jacks13

bonjour voila le log de eset ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=919eed963cb1604a904475262ed2033d # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-14 10:49:55 # local_time=2011-12-14 11:49:55 (+0100, Paris, Madrid) # country="France" # lang=1033 # osver=6.0.6001 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=5892 16776638 66 100 681685 161383640 0 0 # compatibility_mode=8192 67108863 100 0 3747 3747 0 0 # scanned=239312 # found=34 # cleaned=0 # scan_time=8857 C:\MicroGaming\Poker\mypokfr\install.exe a variant of Win32/PrimeCasino application (unable to clean) 00000000000000000000000000000000 I C:\MicroGaming\Poker\PokerXtremfrMPP\install.exe a variant of Win32/PrimeCasino application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\DAEMON Tools Lite\uninst.exe Win32/Adware.Toolbar.Shopper application (unable to clean) 00000000000000000000000000000000 I C:\ProgramData\Spybot - Search & Destroy\Recovery\WinAgentfbx2.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Users\All Users\Spybot - Search & Destroy\Recovery\WinAgentfbx2.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\7f44369f-20da5dd5 a variant of Win32/Kryptik.XAD trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\7f44369f-55c44ea1 a variant of Win32/Kryptik.XAD trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\50ec86e7-2a9d1104 a variant of Java/Exploit.CVE-2011-3544.C trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Desktop\Nouveau dossier\ego eure\system\aoltv\nHTMLn.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Desktop\Nouveau dossier\ego eure\system\coolradio\coolradio\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Desktop\Nouveau dossier\ego eure\system\divx\dll\nHTMLn_2.9.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Desktop\Nouveau dossier\ego eure\system\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Downloads\Setup_FreeConverter.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Downloads\SoftonicDownloader_pour_samsung-pc-studio.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Downloads\SoftonicDownloader_pour_ultrasurf-firefox-tool.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I C:\Users\Steph\Downloads\u.zip a variant of Win32/Packed.Themida application (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\drivers\afd.sys a variant of Win32/Rootkit.Kryptik.FQ trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys a variant of Win32/Rootkit.Kryptik.FQ trojan (unable to clean) 00000000000000000000000000000000 I E:\LOG\Ahead.Nero.v8.3.2.1.FRENCH-ENGiNE\Nero-8.3.2.1_fra_trial.exe Win32/Toolbar.AskSBar application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\Ahead.Nero.v8.1.1.4.Ultra.Edition.French.Incl.Keymaker-MAMiNT\n8114.apps-mam\n8114.apps-mam.exe Win32/Toolbar.AskSBar application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\ego eure\system\aoltv\nHTMLn.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\ego eure\system\coolradio\coolradio\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\ego eure\system\divx\dll\nHTMLn_2.9.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\ego eure\system\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\FlohandScript\system\aoltv\nHTMLn.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\FlohandScript\system\coolradio\coolradio\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\FlohandScript\system\divx\dll\nHTMLn_2.9.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ancien log\FlohandScript\system\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ego eure\system\aoltv\nHTMLn.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ego eure\system\coolradio\coolradio\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ego eure\system\divx\dll\nHTMLn_2.9.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I E:\LOG\ego eure\system\Skyrock\html.dll probably a variant of Win32/Adware.Agent.CZTDWWN application (unable to clean) 00000000000000000000000000000000 I ${Memory} a variant of Win32/Sirefef.DN trojan 00000000000000000000000000000000 I

en fait pas tout est reglé ping.exe desciption: Commande TCP/IP Ping me bouffe entre 50 et 100 % de mon processeur ca fait le yoyo et 908 292 k de memoire

