ISA24

Voici le contenu du rapport : [ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ] -->- Recherche: C:\rapport_clean.txt: trouvé ! C:\SmitFraudfix: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Documents and Settings\ISABELLE\Bureau\HijackThis.lnk: trouvé ! C:\Documents and Settings\ISABELLE\DoctorWeb\Quarantine\SmitFraudFix.exe: trouvé ! C:\Documents and Settings\ISABELLE\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download\HijackThis.exe: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé ! Mais je ne suis pas certaine qu'il ait supprimé quelque chose !!!!

Bonjour, Voici le rapport de Dr Web : SmitfraudFix.exe\SmitfraudFix\AntiXPVSTFix.exe;C:\SmitfraudFix.exe;BackDoor.IRC.Dosig.15;; SmitfraudFix.exe\SmitfraudFix\Process.exe;C:\SmitfraudFix.exe;Tool.Prockill;; SmitfraudFix.exe\SmitfraudFix\restart.exe;C:\SmitfraudFix.exe;Tool.ShutDown.11;; SmitfraudFix.exe;C:\;L'archive contient des éléments infectés;Quarantaine.; SmitfraudFix.exe\SmitfraudFix\AntiXPVSTFix.exe;C:\upload_moi_PCISA.tar.gz\upload_moi.tar\SmitfraudFix.exe;BackDoor.IRC.Dosig.15;; SmitfraudFix.exe\SmitfraudFix\Process.exe;C:\upload_moi_PCISA.tar.gz\upload_moi.tar\SmitfraudFix.exe;Tool.Prockill;; SmitfraudFix.exe\SmitfraudFix\restart.exe;C:\upload_moi_PCISA.tar.gz\upload_moi.tar\SmitfraudFix.exe;Tool.ShutDown.11;; SmitfraudFix.exe;C:\upload_moi_PCISA.tar.gz\upload_moi.tar;L'archive contient des éléments infectés;; upload_moi.tar\WINDOWS/System32/AntiXPVSTFix.exe;C:\upload_moi_PCISA.tar.gz\upload_moi.tar;BackDoor.IRC.Dosig.15;; upload_moi.tar;C:\upload_moi_PCISA.tar.gz;L'archive contient des éléments infectés;; upload_moi_PCISA.tar.gz;C:\;L'archive contient des éléments infectés;Quarantaine.; pskill.exe;C:\Documents and Settings\ISABELLE\Bureau\clean;Tool.ProcessKill.7;Irréparable.Quarantaine.; pskill.exe;C:\Documents and Settings\ISABELLE\Bureau\clean\clean;Tool.ProcessKill.7;Irréparable.Quarantaine.; POSTOOBE.NEC;C:\DRIVERS;VBS.Generic.278;Supprimé.; BitDownload-4.5-setup.exe\data011;C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe;Trojan.Swizzor.2856;; BitDownload-4.5-setup.exe;C:\Program Files\BitTorrent Fastest Tool;L'archive contient des éléments infectés;Quarantaine.; CodePostal.exe;C:\Program Files\Code Postal;Trojan.PWS.Banker.20737;Supprimé.; AntiXPVSTFix.exe;C:\SmitfraudFix;BackDoor.IRC.Dosig.15;Supprimé.; Process.exe;C:\SmitfraudFix;Tool.Prockill;Irréparable.Quarantaine.; restart.exe;C:\SmitfraudFix;Tool.ShutDown.11;Irréparable.Quarantaine.; A0006606.exe\SmitfraudFix\AntiXPVSTFix.exe;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21\A0006606.exe;BackDoor.IRC.Dosig.15;; A0006606.exe\SmitfraudFix\Process.exe;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21\A0006606.exe;Tool.Prockill;; A0006606.exe\SmitfraudFix\restart.exe;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21\A0006606.exe;Tool.ShutDown.11;; A0006606.exe;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21;L'archive contient des éléments infectés;Quarantaine.; A0006607.exe\data011;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21\A0006607.exe;Trojan.Swizzor.2856;; A0006607.exe;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21;L'archive