService"=3 (0x3) "TapiSrv"=3 (0x3) "SysmonLog"=3 (0x3) "SwPrv"=3 (0x3) "stisvc"=2 (0x2) "SSDPSRV"=3 (0x3) "srservice"=2 (0x2) "Spooler"=2 (0x2) "SNDSrvc"=3 (0x3) "SLService"=2 (0x2) "ShellHWDetection"=2 (0x2) "SharedAccess"=2 (0x2) "SENS"=2 (0x2) "seclogon"=2 (0x2) "Schedule"=2 (0x2) "SCardSvr"=3 (0x3) "SamSs"=2 (0x2) "RSVP"=3 (0x3) "RDSessMgr"=3 (0x3) "RasMan"=3 (0x3) "RasAuto"=3 (0x3) "ProtectedStorage"=2 (0x2) "PolicyAgent"=2 (0x2) "PlugPlay"=2 (0x2) "NtmsSvc"=3 (0x3) "NtLmSsp"=3 (0x3) "Nla"=3 (0x3) "Netman"=3 (0x3) "Netlogon"=3 (0x3) "MSIServer"=3 (0x3) "MSDTC"=3 (0x3) "mnmsrvc"=3 (0x3) "MDM"=2 (0x2) "LmHosts"=2 (0x2) "LexBceS"=2 (0x2) "lanmanworkstation"=2 (0x2) "lanmanserver"=2 (0x2) "iPodService"=3 (0x3) "ImapiService"=3 (0x3) "HTTPFilter"=3 (0x3) "helpsvc"=2 (0x2) "gusvc"=2 (0x2) "FastUserSwitchingCompatibility"=3 (0x3) "EventSystem"=3 (0x3) "Eventlog"=2 (0x2) "ERSvc"=2 (0x2) "Dnscache"=2 (0x2) "dmserver"=3 (0x3) "dmadmin"=3 (0x3) "Dhcp"=2 (0x2) "CryptSvc"=2 (0x2) "COMSysApp"=3 (0x3) "CiSvc"=3 (0x3) "Browser"=2 (0x2) "BITS"=2 (0x2) "AVG Anti-Spyware Guard"=2 (0x2) "AudioSrv"=2 (0x2) "AppMgmt"=3 (0x3) "AntiVirService"=2 (0x2) "AntiVirScheduler"=2 (0x2) "ALG"=3 (0x3) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp -- End of Deckard's System Scanner: finished at 2008-07-23 23:33:07 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Unable to create WMI object. Architecture: X86; Language: French Percentage of Memory in Use: 21% Physical Memory (total/avail): 991.48 MiB / 777.38 MiB Pagefile Memory (total/avail): 1047.12 MiB / 928.29 MiB Virtual Memory (total/avail): 2047.88 MiB / 1947.77 MiB C: is Fixed (NTFS) - 31.25 GiB total, 6.74 GiB free. D: is Removable (No Media) E: is CDROM (CDFS) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. Unable to create WMI object. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Biketo\Application Data CLASSPATH=.;C:\WINDOWS\System32\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Fichiers communs COMPUTERNAME=CÉLINE ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Biketo LOGONSERVER=\\CÉLINE NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\PROGRA~1\FICHIE~1\TVNAVI~1;C:\Program Files\QuickTime\QTSystem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0a00 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\WINDOWS\System32\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Biketo\LOCALS~1\Temp TMP=C:\DOCUME~1\Biketo\LOCALS~1\Temp USERDOMAIN=CÉLINE USERNAME=Biketo USERPROFILE=C:\Documents and Settings\Biketo windir=C:\WINDOWS __COMPAT_LAYER=EnableNXShowUI -- User Profiles --------------------------------------------------------------- Biketo (admin) Administrateur (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> "C:\TeLL me More NV\BIN\unsetup.exe" -file "C:\TeLL me More NV\unsetup.aui" --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{09B44E78-A988-4BC0-962F-63ECD3333708} /l1036 --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER --> C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" --> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu --> C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove --> C:\WINDOWS\System32\\MSIEXEC.EXE /x {8855FF30-19CE-4CB1-A654-87B38369CCE1} --> C:\WINDOWS\uninst.exe -fC:\APPS\Audioneer\NewDJ\DeIsL1.isu -cC:\APPS\Audioneer\NewDJ\_ISREG32.DLL --> MsiExec.exe /I{17BB7031-B6D9-4D27-A3A1-B0E672A0972C} --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display' --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2' --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2' --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay' 7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe" ABBYY FineReader 5.0 Sprint --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2} Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Flash Player 9 ActiveX --> C:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.exe /REMOVE CD-Universalis 3.0 --> C:\WINDOWS\unin040c.exe -f"C:\Program Files\CD-Universalis 3\DeIsL1.isu" CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe Corel Applications --> C:\WINDOWS\Corel\Uninst32.exe Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB885884 --> C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Encyclopédie Hachette Multimédia --> C:\WINDOWS\unvise32.exe C:\program files\EHMINSTALL\uninstal.log FaxTools --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x40c ControlPanel Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" HijackThis 1.99.1 --> C:\Documents and Settings\Biketo\Bureau\HijackThis.exe /uninstall iFinger 2.0 --> C:\PROGRA~1\iFinger\UNWISE.EXE C:\PROGRA~1\iFinger\INSTALL.LOG iPod for Windows 2005-09-06 --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2E4E8905-5F24-4AEA-84E2-923CC12E3AB1} /l1036 iTunes --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{47808F78-F178-49DC-B708-15FE538B16FF} Kit d'installation --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C650676-CDDB-42C0-8D11-3EEB7F791F99}\setup.exe" -l0x40c -eth Kit de connexion ADSL --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{81868ECE-C551-4D16-8272-53A6EC493872}\setup.exe" -l0x40c -eth Lexibase Pro --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22AE875F-B8B3-46AF-856C-CE858538D912}\setup.exe" -l0x40c Lexmark X1100 Series --> C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series Microsoft Office 2000 Professional --> MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7} Microsoft Word 2002 --> MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9} Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe" Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall PCFriendly --> C:\Program Files\PCFriendly\inuninst.exe PowerDVD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\SETUP.EXE" -uninstall PrintKey 2000 Fr --> C:\Program Files\PrintKey 2000 Fr\Uninstal.exe QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC} Sonic RecordNow DX --> MsiExec.exe /I{8855FF30-19CE-4CB1-A654-87B38369CCE1} Sony Ericsson PC Suite --> MsiExec.exe /I{CB0EAA54-406C-4119-9A63-EDD0DC1B2B47} TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B} VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409 WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe" Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe -- Application Event Log ------------------------------------------------------- No Errors/Warnings found. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ No Errors/Warnings found. -- End of Deckard's System Scanner: finished at 2008-07-23 23:24:24 ------------ Logfile of HijackThis v1.99.1 Scan saved at 23:35:02, on 23/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\Rundll32.exe C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\Biketo\Bureau\Biketo.exe C:\WINDOWS\notepad.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe, O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: {b2a1fb2b-93e4-801b-d4d4-85e9303d5ef1} - {1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} - C:\WINDOWS\system32\gdioscjp.dll O2 - BHO: (no name) - {42F7811C-B8B3-4D48-AD62-66121630B72D} - C:\WINDOWS\system32\opnlLDtt.dll O2 - BHO: (no name) - {7BEEF273-942D-47E7-8A30-0955B149FC30} - C:\WINDOWS\system32\rqRKEWNh.dll O2 - BHO: (no name) - {A6C54318-5AC7-477D-B0A7-49AF5189300C} - C:\WINDOWS\system32\mlJCUOee.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s O4 - HKCU\..\Run: [lsass] C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe, O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: {b2a1fb2b-93e4-801b-d4d4-85e9303d5ef1} - {1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} - C:\WINDOWS\system32\gdioscjp.dll O2 - BHO: (no name) - {42F7811C-B8B3-4D48-AD62-66121630B72D} - C:\WINDOWS\system32\opnlLDtt.dll O2 - BHO: (no name) - {7BEEF273-942D-47E7-8A30-0955B149FC30} - C:\WINDOWS\system32\rqRKEWNh.dll O2 - BHO: (no name) - {A6C54318-5AC7-477D-B0A7-49AF5189300C} - C:\WINDOWS\system32\mlJCUOee.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s O4 - HKCU\..