oui toujours sinon tout le reste a l air réglé

la machine a l air d aller bien mieux merci pour tout ca deja par contre quand je telecharge un fichier il s efface toujours automatiquement impossible de l ouvrir il disparait il apparait 1 sec dans telechargement et plus rien. RogueKiller V6.1.12 [02/12/2011] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/38) Blog: tigzy-RK Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: Steph [Droits d'admin] Mode: Raccourcis RAZ -- Date : 11/12/2011 18:07:27 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ Attributs de fichiers restaures: Bureau: Success 1 / Fail 0 Lancement rapide: Success 0 / Fail 0 Programmes: Success 58 / Fail 0 Menu demarrer: Success 2 / Fail 0 Dossier utilisateur: Success 211 / Fail 0 Mes documents: Success 0 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 2 / Fail 0 Ma musique: Success 2 / Fail 0 Mes videos: Success 0 / Fail 0 Disques locaux: Success 89 / Fail 2 Sauvegarde: [NOT FOUND] Lecteurs: [A:] \Device\Floppy0 -- 0x2 --> Skipped [C:] \Device\HarddiskVolume1 -- 0x3 --> Restored [D:] \Device\CdRom0 -- 0x5 --> Skipped [E:] \Device\HarddiskVolume2 -- 0x3 --> Restored [F:] \Device\CdRom1 -- 0x5 --> Skipped ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

voila le rapport mbam Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 8351 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 11/12/2011 17:47:34 mbam-log-2011-12-11 (17-47-34).txt Type d'examen: Examen complet (C:\|E:\|) Elément(s) analysé(s): 445632 Temps écoulé: 1 heure(s), 52 minute(s), 45 seconde(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 14 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 33 Processus mémoire infecté(s): c:\Windows\System32\pelq45oh4.com (Trojan.Email) -> 7044 -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ChilipokerFR (PUP.Casino) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Poker83 (PUP.Casino) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Diamond Club Poker (PUP.Casino) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan.fr (PUP.Casino) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mypokfr (Poker) (PUP.Casino.Gen) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerXtremfr (Poker) (PUP.Casino.Gen) -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\KYQ8ZBOAXR (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Value: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Value: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Windows\System32\pelq45oh4.com (Trojan.Email) -> Delete on reboot. c:\Windows\System32\pELQ45Oh4.com_ (Trojan.Email) -> Delete on reboot. c:\Poker\chilipoker.fr\_setuppoker.exe_796e99.exe (PUP.Casino) -> Not selected for removal. c:\Poker\Poker83\_setuppoker.exe_2305f2.exe (PUP.Casino) -> Not selected for removal. c:\Poker\pokerroomschool\_setuppoker.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\Poker\Titan.fr\_setuppoker.exe_bc7dea.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\programdata\2K4c0M3F.exe (Trojan.Email) -> Quarantined and deleted successfully. c:\programdata\2k4c0m3f.exe_ (Trojan.Email) -> Quarantined and deleted successfully. c:\Users\Steph\AppData\Local\Temp\MyPok.exe (PUP.Casino.Gen) -> Not selected for removal. c:\Users\Steph\AppData\Local\Temp\0.2874201109209923.exe (Trojan.Zbot.CBCGen) -> Quarantined and deleted successfully. c:\Users\Steph\AppData\Local\Temp\C37E.tmp (Rogue.PrivacyProtection) -> Quarantined and deleted successfully. c:\Users\Steph\AppData\LocalLow\Sun\Java\deployment\cache\6.0\56\1f9069b8-2db0c465 (Rogue.PrivacyProtection) -> Quarantined and deleted successfully. c:\Users\Steph\AppData\LocalLow\Sun\Java\deployment\cache\6.0\8\773d8308-7200593e (Trojan.Zbot.CBCGen) -> Quarantined and deleted successfully. c:\Users\Steph\Desktop\u1011.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Steph\Desktop\U1014.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Steph\Desktop\U1016.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Steph\documents\mes fichiers reçus\removewat.exe (HackTool.Wpakill) -> Quarantined and deleted successfully. c:\Users\Steph\documents\mes fichiers reçus\setupcasino_367.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\uusee_heima_setup_113275.exe (PUP.Uusee) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\200pourcentpoker.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\everest poker.fr.exe (PUP.Casino) -> Not selected for removal. c:\Users\Steph\downloads\setupcasino_e77fe8.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\setuppoker.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\setuppoker.exe_2305f2.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\setuppoker.exe_796e99.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\setuppoker.exe_bc7dea.exe (PUP.Casino) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\pokerxtrem(2).exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\pokerxtrem.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\smartdownload.exe (Adware.Casino) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\installer_easy_mp3_cutter_2_9__french.exe (Trojan.Toggle) -> Quarantined and deleted successfully. c:\Users\Steph\downloads\MyPok.exe (PUP.Casino.Gen) -> Not selected for removal. c:\microgaming\Poker\mypokfr\install.exe (PUP.Casino.Gen) -> Not selected for removal. c:\microgaming\Poker\pokerxtremfrmpp\install.exe (PUP.Casino.Gen) -> Not selected for removal.

