Guy24

Merci de votre analyse, mais c'est peut être un problème matériel. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:27:16, on 20/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\PyGrenouille\pygrenouille.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\Guy\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8123;https=127.0.0.1:8123;socks=127.0.0.1:1080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [Adobe_FlashPlayer] "C:\Users\Guy\AppData\Roaming\FlashPlayer.exe" O4 - HKCU\..\Run: [6F4CEC92313F9EB14C7A270E0DA24CD485F9E5AD._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [incrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O4 - HKCU\..\Run: [iCQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4 O4 - HKCU\..\Run: [{8E970FEC-BB0D-5CE4-8F76-269D25630E93}] C:\Users\Guy\AppData\Roaming\Yvixet\xuci.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Startup: PyGrenouille.lnk = C:\PyGrenouille\pygrenouille.exe O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de prise en charge Bluetooth (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Défragmenteur de disque (DEFRAGSVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Sauvegarde Windows (SDRSVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 32526 bytes

suite.... le site qui m'envoie ces saletés : mega-antispy5.com (puis mega-scan2 etc. ) signalé par IE8 comme site d'hameçonnage

Bonjour, Des messages 'bidons' signalant que le PC est infecté et proposant analyse, éradication etc. s'affichent intempestivement (je ne sais pas à la suite de quelle manip ou ouverture de site). Sous XP il était possible de désactiver le service des messages avec Panneau config/outils adm/service/affichage des messages. Sous Vista 'Affichage des messages' n'apparait plus... Connaitriez-vous le remède ? Merci

Bonsoir Merci pour votre aide : tout semble être rentré dans l'ordre

Bonjour, Voici le rapport généré: Merci de votre attention ComboFix 08-12-29.02 - Guy 2008-12-31 9:20:41.3 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2046.1112 [GMT 1:00] Lancé depuis: c:\users\Guy\Desktop\xComboFix.exe Commutateurs utilisés :: c:\users\Guy\Desktop\CFScript.txt * Un nouveau point de restauration a été créé * Resident AV is active FILE :: C:\sqmdata02.sqm C:\sqmdata03.sqm C:\sqmdata04.sqm C:\sqmdata05.sqm C:\sqmnoopt02.sqm C:\sqmnoopt03.sqm C:\sqmnoopt04.sqm C:\sqmnoopt05.sqm c:\windows\System32\cuatro.ini c:\windows\System32\rqRKCvvw.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\sqmdata02.sqm C:\sqmdata03.sqm C:\sqmdata04.sqm C:\sqmdata05.sqm C:\sqmnoopt02.sqm C:\sqmnoopt03.sqm C:\sqmnoopt04.sqm C:\sqmnoopt05.sqm c:\windows\System32\cuatro.ini c:\windows\System32\rqRKCvvw.dll c:\windows\system32\win32\ . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-31 )))))))))))))))))))))))))))))))))))) . 2008-12-30 18:40 . 2008-12-30 20:20 36,864 --a------ c:\windows\System32\hgGvsTnM.dll 2008-12-30 17:46 . 2008-12-30 21:07 <REP> d-------- c:\users\All Users\ma-config.com 2008-12-30 17:46 . 2008-12-30 21:07 <REP> d-------- c:\programdata\ma-config.com 2008-12-30 17:46 . 2008-12-30 21:07 <REP> d-------- c:\program files\ma-config.com 2008-12-30 15:24 . 2008-12-30 16:50 102,664 --a------ c:\windows\System32\drivers\tmcomm.sys 2008-12-30 15:23 . 2008-12-30 16:58 <REP> d-------- c:\users\Guy\.housecall6.6 2008-12-30 11:51 . 2008-12-30 11:51 <REP> d-------- c:\program files\CCleaner 2008-12-30 10:06 . 2008-12-30 20:11 5,006 --a------ c:\windows\System32\win32 2008-12-30 10:05 . 2008-12-30 10:05 <REP> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357} 2008-12-30 10:05 . 2008-12-30 10:05 <REP> d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357} 2008-12-29 19:52 . 2008-12-29 19:54 <REP> d-------- c:\program files\Web Photo Album 2008-12-29 19:52 . 2008-12-30 15:59 <REP> d-------- c:\program files\Cartoonist 2008-12-29 15:21 . 2008-12-29 15:21 0 --a------ c:\windows\VCamera.INI 2008-12-29 15:09 . 2008-12-29 15:09 <REP> d-------- c:\users\Guy\AppData\Roaming\Transcript 2008-12-28 16:06 . 2008-12-28 16:11 1,905 --a------ c:\windows\diagwrn.xml 2008-12-28 16:06 . 2008-12-28 16:11 1,905 --a------ c:\windows\diagerr.xml 2008-12-28 11:17 . 2008-12-28 11:17 <REP> d-------- c:\users\Guy\AppData\Roaming\Uniblue 2008-12-28 11:16 . 2008-12-28 14:24 <REP> d--h-c--- c:\users\All Users\{92E7A367-8E12-4830-AA70-29C32E331A81} 2008-12-28 11:16 . 2008-12-28 14:24 <REP> d--h-c--- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81} 2008-12-28 10:52 . 2008-12-29 16:23 <REP> d-------- c:\program files\XYplorer 2008-12-28 09:38 . 2008-12-28 09:38 <REP> d-------- c:\users\Guy\AppData\Roaming\GHISLER 2008-12-28 09:38 . 2008-12-28 09:39 <REP> d-------- C:\totalcmd 2008-12-28 09:38 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF 2008-12-28 09:38 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF 2008-12-28 09:38 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF 2008-12-28 09:38 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF 2008-12-28 09:38 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF 2008-12-28 09:38 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF 2008-12-28 09:38 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF 2008-12-27 16:30 . 2008-12-27 16:30 <REP> d-------- c:\users\Guy\AppData\Roaming\dvdcss 2008-12-24 17:53 . 2008-12-24 17:53 0 --a------ c:\windows\System32\UNWISE.INI 2008-12-24 17:52 . 2008-12-27 17:45 <REP> d-------- C:\PHPMaker 2008-12-24 17:52 . 2002-07-26 17:02 153,088 --a------ c:\windows\System32\UNWISE.EXE 2008-12-22 14:45 . 2008-12-24 17:53 <REP> d-------- c:\program files\Windows Script Control 2008-12-22 14:44 . 2008-12-22 14:44 <REP> d-------- c:\windows\PHPMaker 2008-12-22 14:44 . 2008-12-22 14:45 <REP> d-------- c:\program files\PHPMaker 6 2008-12-22 14:44 . 2008-12-24 17:53 <REP> d-------- c:\program files\Common Files\e.World 2008-12-22 07:10 . 