Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

[résolu] Win 32 spyware - gen [Trj]

 

Labbaipierre
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

[résolu] Win 32 spyware - gen [Trj]

Prévenir les modérateurs en cas d'abus 
OLIVER39
oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/01/2008 à 13:33:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour à tous, j'ai également un souci avec ce trojan. J'ai effectué une analyse antivirus avec AVIRA ANTIVIR qui me détecte le fameux Win 32 spyware - gen [Trj] que j'ai mis en quarantaine. Cela n'a rien changé, des fenêtres internet explorer s'ouvrent toutes seules, mon ordi est très lent. Que dois-je faire, en plus, je n'y connais pas grand chose?
 Quelqu'un peut-il m'aider? Merci d'avance.

merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 23/01/2008 à 13:47:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 1) Télécharge Hijackthis V 2.02, renomme le scanner (si c'est pas fait renomme le avant tout scan) et mets-le dans un dossier nommé hijackthis dans tes program files ! (C:\Program Files\HijackThis)
 http://www.trendsecure.com/por [...] nstall.exe

 Ferme toutes les fenêtres, HJT doit être exécuté seul (tout autre programme fermé).

 Tuto:   http://bibou0007.forumpro.fr/t [...] 2-t108.htm

 Clique alors sur "Do a system scan and save a logfile"
 Le scan se fait très rapidement, puis un bloc-note apparaît
 (le "logfile" )

 Dans ce bloc-note, va dans "Edition", puis "Selectionner Tout",
 le texte est alors sélectionné, retourne dans "Edition" toujours
 en laissant le texte sélectionné, et clique sur copier.
 Colle le contenu ici dans ta prochaine réponse !

(Publicité)
oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/01/2008 à 14:40:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 14:38:32, on 23/01/2008
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v7.00 (7.00.6000.16575)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Program Files\Video Add-on\icthis.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
 C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\MSN Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Program Files\Video Add-on\icmntr.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Internet Explorer\ieuser.exe
 C:\Program Files\Wanadoo\TaskBarIcon.exe
 C:\Users\olivier\AppData\Local​\Temp\RtkBtMnt.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Macromed\F​lash\FlashUtil9b.exe
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = about:blank
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A5​3123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\Np​pBho.dll
 O2 - BHO: (no name) - {21ECA600-72B5-4E66-BB2E-573C9​2CBD8D6} - C:\Program Files\Video Add-on\isfmdl.dll
 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\Program Files\Real\RealPlayer\rpbrowse​rrecordplugin.dll
 O2 - BHO: (no name) - {69B98C68-D2B8-4A4E-9CB7-E85B6​F3A7014} - C:\Program Files\Video Add-on\isfmdl.dll
 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5​E23E045} - (no file)
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar1.dl​l
 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027​CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9​C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UI​BHO.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60​AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar1.dl​l
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
 O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
 O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.ex​e TaskBarIcon.exe
 O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\AlertEng.d​ll"
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.ex​e
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" -startup
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
 O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284​D0FE16E} - http://www.orange.fr (file missing) (HKCU)
 O13 - Gopher Prefix:
 O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488​ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edge [...] plugin.cab
 O20 - AppInit_DLLs: eNetHook.dll
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
 O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSSe​rvice.exe
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\​LUCOMS~1.EXE
 O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
 O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\v​smon.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xa​udio.exe (file missing)

 --
 End of file - 12413 bytes

 Merci pour ton aide  :)

merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 23/01/2008 à 17:10:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
1) Affiche les fichiers et dossiers cachés …
 Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
 Ensuite, clique sur > Outils > Options des dossiers ...
 clique sur l' onglet « Affichage » et ...
 coche ---> Afficher les fichiers et dossiers cachés
 décoche > Masquer les extensions des fichiers dont le type est connu
 décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
 « Appliquer » et « OK ».

 2) Télécharge Combofix de sUBs :
 http://download.bleepingcomput [...] mboFix.exe
 Sauvegarde le sur ton bureau et pas ailleurs !