contient des éléments infectés;Quarantaine.; A0006608.exe;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21;Trojan.PWS.Banker.20737;Supprimé.; A0006609.exe;C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21;BackDoor.IRC.Dosig.15;Supprimé.; AntiXPVSTFix.exe;C:\WINDOWS\system32;BackDoor.IRC.Dosig.15;Supprimé.; Process.exe;C:\WINDOWS\system32;Tool.Prockill;Irréparable.Quarantaine.; SmitfraudFix.exe\SmitfraudFix\AntiXPVSTFix.exe;D:\Logiciels\SmitfraudFix.exe;BackDoor.IRC.Dosig.15;; SmitfraudFix.exe\SmitfraudFix\Process.exe;D:\Logiciels\SmitfraudFix.exe;Tool.Prockill;; SmitfraudFix.exe\SmitfraudFix\restart.exe;D:\Logiciels\SmitfraudFix.exe;Tool.ShutDown.11;; SmitfraudFix.exe;D:\Logiciels;L'archive contient des éléments infectés;Quarantaine.; A0006611.exe\SmitfraudFix\AntiXPVSTFix.exe;D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21\A0006611.exe;BackDoor.IRC.Dosig.15;; A0006611.exe\SmitfraudFix\Process.exe;D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21\A0006611.exe;Tool.Prockill;; A0006611.exe\SmitfraudFix\restart.exe;D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21\A0006611.exe;Tool.ShutDown.11;; A0006611.exe;D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP21;L'archive contient des éléments infectés;Quarantaine.;

Encore essayée mais rien à faire. Je vais donc finir par la réparation mais est-ce valable pour XP ? et si je n'ai pas le cd de windows, à partir de quoi je réinstale ? Merci quand même pour votre temps

Oui, Oui, j'ai fais tout ça !! Cependant, toujours même chose. A chaque démarrage du pc, svchost se lance à 99%.

KB927891 exécuté mais message suivant : pas nécessaire d'installer cette mise à jour car version installée + récente. Rapport Dial a fix avec un retour d'erreur d'accès au registre OLE - error 2147319780 : Notes about this log: 1) "->" denotes an external command being executed, and "-> (number)" indicates the return code from the previous command 2) Not all external command return codes are accurate, or useful 3) Sometimes commands return 0 (no error) even when they fail or crash 4) If an error occurs while registering an object, please send an email to: dial-a-fix@DjLizard.net and include a copy of this log DAF version: v0.60.0.24 --- System info --- OS: Microsoft Windows XP Service Pack 3 IE version: 6.0.2900.5512 MPC: 76412-OEM CPU: AMD Athlon 64 Processor 3500+ (~2190MHz) CPU: CPU is 64-bit or has 64-bit extensions BIOS: 06/09/2005 Memory (approx): 2047MB Uptime: 0 hour(s) Current directory: C:\Drive\Dial-a-fix-v0.60.0.24\Dial-a-fix-v0.60.0.24 --- 06/10/2008 18:49:13 -- Dial-a-fix : [v0.60.0.24] -- started 18:49:13 | Policy scan started 18:49:13 | The following restrictive policies were found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Explorer\NoActiveDesktopChanges HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Explorer\NoThemesTab --- Emptying temp folders --- 18:50:45 | Deleting C:\Documents and Settings\ISABELLE\Local Settings\Temp... 18:50:46 | C:\Documents and Settings\ISABELLE\Local Settings\Temp could not be completely emptied, please reboot and try again 18:50:46 | Deleting C:\WINDOWS\temp... 18:50:46 | C:\WINDOWS\temp could not be completely emptied, please reboot and try again 18:50:46 | Deleting C:\DOCUME~1\ISABELLE\LOCALS~1\Temp... 18:50:46 | C:\DOCUME~1\ISABELLE\LOCALS~1\Temp could not be completely emptied, please reboot and try again --- MSI --- 18:51:16 | Registered: C:\WINDOWS\system32\msi.dll --- Windows Update --- --- Registration: Windows Update/Automatic Update DLLs --- 18:51:21 | Unregistered: C:\WINDOWS\system32\msxml.dll 18:51:21 | Registered: C:\WINDOWS\system32\msxml.dll 18:51:21 | Unregistered: C:\WINDOWS\system32\msxml2.dll 18:51:22 | Registered: C:\WINDOWS\system32\msxml2.dll 18:51:23 | Unregistered: C:\WINDOWS\system32\msxml3.dll 18:51:23 | Registered: C:\WINDOWS\system32\msxml3.dll 18:51:23 | Unregistered: C:\WINDOWS\system32\msxml4.dll 18:51:23 | Registered: C:\WINDOWS\system32\msxml4.dll 18:51:23 | Unregistered: C:\WINDOWS\system32\qmgr.dll 18:51:23 | Registered: C:\WINDOWS\system32\qmgr.dll 18:51:23 | Unregistered: C:\WINDOWS\system32\qmgrprxy.dll 18:51:23 | Registered: C:\WINDOWS\system32\qmgrprxy.dll 18:51:23 | Unregistered: C:\WINDOWS\system32\muweb.dll 18:51:23 | Registered: C:\WINDOWS\system32\muweb.dll 18:51:23 | Unregistered: C:\WINDOWS\system32\winhttp.dll 18:51:23 | Registered: C:\WINDOWS\system32\winhttp.dll 18:51:24 | Registered: C:\WINDOWS\system32\wuapi.dll 18:51:24 | Unregistered: C:\WINDOWS\system32\wuaueng.dll 18:51:24 | Registered: C:\WINDOWS\system32\wuaueng.dll 18:51:24 | Unregistered: C:\WINDOWS\system32\wuaueng1.dll 18:51:24 | Registered: C:\WINDOWS\system32\wuaueng1.dll 18:51:24 | Unregistered: C:\WINDOWS\system32\wucltui.dll 18:51:24 | Registered: C:\WINDOWS\system32\wucltui.dll 18:51:24 | Unregistered: C:\WINDOWS\system32\wups.dll 18:51:24 | Registered: C:\WINDOWS\system32\wups.dll 18:51:24 | Unregistered: C:\WINDOWS\system32\wups2.dll 18:51:24 | Registered: C:\WINDOWS\system32\wups2.dll 18:51:24 | Unregistered: C:\WINDOWS\system32\wuweb.dll 18:51:24 | Registered: C:\WINDOWS\system32\wuweb.dll 18:51:24 | Registered: C:\WINDOWS\system32\ole32.dll --- SSL/HTTPS/Cryptography --- 18:51:34 | Executed 'cmd.exe /c rmdir /q /s C:\WINDOWS\system32\Catroot2' --- Registration: SSL/HTTPS/Cryptography --- 18:51:38 | Unregistered: C:\WINDOWS\system32\cryptdlg.dll 18:51:38 | Registered: C:\WINDOWS\system32\cryptdlg.dll 18:51:38 | Unregistered: C:\WINDOWS\system32\cryptui.dll 18:51:38 | Registered: C:\WINDOWS\system32\cryptui.dll 18:51:38 | Unregistered: C:\WINDOWS\system32\cryptext.dll 18:51:38 | Registered: C:\WINDOWS\system32\cryptext.dll 18:51:38 | Unregistered: C:\WINDOWS\system32\dssenh.dll 18:51:38 | Registered: C:\WINDOWS\system32\dssenh.dll 18:51:38 | Unregistered: C:\WINDOWS\system32\gpkcsp.dll 18:51:38 | Registered: C:\WINDOWS\system32\gpkcsp.dll 18:51:39 | Unregistered: C:\WINDOWS\system32\initpki.dll 18:52:36 | Registered: C:\WINDOWS\system32\initpki.dll 18:52:36 | Unregistered: C:\WINDOWS\system32\licdll.dll 18:52:36 | Registered: C:\WINDOWS\system32\licdll.dll 18:52:36 | Unregistered: C:\WINDOWS\system32\mssign32.dll 18:52:36 | Registered: C:\WINDOWS\system32\mssign32.dll 18:52:36 | Unregistered: C:\WINDOWS\system32\mssip32.dll 18:52:36 | Registered: C:\WINDOWS\system32\mssip32.dll 18:52:36 | Unregistered: C:\WINDOWS\system32\scardssp.dll 18:52:36 | Registered: C:\WINDOWS\system32\scardssp.dll 18:52:36 | Unregistered: C:\WINDOWS\system32\sccbase.dll 18:52:36 | Registered: C:\WINDOWS\system32\sccbase.dll 18:52:36 | Unregistered: C:\WINDOWS\system32\scecli.dll 18:52:37 | Registered: C:\WINDOWS\system32\scecli.dll 18:52:37 | Unregistered: C:\WINDOWS\system32\softpub.dll 18:52:37 | Registered: C:\WINDOWS\system32\softpub.dll 18:52:37 | Unregistered: C:\WINDOWS\system32\slbcsp.dll 18:52:37 | Registered: C:\WINDOWS\system32\slbcsp.dll 18:52:37 | Unregistered: C:\WINDOWS\system32\regwizc.dll 18:52:37 | Registered: C:\WINDOWS\system32\regwizc.dll 18:52:37 | Unregistered: C:\WINDOWS\system32\rsaenh.dll 18:52:37 | Registered: C:\WINDOWS\system32\rsaenh.dll 18:52:37 | Unregistered: C:\WINDOWS\system32\winhttp.dll 18:52:37 | Registered: C:\WINDOWS\system32\winhttp.dll 18:52:37 | Unregistered: C:\WINDOWS\system32\wintrust.dll 18:52:37 | Registered: C:\WINDOWS\system32\wintrust.dll --- Registration: ActiveX controls/codecs --- 18:52:38 | Registered: C:\WINDOWS\system32\acelpdec.ax 18:52:38 | Registered: C:\WINDOWS\system32\actxprxy.dll 18:52:38 | Registered: C:\WINDOWS\system32\asctrls.ocx 18:52:38 | Registered: C:\WINDOWS\system32\daxctle.ocx 18:52:38 | Registered: C:\WINDOWS\system32\hhctrl.ocx 18:52:38 | Registered: C:\WINDOWS\system32\l3codecx.ax 18:52:38 | Registered: C:\WINDOWS\system32\licmgr10.dll 18:52:38 | Registered: C:\WINDOWS\system32\mpg4ds32.ax 18:52:40 | Registered: C:\WINDOWS\system32\msdxm.ocx 18:52:40 | Registered: C:\WINDOWS\system32\proctexe.ocx 18:52:40 | Registered: C:\WINDOWS\system32\tdc.ocx 18:52:40 | Registered: C:\WINDOWS\system32\wshom.ocx --- Registration: Control Panel applets --- 18:52:40 | DllInstalled: C:\WINDOWS\system32\inetcpl.cpl 18:52:40 | DllInstalled: C:\WINDOWS\system32\appwiz.cpl 18:52:40 | Registered: C:\WINDOWS\system32\appwiz.cpl 18:52:40 | DllInstalled: C:\WINDOWS\system32\nusrmgr.cpl 18:52:40 | Registered: C:\WINDOWS\system32\nusrmgr.cpl --- Registration: Direct[X|Draw|Show|Media] --- 18:52:41 | Registered: C:\WINDOWS\system32\quartz.dll 18:52:41 | Registered: C:\WINDOWS\system32\danim.dll 18:52:41 | Registered: C:\WINDOWS\system32\dmscript.dll 18:52:41 | Registered: C:\WINDOWS\system32\dmstyle.dll 18:52:41 | Registered: C:\WINDOWS\system32\dxmasf.dll 18:52:41 | Registered: C:\WINDOWS\system32\dxtmsft.dll 18:52:41 | Registered: C:\WINDOWS\system32\dxtrans.dll 18:52:41 | Registered: C:\WINDOWS\system32\sbe.dll --- Registration: Programming cores/runtimes --- 18:52:41 | Registered: C:\WINDOWS\system32\atl.dll 18:52:41 | Registered: C:\WINDOWS\system32\corpol.dll 18:52:41 | Registered: C:\WINDOWS\system32\jscript.dll 18:52:41 | Registered: C:\WINDOWS\system32\dispex.dll 18:52:42 | Registered: C:\WINDOWS\system32\scrrun.dll 18:52:42 | Registered: C:\WINDOWS\system32\scrobj.dll 18:52:42 | Registered: C:\WINDOWS\system32\vbscript.dll 18:52:42 | Registered: C:\WINDOWS\system32\wshext.dll --- Registration: Explorer/IE/OE/shell/WMP --- 18:52:42 | Registered: C:\WINDOWS\system32\activeds.dll 18:52:42 | Registered: C:\WINDOWS\system32\audiodev.dll 18:52:42 | DllInstalled: C:\WINDOWS\system32\browseui.dll 18:52:42 | Registered: C:\WINDOWS\system32\browseui.dll 18:52:42 | Registered: C:\WINDOWS\system32\browsewm.dll 18:52:42 | Registered: C:\WINDOWS\system32\cabview.dll 18:52:42 | Registered: C:\WINDOWS\system32\cdfview.dll 18:52:42 | Registered: C:\WINDOWS\system32\clbcatex.dll 18:52:42 | Registered: C:\WINDOWS\system32\clbcatq.dll 18:52:42 | Registered: C:\WINDOWS\system32\comcat.dll 18:52:42 | Registered: C:\WINDOWS\system32\cscui.dll 18:52:42 | Registered: C:\WINDOWS\system32\credui.dll 18:52:42 | Registered: C:\WINDOWS\system32\datime.dll 18:52:42 | Registered: C:\WINDOWS\system32\devmgr.dll 18:52:42 | Registered: C:\WINDOWS\system32\dfsshlex.dll 18:52:43 | Registered: C:\WINDOWS\system32\dmdlgs.dll 18:52:43 | Registered: C:\WINDOWS\system32\dmdskmgr.dll 18:52:43 | Registered: C:\WINDOWS\system32\dmloader.dll 18:52:43 | Registered: C:\WINDOWS\system32\dmocx.dll 18:52:43 | Registered: C:\WINDOWS\system32\dmview.ocx 18:52:43 | DllInstalled: C:\WINDOWS\system32\dsuiext.dll 18:52:43 | Registered: C:\WINDOWS\system32\dsuiext.dll 18:52:43 | DllInstalled: C:\WINDOWS\system32\dsquery.dll 18:52:43 | Registered: C:\WINDOWS\system32\dsquery.dll 18:52:43 | Registered: C:\WINDOWS\system32\dskquoui.dll 18:52:43 | Registered: C:\WINDOWS\system32\els.dll 18:52:43 | Registered: C:\WINDOWS\system32\es.dll 18:52:43 | Registered: C:\WINDOWS\system32\fontext.dll 18:52:43 | Registered: C:\WINDOWS\system32\hlink.dll 18:52:43 | Registered: C:\WINDOWS\system32\hnetcfg.dll 18:52:43 | Registered: C:\WINDOWS\system32\iedkcs32.dll 18:52:43 | Registered: C:\WINDOWS\system32\iepeers.dll 18:52:43 | DllInstalled: C:\WINDOWS\system32\iesetup.dll 18:52:43 | Registered: C:\WINDOWS\system32\iesetup.dll 18:52:43 | Registered: C:\WINDOWS\system32\ils.dll 18:52:44 | Registered: C:\WINDOWS\system32\imgutil.dll 18:52:44 | Registered: C:\WINDOWS\system32\inetcfg.dll 18:52:44 | Registered: C:\WINDOWS\system32\inetcomm.dll 18:52:44 | DllInstalled: C:\WINDOWS\system32\inseng.dll 18:52:44 | Registered: C:\WINDOWS\system32\inseng.dll 18:52:44 | Registered: C:\WINDOWS\system32\laprxy.dll 18:52:44 | Registered: C:\WINDOWS\system32\lmrt.dll 18:52:44 | Registered: C:\WINDOWS\system32\mlang.dll 18:52:44 | Registered: C:\WINDOWS\system32\mmcndmgr.dll 18:52:44 | Registered: C:\WINDOWS\system32\mmcshext.dll 18:52:45 | Registered: C:\WINDOWS\system32\mscoree.dll 18:52:45 | DllInstalled: C:\WINDOWS\system32\mshtml.dll 18:52:45 | Registered: C:\WINDOWS\system32\mshtml.dll 18:52:46 | Registered: C:\WINDOWS\system32\mshtmled.dll 18:52:46 | Registered: C:\WINDOWS\system32\msieftp.dll 18:52:46 | Registered: C:\WINDOWS\system32\msoeacct.dll 18:52:46 | Registered: C:\WINDOWS\system32\msr2c.dll 18:52:46 | Registered: C:\WINDOWS\system32\msrating.dll 18:52:46 | DllInstalled: C:\WINDOWS\system32\mydocs.dll 18:52:46 | Registered: C:\WINDOWS\system32\mydocs.dll 18:52:46 | Registered: C:\WINDOWS\system32\mstime.dll 18:52:46 | Registered: C:\WINDOWS\system32\netcfgx.dll 18:52:46 | DllInstalled: C:\WINDOWS\system32\netplwiz.dll 18:52:46 | Registered: C:\WINDOWS\system32\netplwiz.dll 18:52:46 | Registered: C:\WINDOWS\system32\netman.dll 