2008-12-31 08:50 <REP> d-------- C:\karcher 2008-12-18 20:45 . 2008-12-30 09:28 <REP> d-------- c:\program files\MediaCoder 2008-12-18 14:29 . 2008-12-18 16:51 <REP> d-------- c:\users\Guy\AppData\Roaming\NewsLeecher 2008-12-12 22:47 . 2008-12-12 22:47 3,751,995 --a------ c:\windows\System32\GPhotos.scr 2008-12-10 09:09 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-10 05:57 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-10 05:57 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll 2008-12-10 05:57 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-10 05:55 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe 2008-12-10 05:55 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll 2008-12-10 05:55 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-10 05:55 . 2008-10-16 05:47 827,392 --a------ c:\windows\System32\wininet.dll 2008-12-10 05:55 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe 2008-12-04 18:43 . 2008-12-04 18:42 410,976 --a------ c:\windows\System32\deploytk.dll 2008-12-04 14:07 . 2008-12-06 18:29 <REP> d-------- c:\users\Guy\AppData\Roaming\Vso 2008-12-04 14:07 . 2008-12-06 18:29 <REP> d-------- c:\program files\DVDFab 5 2008-12-04 14:07 . 2008-12-04 14:07 47,360 --a------ c:\windows\System32\drivers\pcouffin.sys 2008-12-04 14:07 . 2008-12-06 18:29 47,360 --a------ c:\users\Guy\AppData\Roaming\pcouffin.sys 2008-12-02 13:34 . 2008-12-02 13:34 <REP> d-------- c:\program files\Wyzo 2008-12-02 11:03 . 2008-12-02 11:03 68,513 --a------ c:\windows\System32\cniqpyqrpzlw.dll-uninst.exe 2008-12-01 15:10 . 2008-12-27 17:47 <REP> d-------- C:\GrabIt 2008-12-01 14:19 . 2008-12-01 14:19 <REP> d-------- c:\users\Guy\AppData\Roaming\System 2008-12-01 14:19 . 2008-12-27 22:47 <REP> d-------- c:\program files\Super-Motus 2008-12-01 13:47 . 2008-12-30 16:05 <REP> d-------- c:\program files\ecoeuromillionsSha 2008-12-01 09:18 . 2008-12-01 09:18 <REP> d-------- c:\users\Guy\AppData\Roaming\HiYo 2008-12-01 09:18 . 2008-12-01 09:18 <REP> d-------- c:\users\All Users\HiYo 2008-12-01 09:18 . 2008-12-01 09:18 <REP> d-------- c:\programdata\HiYo 2008-12-01 09:18 . 2008-12-01 09:18 <REP> d-------- c:\program files\HiYo 2008-11-28 15:18 . 2008-11-28 15:18 <REP> d-------- c:\users\All Users\RoboForm 2008-11-28 15:18 . 2008-11-28 15:18 <REP> d-------- c:\programdata\RoboForm 2008-11-28 15:16 . 2008-11-28 15:16 <REP> d-------- c:\program files\Siber Systems 2008-11-27 14:37 . 2008-11-30 20:52 <REP> d-------- c:\program files\khi3 2008-11-27 14:25 . 2008-11-27 14:30 <REP> d-------- c:\users\Guy\AppData\Roaming\vlc 2008-11-27 13:42 . 2008-11-27 13:42 <REP> d-------- c:\users\All Users\CheckPoint 2008-11-27 13:42 . 2008-11-27 13:42 <REP> d-------- c:\programdata\CheckPoint 2008-11-27 13:42 . 2008-11-27 13:42 <REP> d-------- c:\program files\Zone Labs 2008-11-27 13:42 . 2008-03-03 15:05 1,086,952 --a------ c:\windows\System32\zpeng24.dll 2008-11-27 13:42 . 2008-03-03 15:06 279,440 --a------ c:\windows\System32\drivers\~GLH0014.TMP 2008-11-27 13:42 . 2008-03-03 15:05 54,672 --a------ c:\windows\System32\vsutil_loc040c.dll 2008-11-27 13:42 . 2008-11-27 13:42 5,571 --a------ c:\windows\System32\vsconfig.xml 2008-11-27 13:40 . 2008-11-27 13:42 <REP> d-------- c:\windows\System32\ZoneLabs 2008-11-27 13:40 . 2008-12-31 09:25 352,615 --ah----- c:\windows\System32\drivers\vsconfig.xml 2008-11-27 13:40 . 2008-12-27 18:31 352,615 --ah----- c:\windows\System32\drivers\vsconfig(73).xml 2008-11-27 13:40 . 2008-03-03 15:06 279,440 --------- c:\windows\System32\drivers\vsdatant.sys 2008-11-27 13:39 . 2008-12-31 09:25 <REP> d-------- c:\windows\Internet Logs 2008-11-26 10:43 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll 2008-11-26 10:43 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll 2008-11-26 10:43 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll 2008-11-26 10:43 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll 2008-11-26 10:43 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll 2008-11-25 18:11 . 2008-12-07 08:28 <REP> d-------- c:\users\Guy\.gimp-2.6 2008-11-25 18:11 . 2008-11-25 18:11 <REP> d-------- c:\users\Guy\.gegl-0.0 2008-11-24 13:38 . 2008-11-24 13:38 71 --a------ c:\windows\gvcasinos.ini 2008-11-23 19:40 . 2008-11-23 19:40 <REP> d-------- c:\users\All Users\ICQ 2008-11-23 19:40 . 2008-11-23 19:40 <REP> d-------- c:\programdata\ICQ 2008-11-23 19:40 . 2008-11-23 19:40 <REP> d-------- c:\program files\ICQ6Toolbar 2008-11-23 18:59 . 2008-11-23 19:43 <REP> d-------- c:\users\Guy\AppData\Roaming\ICQ 2008-11-20 17:55 . 2008-11-20 17:56 <REP> d-------- c:\users\Guy\AppData\Roaming\XnViewMP 2008-11-18 00:35 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll 2008-11-18 00:35 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll 2008-11-18 00:35 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll 2008-11-18 00:35 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll 2008-11-18 00:35 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll 2008-11-18 00:35 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe 2008-11-18 00:35 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll 2008-11-18 00:35 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll 2008-11-18 00:35 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe 2008-11-16 09:54 . 2008-11-16 10:16 <REP> d-------- c:\users\All Users\IM 2008-11-16 09:54 . 2008-11-16 10:16 <REP> d-------- c:\programdata\IM 2008-11-15 20:08 . 2008-11-15 20:08 <REP> d--h----- C:\creatiel 2008-11-15 20:05 . 2008-11-15 20:05 <REP> d-------- c:\program files\Microsoft Synchronization Services 2008-11-15 20:05 . 2008-11-15 20:05 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition 2008-11-13 00:22 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll 2008-11-13 00:20 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys 2008-11-13 00:00 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll 2008-11-12 13:21 . 