 Aide à l’utilisation de combofix ici: http://bibou0007.forumpro.fr/t [...] x-t121.htm
 
 Redémarre en mode sans échecs : aide ici >>>

 http://forum.telecharger.01net [...] ges-1.html

 Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
 Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

 3) Copie/colle un nouveau rapport HiJackThis avec.

oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/01/2008 à 21:20:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai suivi tous tes conseils,cependant je n'ai pas eu le rapport de COMBOFIX, pendant l'application, j'ai laissé l'application s'effectuer concernant la recherche de fichiers infectieux. A l'issue, COMBOFIX demandait de ne pas ouvrir d'autres application et disait que le rapport était en cours mais l'application s'est fermée. Toutefois, mon ordi ne rame plu et plus aucune fenêtre internet explorer ne s'ouvre. Je n'ai plus de message d'alerte de virus non plu, apparamment mon problèmeest résolu.
 Je te transmets quand même le rapport HIJACKTHIS, merci, encore. ;)  

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 14:38:32, on 23/01/2008
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v7.00 (7.00.6000.16575)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Program Files\Video Add-on\icthis.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
 C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\MSN Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Program Files\Video Add-on\icmntr.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Internet Explorer\ieuser.exe
 C:\Program Files\Wanadoo\TaskBarIcon.exe
 C:\Users\olivier\AppData\Local​\Temp\RtkBtMnt.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Macromed\F​lash\FlashUtil9b.exe
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = about:blank
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A5​3123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\Np​pBho.dll
 O2 - BHO: (no name) - {21ECA600-72B5-4E66-BB2E-573C9​2CBD8D6} - C:\Program Files\Video Add-on\isfmdl.dll
 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\Program Files\Real\RealPlayer\rpbrowse​rrecordplugin.dll
 O2 - BHO: (no name) - {69B98C68-D2B8-4A4E-9CB7-E85B6​F3A7014} - C:\Program Files\Video Add-on\isfmdl.dll
 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5​E23E045} - (no file)
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar1.dl​l
 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027​CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9​C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UI​BHO.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60​AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar1.dl​l
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
 O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
 O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.ex​e TaskBarIcon.exe
 O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\AlertEng.d​ll"
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.ex​e
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" -startup
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
 O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284​D0FE16E} - http://www.orange.fr (file missing) (HKCU)
 O13 - Gopher Prefix:
 O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488​ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edge [...] plugin.cab
 O20 - AppInit_DLLs: eNetHook.dll
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
 O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSSe​rvice.exe
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\​LUCOMS~1.EXE
 O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
 O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\v​smon.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xa​udio.exe (file missing)

 --
 End of file - 12413 bytes

(Publicité)
merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 23/01/2008 à 22:45:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:  

 peut-être mais tu es toujours infecté... je te dirais quand ce sera fini :)

 Fais analyser ce(s) fichier(s) sur VirusTotal :

 



C:\Program Files\Video Add-on\icmntr.exe
 C:\Program Files\Video Add-on\icthis.exe
 C:\Program Files\Video Add-on\isfmdl.dll





 ici: http://www.virustotal.com/fr/

 Une fois sur le site, faites "Parcourir", Naviguez dans l'explorateur Windows, jusqu'à trouver le fichier concerné, une fois le fichier trouvé, faites "Ouvrir". Puis cliquez sur "Envoyer le fichier".

 Patientez pendant la file d'attente et le temps de l'analyse du fichier...


 Une fois le scan du fichier fini, copiez-moi tous les résultats de tous les Antivirus, et collez les dans votre prochaine réponse.

oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/01/2008 à 16:54:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Je suis désolé, je n'arrive pas à trouver ces trois fichiers. Cela fait déjà un bon moment que j'y suis. Y-a-t-il une astuce pour les trouver plus vite, je suis preneur! :??:

merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 24/01/2008 à 17:02:31  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour,

 Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
 Execute.. laisse le scan se faire.