bon je vient de contourner le probleme en me servant d un autre pc et en le copiant par usb voila le rapport voila le mode 1 RogueKiller V6.1.12 [02/12/2011] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/38) Blog: tigzy-RK Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: Steph [Droits d'admin] Mode: Recherche -- Date : 11/12/2011 15:30:30 ¤¤¤ Processus malicieux: 1 ¤¤¤ [sUSP PATH] CmdLineExt.dll -- C:\Users\Steph\AppData\Local\Temp\CmdLineExt.dll -> UNLOADED ¤¤¤ Entrees de registre: 9 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : Smad ("C:\Users\Steph\AppData\Local\SanctionedMedia\Smad\Smad.exe") -> FOUND [sUSP PATH] HKCU\[...]\Run : iv39od7ft9 (C:\Users\Steph\iv39od7ft9.exe) -> FOUND [sUSP PATH] HKLM\[...]\Run : iv39od7ft9 (C:\ProgramData\iv39od7ft9.exe) -> FOUND [sUSP PATH] HKUS\S-1-5-21-2150230834-1197498539-2385967262-1000[...]\Run : Smad ("C:\Users\Steph\AppData\Local\SanctionedMedia\Smad\Smad.exe") -> FOUND [sUSP PATH] HKUS\S-1-5-21-2150230834-1197498539-2385967262-1000[...]\Run : iv39od7ft9 (C:\Users\Steph\iv39od7ft9.exe) -> FOUND [sUSP PATH] Moniteur & Configuration.lnk : C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ Termine : << RKreport[1].txt >> RKreport[1].txt voila le mode 2 RogueKiller V6.1.12 [02/12/2011] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/38) Blog: tigzy-RK Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: Steph [Droits d'admin] Mode: Suppression -- Date : 11/12/2011 15:32:19 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 7 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : Smad ("C:\Users\Steph\AppData\Local\SanctionedMedia\Smad\Smad.exe") -> DELETED [sUSP PATH] HKCU\[...]\Run : iv39od7ft9 (C:\Users\Steph\iv39od7ft9.exe) -> DELETED [sUSP PATH] HKLM\[...]\Run : iv39od7ft9 (C:\ProgramData\iv39od7ft9.exe) -> DELETED [sUSP PATH] Moniteur & Configuration.lnk : C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe -> DELETED [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt je passe a la suite

oui mais impossible de telecharger rogue killer ou quoi que ce soit d aute une fois telechargé il disparait comme si il etais directement effacé et j ai meme testé en mode sans echec ca fait pareil donc impossible de le lancer