2008-11-12 13:21 <REP> d-------- c:\users\All Users\Recisio 2008-11-12 13:21 . 2008-11-12 13:21 <REP> d-------- c:\programdata\Recisio 2008-11-12 13:21 . 2008-11-12 13:21 <REP> d-------- c:\program files\KaraFun 2008-11-08 16:38 . 2008-11-08 17:34 <REP> d-------- C:\Mng . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-31 07:19 --------- d---a-w c:\programdata\TEMP 2008-12-31 07:16 22,991 ----a-w c:\users\Guy\AppData\Roaming\nvModes.dat 2008-12-30 20:02 197 --sha-w c:\program files\Common Files\maxtreme.dat 2008-12-30 18:53 --------- d-----w c:\program files\Lx_cats 2008-12-30 12:26 --------- d-----w c:\users\Guy\AppData\Roaming\Skype 2008-12-30 12:25 --------- d-----w c:\users\Guy\AppData\Roaming\skypePM 2008-12-28 19:39 --------- d-----w c:\programdata\Acronis 2008-12-27 17:31 252 ----a-w C:\sccfg(67).sys 2008-12-27 16:44 --------- d-----w c:\program files\LimeWire 2008-12-19 10:53 --------- d-----w c:\program files\Google 2008-12-18 13:37 --------- d-----w c:\program files\NewsLeecher 2008-12-17 16:23 --------- d-----w c:\program files\Comprehensive System Information 2008-12-10 09:33 --------- d-----w c:\program files\Windows Mail 2008-12-10 08:13 --------- d-----w c:\programdata\Microsoft Help 2008-12-04 17:42 --------- d-----w c:\program files\Java 2008-12-02 12:55 --------- d-----w c:\users\Guy\AppData\Roaming\XnView 2008-12-02 12:35 --------- d-----w c:\users\Guy\AppData\Roaming\LimeWire 2008-12-01 19:36 --------- d-----w c:\users\Guy\AppData\Roaming\GrabIt 2008-12-01 08:07 --------- d-----w c:\program files\IncrediMail 2008-11-30 17:41 34,528,969 ----a-w c:\windows\Internet Logs\vsmon_on_demand_2008_11_30_11_32_34_full.dmp.zip 2008-11-30 17:41 34,242,845 ----a-w c:\windows\Internet Logs\vsmon_on_demand_2008_11_30_00_04_39_full.dmp.zip 2008-11-30 17:06 --------- d-----w c:\program files\Quark 2008-11-30 17:05 --------- d-----w c:\programdata\Quark 2008-11-30 10:41 --------- d-----w c:\programdata\Webcammax 2008-11-29 19:17 --------- d-----w c:\users\Guy\AppData\Roaming\gtk-2.0 2008-11-23 18:42 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-20 17:11 --------- d-----w c:\program files\XnView 2008-11-16 05:43 --------- d-----w c:\program files\Fake Webcam 2008-11-13 12:17 --------- d-----w c:\program files\DivX 2008-11-08 23:02 --------- d-----w c:\users\Guy\AppData\Roaming\Acronis 2008-11-01 13:56 --------- d-----w c:\users\Guy\AppData\Roaming\Thinstall 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-30 08:53 --------- d-----w c:\program files\Photosynth 2008-10-28 22:36 823,296 ----a-w c:\windows\System32\divx_xx0c.dll 2008-10-28 22:36 823,296 ----a-w c:\windows\System32\divx_xx07.dll 2008-10-28 22:35 815,104 ----a-w c:\windows\System32\divx_xx0a.dll 2008-10-28 22:35 802,816 ----a-w c:\windows\System32\divx_xx11.dll 2008-10-28 22:35 684,032 ----a-w c:\windows\System32\DivX.dll 2008-10-20 09:39 53,248 ----a-w c:\windows\System32\suppdll.dll 2008-10-20 09:39 35,363 ----a-w c:\windows\System32\windrvNT.sys 2008-10-15 12:26 1,697,280 ----a-w c:\users\Guy\AppData\Roaming\KaspAVP.exe 2008-10-04 15:11 1,812 ----a-w c:\windows\System32\OLE2SYS2.DLL 2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll 2008-09-25 08:03 81,920 ----a-w c:\windows\System32\dpl100.dll 2008-09-25 08:03 593,920 ----a-w c:\windows\System32\dpuGUI11.dll 2008-09-25 08:03 57,344 ----a-w c:\windows\System32\dpv11.dll 2008-09-25 08:03 53,248 ----a-w c:\windows\System32\dpuGUI10.dll 2008-09-25 08:03 524,288 ----a-w c:\windows\System32\DivXsm.exe 2008-09-25 08:03 344,064 ----a-w c:\windows\System32\dpus11.dll 2008-09-25 08:03 294,912 ----a-w c:\windows\System32\dpu11.dll 2008-09-25 08:03 294,912 ----a-w c:\windows\System32\dpu10.dll 2008-09-25 08:03 196,608 ----a-w c:\windows\System32\dtu100.dll 2008-09-25 08:03 161,096 ----a-w c:\windows\System32\DivXCodecVersionChecker.exe 2008-09-19 21:57 3,596,288 ----a-w c:\windows\System32\qt-dx331.dll 2008-09-19 21:55 200,704 ----a-w c:\windows\System32\ssldivx.dll 2008-09-19 21:55 1,044,480 ----a-w c:\windows\System32\libdivx.dll 2008-09-19 21:54 12,288 ----a-w c:\windows\System32\DivXWMPExtType.dll 2008-09-18 15:25 170 ----a-w c:\users\Guy\AppData\Roaming\shedl.bat 2008-09-18 15:24 1,697,280 ----a-w c:\users\Guy\AppData\Roaming\winexpl.exe 2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe 2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe 2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll 2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll 2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys 2008-08-27 08:49 174 --sha-w c:\program files\desktop.ini 2008-08-21 10:30 3,154 ----a-w c:\users\Guy\AppData\Roaming\SAS7_000.DAT 2007-06-28 09:07 8,812 ----a-w c:\program files\ueinstall.sss 2007-06-28 09:07 11,044 ----a-w c:\program files\UEINSTALL.LOG 2007-06-28 09:04 1,477,019 ----a-w c:\program files\Uninstall.exe 2006-06-13 10:10 65,326 ----a-w c:\program files\lisezmoi.txt 2006-06-13 10:10 548,864 ----a-w c:\program files\ucres.dll 2006-06-13 10:10 5,619 ----a-w c:\program files\syntax.txt 2006-06-13 10:10 475,173 ----a-w c:\program files\ucl.chm 2006-06-13 10:10 3,723 ----a-w c:\program files\commande.txt 2006-06-13 10:10 2,332 ----a-w c:\program files\changes.txt 2006-06-13 10:10 170,386 ----a-w c:\program files\uedit32.lng 2006-06-13 10:10 1,385,060 ----a-w c:\program files\uedit32.chm 2006-06-13 10:10 1,323,008 ----a-w c:\program files\ueres.dll 2006-05-25 10:10 764,928 ----a-w c:\program files\dbghelp.dll 2006-05-25 10:10 76,947 ----a-w c:\program files\wordfile.txt 2006-05-25 10:10 635,160 ----a-w c:\program files\SftpDLL.dll 2006-05-25 10:10 53,248 ----a-w c:\program files\ue32ctmn.dll 2006-05-25 10:10 5,161,038 ----a-w c:\program files\uedit32.exe 2006-05-25 10:10 40,960 ----a-w c:\program