18:52:46 | Registered: C:\WINDOWS\system32\netshell.dll 18:52:46 | Registered: C:\WINDOWS\system32\ntmsevt.dll 18:52:47 | Registered: C:\WINDOWS\system32\ntmsmgr.dll 18:52:47 | DllInstalled: C:\WINDOWS\system32\ntmssvc.dll 18:52:47 | Registered: C:\WINDOWS\system32\ntmssvc.dll 18:52:47 | DllInstalled: C:\WINDOWS\system32\occache.dll 18:52:47 | Registered: C:\WINDOWS\system32\occache.dll 18:52:47 | Registered: C:\WINDOWS\system32\ole32.dll 18:52:47 | Registered: C:\WINDOWS\system32\oleaut32.dll 18:52:47 | Registered: C:\WINDOWS\system32\oleacc.dll 18:52:47 | Registered: C:\WINDOWS\system32\olepro32.dll 18:52:47 | DllInstalled: C:\WINDOWS\system32\photowiz.dll 18:52:47 | Registered: C:\WINDOWS\system32\photowiz.dll 18:52:47 | Registered: C:\WINDOWS\system32\pngfilt.dll 18:52:47 | Registered: C:\WINDOWS\system32\remotepg.dll 18:52:47 | Registered: C:\WINDOWS\system32\rpcrt4.dll 18:52:47 | Registered: C:\WINDOWS\system32\rshx32.dll 18:52:47 | Registered: C:\WINDOWS\system32\sendmail.dll 18:52:47 | Registered: C:\WINDOWS\system32\slayerxp.dll 18:52:48 | DllInstalled: C:\WINDOWS\system32\shdocvw.dll 18:57:32 | Error during registration of C:\WINDOWS\system32\shdocvw.dll - version: 6.00.2900.5628. The error returned is: Erreur d'accès du Registre OLE. (-2147319780) 18:57:32 | Registered: C:\WINDOWS\system32\shell32.dll 18:57:33 | DllInstalled: C:\WINDOWS\system32\shell32.dll 18:57:33 | Registered: C:\WINDOWS\system32\shmedia.dll 18:57:34 | DllInstalled: C:\WINDOWS\system32\shimgvw.dll 18:57:34 | Registered: C:\WINDOWS\system32\shimgvw.dll 18:57:34 | DllInstalled: C:\WINDOWS\system32\shsvcs.dll 18:57:34 | Registered: C:\WINDOWS\system32\shsvcs.dll 18:57:34 | Registered: C:\WINDOWS\system32\srclient.dll 18:57:34 | Unregistered: C:\WINDOWS\system32\stobject.dll 18:57:34 | Registered: C:\WINDOWS\system32\stobject.dll 18:57:34 | DllInstalled: C:\WINDOWS\system32\themeui.dll 18:57:34 | Registered: C:\WINDOWS\system32\themeui.dll 18:57:34 | Registered: C:\WINDOWS\system32\twext.dll 18:57:34 | DllInstalled: C:\WINDOWS\system32\urlmon.dll 18:57:34 | Registered: C:\WINDOWS\system32\urlmon.dll 18:57:34 | Registered: C:\WINDOWS\system32\userenv.dll 18:57:34 | DllInstalled: C:\WINDOWS\system32\webcheck.dll 18:57:34 | Registered: C:\WINDOWS\system32\webcheck.dll 18:57:34 | Registered: C:\WINDOWS\system32\webvw.dll 18:57:34 | Registered: C:\WINDOWS\system32\winhttp.dll 18:57:34 | DllInstalled: C:\WINDOWS\system32\wininet.dll 18:57:35 | Registered: C:\WINDOWS\system32\zipfldr.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdadc.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaenum.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaer.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaipp.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaora.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaosp.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaps.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdasc.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdasql.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdatt.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaurl.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdmeng.dll 18:57:35 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdmine.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msmdcb80.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msmdgd80.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msolap80.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msolui80.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msxactps.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\oledb32.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\oledb32r.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\sqloledb.dll 18:57:36 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\sqlxmlx.dll 18:59:34 | Deleting policy: HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Explorer\NoActiveDesktopChanges 18:59:34 | ^ Success 18:59:34 | Deleting policy: HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Explorer\NoThemesTab 18:59:34 | ^ Success 18:59:34 | Policy scan started 18:59:35 | Policy scan ended - no restrictive policies were found 18:59:44 | Policy scan started 18:59:44 | Policy scan ended - no restrictive policies were found

J'ai suivi la procédure. Le 1er fichier s'est installé sans problème Le 2ème n'a pas voulu s'installer me disant qu'il était inutile ma version étant plus récente ou quelque chose dans ce genre. Le 3ème n'a pas voulu non plus s'installer car différence de langue ??? Voilà, j'en suis donc au même point !

Hélas OUI, toujours même problème

Re bonjour, En fait, je crois avoir criée victoire trop tôt ! j'ai toujours ce svchost.exe qui tourne en perrmanence ! J'ai aussi posté un rapport, comme vous me l'aviez demandé et je n'ai pas eu d'autre message. Peut-être est-ce normal ? Je ne sais pas.

Encore Merci. J'ai donc fais tout ce dont vous m'avez indiqué. Déjà, au redémarrage du pc après avoir fais toutes ces manip. je n'ai plus mon process. qui s'affole, cela est déjà bon signe. Vous me demandez le rapport de JavaRa, je vous le mets ci-dessous : JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Wed Oct 01 20:59:26 2008 Found and removed: C:\Program Files\Java\j2re1.4.2_05 Found and removed: C:\Program Files\Java\jre1.6.0_05 Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142050} Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\JavaPlugin.160_05 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142050} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D410205 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410205 Found and removed: SOFTWARE\Classes\JavaPlugin.142_05 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_04 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_05 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_05 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_05 Found and removed: Software\Classes\JavaPlugin.142_04 Found and removed: Software\Classes\JavaPlugin.142_05 Found and removed: Software\Classes\JavaPlugin.160_05 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05 Found and removed: Software\JavaSoft\Java2D\1.6.0_05 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Wed Oct 01 20:59:55 2008 ------------------------------------ Finished reporting.