Ensuite, recherchez et supprimez c:\program files\vshare.tv plugin\barlcher.dll c:\windows\system32\regedit.exe rebonjour le 1er je l ai bien suprimé mais le 2eme regedit.exe je l ai pas dans system32 je le trouve que dans C:\Windows/regedit.exe ou C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697/regedit.exe je vient de refaire un hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:52:56, on 11/12/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18639) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe C:\HijackThis\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\bin\IPS\IPSBHO.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iv39od7ft9] C:\ProgramData\iv39od7ft9.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [smad] "C:\Users\Steph\AppData\Local\SanctionedMedia\Smad\Smad.exe" O4 - HKCU\..\Run: [iv39od7ft9] C:\Users\Steph\iv39od7ft9.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Moniteur & Configuration.lnk = ? O8 - Extra context menu item: Envoyer via Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm O8 - Extra context menu item: Envoyer via message(&M)... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\Steph\Desktop\PMU Poker.lnk O9 - Extra 'Tools' menuitem: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\Steph\Desktop\PMU Poker.lnk O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file) O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll/206 (file missing) O9 - Extra button: Spin Palace Poker - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\spinpalaceMPP\MPPoker.exe (file missing) (HKCU) O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra button: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra button: Poker Xtrem - {88E155A4-7C0D-42EE-8984-7C1F16DDE89F} - C:\Microgaming\Poker\PokerXtremfrMPP\MPPoker.exe (HKCU) O9 - Extra button: MyPok - {8ECB25CC-87F2-40FE-AC5D-2E7255822B84} - C:\Microgaming\Poker\mypokfr\MPPoker.exe (HKCU) O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.spvod.com/soft/vjocx-ch-spvod.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll O20 - Winlogon Notify: SEP - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\WinLogoutNotifier.dll (file missing) O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Palm Novacom (NovacomD) - Palm - C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\Smc.exe O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\snac.exe -- End of file - 9968 bytes

bonjour j ai la totale et impossible de les résoudre parce que ben y en a un qui a l air balèze. - deja commençons par le début il m est impossible de télécharger quoi que se soit style adwcleaner ou autre tout ce que je télécharge s efface automatiquement j es essayé de vite le lancer quand il se télécharge mais il me dit que ce n est pas une application win32 valid. a partir de la ma tache s annonce pas facile - j ai chopé comme vire privacy protection j es essayé de l éradiquer avec spybot et symanted endpoint protection je l est pas revu depuis 2 jours - quand je tape dans google une recherche ca me dirige sur une autre page que celle demandé et j ai des bruit bizarre qui sorte de mes enceinte comme des bruit d explosion lol ca dure 3 sec et revient 30 sec après c est aléatoire. - dans mes procesus j ai PING.exe iexplore.exe qui me bouffe mon uc jusqua 100 % je les supprime il reviennent aussi sec j avais système spooler aussi mais j ai viré dans msconfig je l ai décoché. je sait pas quoi faire vu qu je peut rien téléchargé pour m aider. merci a vous pour votre aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:59:41, on 11/12/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18639) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Java\jre6\bin\javaw.exe C:\Windows\system32\SearchFilterHost.exe C:\HijackThis\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\bin\IPS\IPSBHO.DLL O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iv39od7ft9] C:\ProgramData\iv39od7ft9.exe O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [smad] "C:\Users\Steph\AppData\Local\SanctionedMedia\Smad\Smad.exe" O4 - HKCU\..\Run: [iv39od7ft9] C:\Users\Steph\iv39od7ft9.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Moniteur & Configuration.lnk = ? O8 - Extra context menu item: Envoyer via Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm O8 - Extra context menu item: Envoyer via message(&M)... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\Steph\Desktop\PMU Poker.lnk O9 - Extra 'Tools' menuitem: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\Steph\Desktop\PMU Poker.lnk O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file) O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll/206 (file missing) O9 - Extra button: Spin Palace Poker - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\spinpalaceMPP\MPPoker.exe (file missing) (HKCU) O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra button: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU) O9 - Extra button: Poker Xtrem - {88E155A4-7C0D-42EE-8984-7C1F16DDE89F} - C:\Microgaming\Poker\PokerXtremfrMPP\MPPoker.exe (HKCU) O9 - Extra button: MyPok - {8ECB25CC-87F2-40FE-AC5D-2E7255822B84} - C:\Microgaming\Poker\mypokfr\MPPoker.exe (HKCU) O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.spvod.com/soft/vjocx-ch-spvod.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll O20 - Winlogon Notify: SEP - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\WinLogoutNotifier.dll (file missing) O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Palm Novacom (NovacomD) - Palm - C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\Smc.exe O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\snac.exe -- End of file - 10317 bytes