files\UEDOS32.exe 2006-05-25 10:10 315,392 ----a-w c:\program files\tidylib.dll 2006-05-25 10:10 15,388 ----a-w c:\program files\taglist.txt 2006-05-25 10:10 1,097,728 ----a-w c:\program files\ucl.exe 2008-03-08 16:55 952 --sha-w c:\windows\System32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot_2008-12-31_ 9.08.54.01 ))))))))))))))))))))))))))))))))))))))))) . + 2008-12-31 08:24:41 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-12-31 08:24:41 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-12-31 08:04:03 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-12-31 08:25:04 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-12-31 08:25:04 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-12-31 08:04:03 155,648 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-12-31 08:26:21 155,648 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT - 2008-12-31 08:03:51 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-12-31 08:24:47 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-12-31 08:03:51 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-12-31 08:24:47 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-12-31 08:03:51 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-12-31 08:24:47 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-12-31 07:17:31 124,434 ----a-w c:\windows\System32\perfc00C.dat + 2008-12-31 08:11:20 119,352 ----a-w c:\windows\System32\perfc00C.dat - 2008-12-31 07:17:31 672,322 ----a-w c:\windows\System32\perfh00C.dat + 2008-12-31 08:11:20 657,242 ----a-w c:\windows\System32\perfh00C.dat - 2008-12-30 19:25:55 12,314 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4192075960-1409743496-112478321-1000_UserData.bin + 2008-12-31 08:26:39 12,402 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4192075960-1409743496-112478321-1000_UserData.bin - 2008-12-30 19:25:54 101,716 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-12-31 08:26:39 102,048 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-12-30 17:28:54 86,076 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-12-31 08:26:30 86,262 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}] 2007-09-24 15:26 2022912 --a------ c:\progra~1\VMNTOO~1\VMNTOO~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{A057A204-BACC-4D26-8287-79A187E26987}"= "c:\progra~1\VMNTOO~1\VMNTOO~1.DLL" [2007-09-24 2022912] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{A057A204-BACC-4D26-8287-79A187E26987}"= "c:\progra~1\VMNTOO~1\VMNTOO~1.DLL" [2007-09-24 2022912] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-8287-79a187e26987}] [HKEY_CLASSES_ROOT\vmntoolbar.VMNTOOLBAR] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-11-09 243072] "LaunchList"="c:\program files\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496] "Gestionnaire Antidote.exe"="c:\program files\Druide\Antidote\Gestionnaire Antidote.exe" [2008-06-03 536576] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-08-09 171448] "Google Update"="c:\users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-11-19 133104] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168] "LXCJCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCJtime.dll" [2006-11-21 106496] "lxcjmon.exe"="c:\program files\Lexmark 8300 Series\lxcjmon.exe" [2007-05-08 205744] "EzPrint"="c:\program files\Lexmark 8300 Series\ezprint.exe" [2007-05-08 103344] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-04 136600] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 304664] "LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-28 244512] "NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-20 81920] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-07 2620336] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-07 904880] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-07 140568] "KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992] "WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2008-02-09 456024] "AcerOrbicamRibbon"="c:\program files\Acer\OrbiCam10\OrbiCam.exe" [2006-11-28 754712] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Gestionnaire Antidote.exe"="c:\progra~1\Druide\Antidote\Gestionnaire Antidote.exe" [2008-06-03 536576] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696] Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-09-30 805392] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=eNetHook.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.3ivx"= 3ivxVfWCodec.dll "vidc.3iv2"= 3ivxVfWCodec.dll "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll "vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll "VIDC.MJPG"= Pvmjpg30.dll "msacm.enc"= ITIG726.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager] --a------ 2006-10-31 00:06 304664 c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] --a------ 2006-11-28 17:38 244512 c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 14:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui] --a------ 2007-12-26 18:53 949376 c:\program files\ESET\nod32kui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-02-14 17:16 155648 c:\program files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunbird] --a------ 2008-10-16 11:34 6354540 c:\program files\Mozilla Sunbird\sunbird.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client] --a------ 2008-03-03 15:05 959976 c:\program files\Zone Labs\ZoneAlarm\zlclient.