Merci Pear Concernant les cles du registre de Explorer, voici ce que j'ai : ClassicShel : 1 NoActiveDesktop : 0 NoActiveDesktopChanges : 00 00 00 01 NoDriveTypeAutoRun : 91 NoSaveSettings : 0 NoThemesTab : 1 Et voici un autre rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:36:17, on 01/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Mixer.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\PeerGuardian2\pg2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ScanSoft\PaperPort\xdcla.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\MyBuy\MyBuy.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HJT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F3 - REG:win.ini: run= O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MyBuy.lnk = C:\MyBuy\MyBuy.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Image Retriever.lnk = C:\Program Files\ScanSoft\PaperPort\xdcla.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Personnel XII\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Personnel XII\RpcSandraSrv.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 11632 bytes

Bonjour pear, Question icônes sur le bureau, c'est OK, ils sont revenus mais je n'ai plus accès à l'onglet "bureau" dans mes propriétés d'affichage, il semble avoir disparu ! J'ai également 99% de mon processeur utilisé par un nommé svchost.exe ! Est-ce que cela a un rapport, je ne sais pas ? Voilà, en tout cas, merci beaucoup pour l'aide.

Voici le rapport clean : 01/10/2008 a 10:25:52,42 *** Recherche des fichiers dans C: *** Recherche des fichiers dans C:\WINDOWS\ *** Recherche des fichiers dans C:\WINDOWS\system32 *** Recherche des fichiers dans C:\Program Files "C:\Program Files\Multi_Media_France\" FOUND *** Fin du rapport !

Merci beaucoup pour votre réponse. Voici le rapport de MBAM : Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1223 Windows 5.1.2600 Service Pack 3 30/09/2008 18:59:22 mbam-log-2008-09-30 (18-59-22).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 119163 Temps écoulé: 48 minute(s), 59 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 9 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 11 Fichier(s) infecté(s): 12 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\efcASMgH.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\ddcAspqN.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7499c7d9-f599-4b91-b0fc-fbea946a5692} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddcaspqn (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{7499c7d9-f599-4b91-b0fc-fbea946a5692} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc55df81-85fa-4c82-aed6-127c6e70e2ec} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{dc55df81-85fa-4c82-aed6-127c6e70e2ec} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7499c7d9-f599-4b91-b0fc-fbea946a5692} (Trojan.Vundo) -> Delete on reboot. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\efcasmgh -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\efcasmgh -> Delete on reboot. Dossier(s) infecté(s): C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Application Data\rhcvogj0eja3\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\ddcAspqN.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\efcASMgH.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\HgMSAcfe.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\HgMSAcfe.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jdbvsiyu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uyisvbdj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\oxxonhtb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bthnoxxo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lphcrogj0eja3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\ISABELLE\Local Settings\Temp\.tt1.tmp.vbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Bonjour, Je ne sais pas si quelqu'un sur ce forum pourra m'aider (contrairement à d'autres où mon message est resté sans réponse, voire supprimé !) mais depuis hier, mon explorer.exe ne fonctionne plus au démarrage de mon pc. Ceci est arrivé à la suite de l'ouverture d'une fenêtre "antivirus xp 2008". Voilà, je vous poste un rapport en espérant un petit coup de main ! : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:22:54, on 30/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PSIService.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Opera\opera.exe C:\Program Files\Trend Micro\HijackThis\HJT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F3 - REG:win.ini: run= O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: (no name) - {7499C7D9-F599-4B91-B0FC-FBEA946A5692} - C:\WINDOWS\system32\ddcAspqN.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: (no name) - {DC55DF81-85FA-4C82-AED6-127C6E70E2EC} - C:\WINDOWS\system32\efcASMgH.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MyBuy.lnk = C:\MyBuy\MyBuy.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Image Retriever.lnk = C:\Program Files\ScanSoft\PaperPort\xdcla.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: ddcAspqN - C:\WINDOWS\SYSTEM32\ddcAspqN.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Personnel XII\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Personnel XII\RpcSandraSrv.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 11079 bytes