\Run: [lsass] C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe, O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: {b2a1fb2b-93e4-801b-d4d4-85e9303d5ef1} - {1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} - C:\WINDOWS\system32\gdioscjp.dll O2 - BHO: (no name) - {42F7811C-B8B3-4D48-AD62-66121630B72D} - C:\WINDOWS\system32\opnlLDtt.dll O2 - BHO: (no name) - {7BEEF273-942D-47E7-8A30-0955B149FC30} - C:\WINDOWS\system32\rqRKEWNh.dll O2 - BHO: (no name) - {A6C54318-5AC7-477D-B0A7-49AF5189300C} - C:\WINDOWS\system32\mlJCUOee.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s O4 - HKCU\..\Run: [lsass] C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe, O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: {b2a1fb2b-93e4-801b-d4d4-85e9303d5ef1} - {1fe5d303-9e58-4d4d-b108-4e39b2bf1a2b} - C:\WINDOWS\system32\gdioscjp.dll O2 - BHO: (no name) - {42F7811C-B8B3-4D48-AD62-66121630B72D} - C:\WINDOWS\system32\opnlLDtt.dll O2 - BHO: (no name) - {7BEEF273-942D-47E7-8A30-0955B149FC30} - C:\WINDOWS\system32\rqRKEWNh.dll O2 - BHO: (no name) - {A6C54318-5AC7-477D-B0A7-49AF5189300C} - C:\WINDOWS\system32\mlJCUOee.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bM1ff89755] Rundll32.exe "C:\WINDOWS\system32\nbnfpkoq.dll",s O4 - HKCU\..\Run: [lsass] C:\Documents and Settings\Biketo\Application Data\Microsoft\Windows\lsass.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/PestScanner/pestscan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_3_0_0_32.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFna...nacmusicDnl.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{5E594E80-8378-4E0F-8188-CAF89D009AD8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: mlJCUOee - mlJCUOee.dll (file missing) O20 - Winlogon Notify: rqRKEWNh - C:\WINDOWS\SYSTEM32\rqRKEWNh.dll Directories/Files moved to C:\Deckard\System Scanner\backup 2008-01-08 10:43:40 0 d---s---- C:\DOCUME~1\Biketo\LOCALS~1\Temp\Historique 2008-01-08 10:43:40 0 d---s---- C:\DOCUME~1\Biketo\LOCALS~1\Temp\Temporary Internet Files 2007-12-13 18:03:03 0 d---s---- C:\WINDOWS\temp\Historique 2007-12-13 18:03:02 0 d---s---- C:\WINDOWS\temp\Temporary Internet Files 2008-05-30 09:56:11 1504720 --a------ C:\WINDOWS\Downloaded Program Files\ASE_Setup_Free_fr.exe <Verified; AntiSpywareSolutionPro Inc.; AntiSpywareExpert> 2007-11-18 00:42:25 24576 --a------ C:\WINDOWS\Downloaded Program Files\conspawn.exe 2007-10-22 11:17:14 162304 --a------ C:\WINDOWS\Downloaded Program Files\DNLMANAGER.EXE <Not Verified; Fnacmusic; DnlManager.exe> 2007-11-20 17:04:32 1523536 --a------ C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe <Verified; Adobe Systems Incorporated; Adobe® Flash® Player ActiveX> 2008-03-26 17:36:02 185344 --a------ C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M2802NetInstaller.exe <Not Verified; Locussoftcorp LTD.; Locussoftcorp Installer> 2007-08-21 14:37:26 124208 --a------ C:\WINDOWS\Downloaded Program Files\ascstubie.dll <Verified; Panda Security; Panda TotalScan> 2006-10-23 11:37:28 241664 --a------ C:\WINDOWS\Downloaded Program Files\cpcScan.dll <Not Verified; Crucial Technology, Inc.; cpcScan> 2005-01-31 15:11:00 685120 --a------ C:\WINDOWS\Downloaded Program Files\ppctl.dll <Verified; Computer Associates International, Inc.; eTrust PestPatrol version 5.0 COM control> 2007-10-22 11:17:14 12288 --a------ C:\WINDOWS\Downloaded Program Files\FNACMUSICDNL.OCX <Not Verified; FNAC; FnacmusicDnl.ocx> 2007-10-22 11:17:14 260880 --a------ C:\WINDOWS\Downloaded Program Files\MSFLXGRD.OCX <Verified; Microsoft Corporation; Microsoft FlexGrid Control> 2005-06-30 10:46:56 676864 --a------ C:\WINDOWS\Downloaded Program Files\pestscanx.ocx <Not Verified; Visicom Media; PestScan> -*- End of Logfile -*-

Cher Falkra Merci de ta réponse rapide, mais il y a un point sur lequel je me suis peut être mal faite comprendre, je n'ai plus d'acces internet, c'est à partir d'un autre portable(HP sous vista) que j'ai rejoint le forum. Je ne peux intervenir qu'indirectement sur mon portable Packard, en effectuant les requêtes que tu me commandera de faire. Toutefois si DSS est facilement transportable d'un ordi à l'autre je peux le telecharger sur le Hp et tenté de l'installer sur le Packard (si il bout sur le CD de copie), qu'en penses tu? mais pour le post, ce sera Bernik car je n'arrive, pour l'instant, à rien sortir de mon Packard bell. merci Lorelië