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "IncrediMail Tray Application"=c:\program files\IncrediMail\bin\IncMail.exe "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HiYo"=c:\program files\HiYo\bin\HiYo.exe /RunFromStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 "SerialNumber"="A109A-K13-3ZXD-BAP5-TE" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{081659FE-5F03-42E3-B488-636242C7D835}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{2A8BAAA4-1E02-4C0A-BC8A-3882CFC56A0D}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{DDC4BABB-AFA5-4FC1-A1AB-01307C07A467}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{713A9D3B-0F60-4CA5-A9AD-639B3C70B352}"= UDP:c:\windows\System32\lxcjcoms.exe:Lexmark Communications System "{CBE97720-E9FD-4E3B-898E-0E13A1C49C68}"= TCP:c:\windows\System32\lxcjcoms.exe:Lexmark Communications System "{863EE359-7459-4763-84F6-44F09B8EC79A}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxcjpswx.exe:Printer Status Window "{B9B5AF1B-0821-4287-B77B-C42F72B6FE31}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxcjpswx.exe:Printer Status Window "{A79237A9-4B56-4DC6-A83E-3444106C22F9}"= UDP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager "{0AA68227-CF6D-4F8C-80A9-B8A25C5E6517}"= TCP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager "{D1285D66-D2A0-4174-BFD5-3180D8F86934}"= UDP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio "{ADA9A4FA-D1A1-45D4-83AD-A6A0CBE6BBA9}"= TCP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio "{2AA48D0B-A482-4FE9-972D-B4253232FD59}"= UDP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile "{B5DD6B5D-E356-456F-81C5-64F7F3EB6347}"= TCP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile "{AD143EA1-B4D4-4696-AFD9-C1D9C098FC07}"= UDP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi "{1548840D-C723-4C77-A15D-CCDF2D3F828C}"= TCP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi "{3A64DB78-4BA7-4F00-8717-D67AFB2B9878}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{C744BAED-53C2-4E6B-965A-38135E9C0010}c:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{61066F65-C16A-439C-9693-FB91B2E3CB1B}c:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "{45C514F8-B472-4A9E-9901-898C3239BF2C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{A0B2ADAB-7104-4D10-B305-12FE8225C70C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{F262A6BA-63BD-4CB0-903C-DD649BD35734}"= Disabled:UDP:c:\program files\Skype\Phone\Skype.exe:Skype "{81B9A90A-D1EE-4F13-9992-7A08D471C8B8}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype "{812F6EFF-1D8E-43FE-9F4A-36B1AD775803}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{E6C2E75B-9077-4ED0-8AF0-02A530141FDD}"= Disabled:UDP:443:TCP port 443 ooVoo "{0E9EBADF-4EFF-416B-843A-AE093D0157E4}"= Disabled:TCP:443:UDP port 443 ooVoo "{8BD29B8D-4161-445B-9AFE-837417262D86}"= Disabled:UDP:37674:TCP port 37674 ooVoo "{1FE372CF-C233-4410-9E4A-79EEB0FAA5DF}"= Disabled:TCP:37674:UDP port 37674 ooVoo "{A4239D9E-0E0F-460B-A0A9-41241B2E3D1B}"= Disabled:TCP:37675:UDP port 37675 ooVoo "{70578DD8-DA6A-4B1C-98AF-7706193DB262}"= UDP:443:TCP port 443 ooVoo "{24FAF1C5-B684-4AC7-899A-6BD1838AC514}"= TCP:443:UDP port 443 ooVoo "{4D5DB114-B1BA-4D5A-9367-56F9EC9DA1AA}"= UDP:37674:TCP port 37674 ooVoo "{4F279D7D-AEEB-4DEE-AFA0-AC3368072A02}"= TCP:37674:UDP port 37674 ooVoo "{5A9F0791-7E53-40BD-8983-B0B14D443C35}"= TCP:37675:UDP port 37675 ooVoo "{8DF0830C-C9C9-4589-8899-17C1C8BCD08E}"= UDP:d:\download\lf\177 Programmes Portables Pack 13 V.Steph\177 Programmes Portables Pack 13 V.Steph\Portable LimeWire PRO 4.18.8\Portable LimeWire PRO 4.18.8.exe:LimeWire "{D0AEC8CB-4009-4597-B725-2D0731B08939}"= TCP:d:\download\lf\177 Programmes Portables Pack 13 V.Steph\177 Programmes Portables Pack 13 V.Steph\Portable LimeWire PRO 4.18.8\Portable LimeWire PRO 4.18.8.exe:LimeWire "{276E6911-C284-4F70-BDD4-59953F08FA8C}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{6D57A3FF-AF53-43DB-988C-D0106571D221}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{06A26069-C47D-405A-AA3A-AF8E449E2560}"= Disabled:UDP:c:\users\Guy\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{C0120A88-57DC-4CEC-91A9-B88D80D2BD57}"= Disabled:TCP:c:\users\Guy\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{669FED86-378D-4802-B923-763A1DC881B7}"= UDP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin "{44533A8C-973C-4389-A46C-4947CA2A91C6}"= TCP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin "{7B9B08EF-682A-4838-8884-4ADCC550A88E}"= UDP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin "{A129FDCD-1DD5-461E-AC16-A1A456FBD6D9}"= TCP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin "{B6B0DF95-0201-4F45-9B51-A7DB4B9283FA}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{4E02D31B-0C0C-412E-8B39-92BAFF54B1CF}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{2C1BC5B7-88C4-4D17-9224-FFACE0FD1D11}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{3DA8E759-411D-42C2-A651-C984CDEEAC07}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{723BA4D5-5B07-478D-9F36-B5967805BCEE}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{8F5DEC99-5691-4A6A-8D62-9B6405F19ADB}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{356199BC-569B-416C-9CB8-1B14AC360036}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{652396D6-EDC5-4C37-A8F9-A65F19040A34}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{4AB9D202-59C2-4859-AA7C-A5DA090696DF}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{E26B1091-E506-4BA6-A851-F49BF9A45076}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{7F375B8D-7334-4DB2-9BCD-0140A3A40B6F}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{61508D5A-CC12-4896-9F23-D0AAA2E90F7B}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{1F6581A6-8559-4076-855A-BDFED31E53BB}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{B0D975CB-5054-4625-A659-EF6FBF968E19}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-26 15424] R2 acedrv09;acedrv09;\??\c:\windows\system32\drivers\acedrv09.sys [2007-06-18 373568] R2 acehlp09;acehlp09;\??\c:\windows\system32\drivers\acehlp09.sys [2007-05-30 201696] R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\DRIVERS\avwebcam.sys [2008-08-05 215552] R2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2008-02-09 941784] R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [2008-03-28 208896] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-02-15 544768] S3 WSVD;WSVD;\??\c:\windows\system32\drivers\WSVD.sys [2007-06-27 80744] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9961491A-4970-699B-B3E3-B07086DC3E85}] c:\windows\system32\win32.exe . Contenu du dossier 'Tâches planifiées' 2008-12-29 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 15:17] 2008-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4192075960-1409743496-112478321-1000.job - c:\users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-19 11:27] . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-31 09:25:33 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCJCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(1056) c:\windows\system32\relog_ap.dll - - - - - - - > 'Explorer.exe'(6020) c:\program files\Logitech\SetPoint\lgscroll.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\audiodg.exe c:\windows\System32\ZoneLabs\vsmon.exe c:\windows\System32\conime.exe c:\program files\Common Files\Acronis\Schedule2\schedul2.exe c:\program files\Bonjour\mDNSResponder.exe c:\acer\Empowering Technology\eDataSecurity\eDSService.exe c:\acer\Empowering Technology\eLock\Service\eLockServ.exe c:\acer\Empowering Technology\eNet\eNet Service.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\System32\lxcjcoms.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\ESET\nod32krn.exe c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\acer\Empowering Technology\eSettings\Service\capuserv.exe c:\acer\Empowering Technology\ePower\ePowerSvc.exe c:\windows\System32\WUDFHost.exe c:\windows\System32\rundll32.exe c:\program files\Mouse Driver\KMCONFIG.exe c:\windows\System32\wbem\unsecapp.exe c:\windows\ehome\ehmsas.exe c:\program files\Mouse Driver\KMProcess.exe c:\users\Guy\AppData\Local\Temp\RtkBtMnt.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\acer\Empowering Technology\eNet\eNMTray.exe c:\acer\Empowering Technology\ePower\ePower_DMC.exe c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe c:\windows\System32\wbem\unsecapp.exe c:\program files\IncrediMail\bin\ImApp.exe c:\program files\Common Files\logishrd\KHAL2\KHALMNPR.exe c:\windows\System32\dllhost.exe . ************************************************************************** . Heure de fin: 2008-12-31 9:45:39 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-31 08:45:18 ComboFix2.txt 2008-12-31 08:16:05 ComboFix3.txt 2008-12-30 19:37:17 Avant-CF: 23 811 891 200 octets libres Après-CF: 23,469,789,184 octets libres 512 --- E O F --- 2008-12-30 06:27:04

voici la 2ème partie ...et mes remerciements pour me dire ce que vous en pensez. ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}] 2007-09-24 15:26 2022912 --a------ c:\progra~1\VMNTOO~1\VMNTOO~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{A057A204-BACC-4D26-8287-79A187E26987}"= "c:\progra~1\VMNTOO~1\VMNTOO~1.DLL" [2007-09-24 2022912] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{A057A204-BACC-4D26-8287-79A187E26987}"= "c:\progra~1\VMNTOO~1\VMNTOO~1.DLL" [2007-09-24 2022912] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-8287-79a187e26987}] [HKEY_CLASSES_ROOT\vmntoolbar.VMNTOOLBAR] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-11-09 243072] "LaunchList"="c:\program files\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496] "Gestionnaire Antidote.exe"="c:\program files\Druide\Antidote\Gestionnaire Antidote.exe" [2008-06-03 536576] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-08-09 171448] "Google Update"="c:\users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-11-19 133104] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-26 949376] "LXCJCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCJtime.dll" [2006-11-21 106496] "lxcjmon.exe"="c:\program files\Lexmark 8300 Series\lxcjmon.exe" [2007-05-08 205744] "EzPrint"="c:\program files\Lexmark 8300 Series\ezprint.exe" [2007-05-08 103344] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-04 136600] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 304664] "LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-28 244512] "NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-20 81920] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-07 2620336] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-07 904880] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-07 140568] "KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992] "WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2008-02-09 456024] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Gestionnaire Antidote.exe"="c:\progra~1\Druide\Antidote\Gestionnaire Antidote.exe" [2008-06-03 536576] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696] Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-09-30 805392] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=eNetHook.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.3ivx"= 3ivxVfWCodec.dll "vidc.3iv2"= 3ivxVfWCodec.dll "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll "vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll "VIDC.MJPG"= Pvmjpg30.dll "msacm.enc"= ITIG726.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcerOrbicamRibbon] --a------ 2006-11-28 17:43 754712 c:\program files\Acer\OrbiCam10\OrbiCam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager] --a------ 2006-10-31 00:06 304664 c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] --a------ 2006-11-28 17:38 244512 c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 14:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-02-14 17:16 155648 c:\program files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunbird] --a------ 2008-10-16 11:34 6354540 c:\program files\Mozilla Sunbird\sunbird.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "IncrediMail Tray Application"=c:\program files\IncrediMail\bin\IncMail.exe "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HiYo"=c:\program files\HiYo\bin\HiYo.exe /RunFromStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 "SerialNumber"="A109A-K13-3ZXD-BAP5-TE" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{081659FE-5F03-42E3-B488-636242C7D835}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{2A8BAAA4-1E02-4C0A-BC8A-3882CFC56A0D}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{DDC4BABB-AFA5-4FC1-A1AB-01307C07A467}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{713A9D3B-0F60-4CA5-A9AD-639B3C70B352}"= UDP:c:\windows\System32\lxcjcoms.exe:Lexmark Communications System "{CBE97720-E9FD-4E3B-898E-0E13A1C49C68}"= TCP:c:\windows\System32\lxcjcoms.exe:Lexmark Communications System "{863EE359-7459-4763-84F6-44F09B8EC79A}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxcjpswx.exe:Printer Status Window "{B9B5AF1B-0821-4287-B77B-C42F72B6FE31}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxcjpswx.exe:Printer Status Window "{A79237A9-4B56-4DC6-A83E-3444106C22F9}"= UDP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager "{0AA68227-CF6D-4F8C-80A9-B8A25C5E6517}"= TCP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager "{D1285D66-D2A0-4174-BFD5-3180D8F86934}"= UDP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio "{ADA9A4FA-D1A1-45D4-83AD-A6A0CBE6BBA9}"= TCP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio "{2AA48D0B-A482-4FE9-972D-B4253232FD59}"= UDP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile "{B5DD6B5D-E356-456F-81C5-64F7F3EB6347}"= TCP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile "{AD143EA1-B4D4-4696-AFD9-C1D9C098FC07}"= UDP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi "{1548840D-C723-4C77-A15D-CCDF2D3F828C}"= TCP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi "{3A64DB78-4BA7-4F00-8717-D67AFB2B9878}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{C744BAED-53C2-4E6B-965A-38135E9C0010}c:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{61066F65-C16A-439C-9693-FB91B2E3CB1B}c:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "{45C514F8-B472-4A9E-9901-898C3239BF2C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{A0B2ADAB-7104-4D10-B305-12FE8225C70C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{F262A6BA-63BD-4CB0-903C-DD649BD35734}"= Disabled:UDP:c:\program files\Skype\Phone\Skype.exe:Skype "{81B9A90A-D1EE-4F13-9992-7A08D471C8B8}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype "{812F6EFF-1D8E-43FE-9F4A-36B1AD775803}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{E6C2E75B-9077-4ED0-8AF0-02A530141FDD}"= Disabled:UDP:443:TCP port 443 ooVoo "{0E9EBADF-4EFF-416B-843A-AE093D0157E4}"= Disabled:TCP:443:UDP port 443 ooVoo "{8BD29B8D-4161-445B-9AFE-837417262D86}"= Disabled:UDP:37674:TCP port 37674 ooVoo "{1FE372CF-C233-4410-9E4A-79EEB0FAA5DF}"= Disabled:TCP:37674:UDP port 37674 ooVoo "{A4239D9E-0E0F-460B-A0A9-41241B2E3D1B}"= Disabled:TCP:37675:UDP port 37675 ooVoo "{70578DD8-DA6A-4B1C-98AF-7706193DB262}"= UDP:443:TCP port 443 ooVoo "{24FAF1C5-B684-4AC7-899A-6BD1838AC514}"= TCP:443:UDP port 443 ooVoo "{4D5DB114-B1BA-4D5A-9367-56F9EC9DA1AA}"= UDP:37674:TCP port 37674 ooVoo "{4F279D7D-AEEB-4DEE-AFA0-AC3368072A02}"= TCP:37674:UDP port 37674 ooVoo "{5A9F0791-7E53-40BD-8983-B0B14D443C35}"= TCP:37675:UDP port 37675 ooVoo "{8DF0830C-C9C9-4589-8899-17C1C8BCD08E}"= UDP:d:\download\lf\177 Programmes Portables Pack 13 V.Steph\177 Programmes Portables Pack 13 V.Steph\Portable LimeWire PRO 4.18.8\Portable LimeWire PRO 4.18.8.exe:LimeWire "{D0AEC8CB-4009-4597-B725-2D0731B08939}"= TCP:d:\download\lf\177 Programmes Portables Pack 13 V.Steph\177 Programmes Portables Pack 13 V.Steph\Portable LimeWire PRO 4.18.8\Portable LimeWire PRO 4.18.8.exe:LimeWire "{276E6911-C284-4F70-BDD4-59953F08FA8C}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{6D57A3FF-AF53-43DB-988C-D0106571D221}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{06A26069-C47D-405A-AA3A-AF8E449E2560}"= Disabled:UDP:c:\users\Guy\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{C0120A88-57DC-4CEC-91A9-B88D80D2BD57}"= Disabled:TCP:c:\users\Guy\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{669FED86-378D-4802-B923-763A1DC881B7}"= UDP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin "{44533A8C-973C-4389-A46C-4947CA2A91C6}"= TCP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin "{7B9B08EF-682A-4838-8884-4ADCC550A88E}"= UDP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin "{A129FDCD-1DD5-461E-AC16-A1A456FBD6D9}"= TCP:c:\users\Guy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin "{B6B0DF95-0201-4F45-9B51-A7DB4B9283FA}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{4E02D31B-0C0C-412E-8B39-92BAFF54B1CF}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{79A86FEA-4439-4C3C-BA1E-8B98AE237B0C}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{4153D592-3CA0-4502-B734-D679CE93C4F9}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{2C1BC5B7-88C4-4D17-9224-FFACE0FD1D11}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{3DA8E759-411D-42C2-A651-C984CDEEAC07}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{723BA4D5-5B07-478D-9F36-B5967805BCEE}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{8F5DEC99-5691-4A6A-8D62-9B6405F19ADB}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{B113D613-DF1A-4A11-93BA-EF80B6021F81}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{BBC46F5D-602D-4AF8-A1EA-D6DF2BEA9A1B}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{F699678E-E909-4131-BA50-CE9CFB43C300}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{AB705A7A-8DE4-4AFE-BBC0-E6A411907BB5}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{347C6276-F9FC-4502-87CA-D7B8F9F1FECD}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{34647DEB-F303-49C1-8125-20D60F09E0D6}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-26 15424] R2 acedrv09;acedrv09;\??\c:\windows\system32\drivers\acedrv09.sys [2007-06-18 373568] R2 acehlp09;acehlp09;\??\c:\windows\system32\drivers\acehlp09.sys [2007-05-30 201696] R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\DRIVERS\avwebcam.sys [2008-08-05 215552] R2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2008-02-09 941784] R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [2008-03-28 208896] S3 maconfservice;Ma-Config Service;"c:\program files\ma-config.com\maconfservice.exe" [2008-11-17 195752] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-02-15 544768] S3 WSVD;WSVD;\??\c:\windows\system32\drivers\WSVD.sys [2007-06-27 80744] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9961491A-4970-699B-B3E3-B07086DC3E85}] c:\windows\system32\win32.exe . Contenu du dossier 'Tâches planifiées' 2008-12-29 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 15:17] 2008-12-30 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-19 11:27] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{3FCE70FB-3240-4A1B-B777-A6E5BF96F537} - c:\windows\system32\ddcAqnNd.dll BHO-{F8BEF877-8851-61E8-4FC1-EA04E38352BC} - c:\windows\system32\cniqpyqrpzlw.dll WebBrowser-{A057A204-BACC-4D26-8087-36EE87E26986} - (no file) HKLM-Explorer_Run-Sidebar - c:\users\Guy\AppData\Local\Temp\sidebar.exe MSConfigStartUp-2aa81b5c - c:\windows\system32\fsygjmxf.dll MSConfigStartUp-Pense-bête - c:\program files\AXEL\Pense-bête\pensebet.exe MSConfigStartUp-SSBkgdUpdate - c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-30 20:24:32 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCJCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run Sidebar = c:\users\Guy\AppData\Local\Temp\sidebar.exe?|????????0???????? ???????Xv?????? ?x?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????@??????????????????????)????????????????? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(1060) c:\windows\system32\relog_ap.dll - - - - - - - > 'Explorer.exe'(5900) c:\program files\Logitech\SetPoint\lgscroll.dll c:\program files\IncrediMail\bin\B4ImApp.dll c:\acer\Empowering Technology\EPOWER\SysHook.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\audiodg.exe c:\windows\System32\ZoneLabs\vsmon.exe c:\program files\Common Files\Acronis\Schedule2\schedul2.exe c:\windows\System32\conime.exe c:\program files\Bonjour\mDNSResponder.exe c:\acer\Empowering Technology\eDataSecurity\eDSService.exe c:\acer\Empowering Technology\eLock\Service\eLockServ.exe c:\acer\Empowering Technology\eNet\eNet Service.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\System32\lxcjcoms.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\ESET\nod32krn.exe c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\acer\Empowering Technology\eSettings\Service\capuserv.exe c:\windows\System32\WUDFHost.exe c:\acer\Empowering Technology\ePower\ePowerSvc.exe c:\windows\System32\wbem\unsecapp.exe c:\users\Guy\AppData\Local\Temp\RtkBtMnt.exe c:\windows\System32\rundll32.exe c:\program files\Mouse Driver\KMCONFIG.exe c:\program files\Mouse Driver\KMProcess.exe c:\windows\ehome\ehmsas.exe c:\acer\Empowering Technology\eNet\eNMTray.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\acer\Empowering Technology\ePower\ePower_DMC.exe c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe c:\windows\System32\wbem\unsecapp.exe c:\program files\IncrediMail\bin\ImApp.exe c:\program files\Common Files\logishrd\KHAL2\KHALMNPR.exe . ************************************************************************** . Heure de fin: 2008-12-30 20:37:16 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-30 19:36:55 Avant-CF: 26 922 270 720 octets libres Après-CF: 26,613,280,768 octets libres 537 --- E O F --- 2008-12-30 06:27:04

Bonjour, Pouvez-vous m'aider pour supprimer ce qui provoque cette lenteur, ces non réponses etc... meme avec ctrl-alt-sup je n'ai que rarement une réponse. Merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:08:34, on 30/12/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Safe mode Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\Explorer.exe C:\karcher\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {2BE27C32-F768-4BC4-AF8B-5B11780C2874} - C:\Windows\system32\ddcAqnNd.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: mysidesearch search enhancer - {F8BEF877-8851-61E8-4FC1-EA04E38352BC} - C:\Windows\system32\cniqpyqrpzlw.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [LXCJCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [svchost] C:\Windows\system32\win32.exe O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\urqPhiIX.dll,#1 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [sunbird] C:\Program Files\Mozilla Sunbird\sunbird.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKLM\..\Policies\Explorer\Run: [sidebar] C:\Users\Guy\AppData\Local\Temp\sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Gestionnaire Antidote.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Gestionnaire Antidote.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: eNetHook.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll" (file missing) O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe O23 - Service: lxcj_device - - C:\Windows\system32\lxcjcoms.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - -"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - -"C:\Program Files\CyberLink\Shared Files\RichVideo.exe" (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing) -- End of file - 14778 bytes

Comme j'ai exactement le même problème - pour la même raison- depuis hier, j'ai suivi les instructions et colle ci-dessous le fcichier. Si vous pouvez éclairer ma lanterne sur la marche à suivre pour supprimer cette envahissante pub. Merci << Créer ton propre sujet stp!! >>