 Poste le ou les rapports ici.

 ;)

(Publicité)
oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/01/2008 à 17:38:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Deckard's System Scanner v20071014.68
 Run by olivier on 2008-01-24 17:32:53
 Computer is in Normal Mode.
 ------------------------------​------------------------------​--------------------

 -- Last 5 Restore Point(s) --
 10: 2008-01-24 11:33:11 UTC - RP224 - Point de contrôle planifié
 9: 2008-01-23 17:02:06 UTC - RP223 - ComboFix created restore point
 8: 2008-01-23 10:32:26 UTC - RP222 - AntiVir PersonalEdition Classic - 23/01/2008 11:32
 7: 2008-01-22 20:05:20 UTC - RP220 - Installation du package de pilote logiciel : Apple, Inc. Contrôleurs de bus USB
 6: 2008-01-22 18:04:33 UTC - RP219 - Installation du package de pilote logiciel : Zone Labs, a Check Point company Service réseau


 -- First Restore Point --
 1: 2008-01-11 11:22:41 UTC - RP214 - Point de contrôle planifié


 Backed up registry hives.
 Performed disk cleanup.

 Total Physical Memory: 1023 MiB (1024 MiB recommended).


 -- HijackThis (run as olivier.exe) ------------------------------​---------------

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 17:34, on 2008-01-24
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v7.00 (7.00.6000.16575)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Dwm.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
 C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\MSN Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Windows\ehome\ehmsas.exe
 C:\Program Files\Wanadoo\TaskBarIcon.exe
 C:\Users\olivier\AppData\Local​\Temp\RtkBtMnt.exe
 C:\Windows\Explorer.exe
 C:\Program Files\Internet Explorer\ieuser.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
 C:\Users\olivier\Desktop\dss.e​xe
 C:\Windows\system32\conime.exe
 C:\PROGRA~1\TRENDM~1\HIJACK~1\​olivier.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.orange.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A5​3123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\Np​pBho.dll
 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\Program Files\Real\RealPlayer\rpbrowse​rrecordplugin.dll
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar1.dl​l
 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027​CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60​AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar1.dl​l
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
 O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
 O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.ex​e TaskBarIcon.exe
 O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\AlertEng.d​ll"
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.ex​e
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" -startup
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
 O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284​D0FE16E} - http://www.orange.fr (file missing) (HKCU)
 O13 - Gopher Prefix:
 O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488​ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edge [...] plugin.cab
 O20 - AppInit_DLLs: eNetHook.dll
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
 O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSSe​rvice.exe
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\​LUCOMS~1.EXE
 O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
 O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\v​smon.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xa​udio.exe (file missing)

 --
 End of file - 11498 bytes

 -- File Associations ------------------------------​-----------------------------

 .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*


 -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 R0 UBHelper - c:\windows\system32\drivers\ub​helper.sys
 R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\nt​idrvr.sys <Not Verified; NewTech Infosystems, Inc.; >


 -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>
 R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledevices​ervice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
 R2 eLockService (eLock Service) - c:\acer\empowering technology\elock\service\elock​serv.exe <Not Verified; Acer Inc.; Acer eLock Management>
 R2 eNet Service - c:\acer\empowering technology\enet\enet service.exe <Not Verified; Acer Inc.; Acer eNet Management>
 R2 eRecoveryService (eRecovery Service) - c:\acer\empowering technology\erecovery\erecovery​service.exe <Not Verified; Acer Inc.; eRecoveryService>
 R2 eSettingsService (eSettings Service) - c:\acer\empowering technology\esettings\service\c​apuserv.exe <Not Verified; ; Service>
 R2 MobilityService - c:\acer\mobility center\mobilityservice.exe -p
 R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>
 R2 WMIService (ePower Service) - c:\acer\empowering technology\epower\epowersvc.ex​e <Not Verified; acer; Acer ePower Management>

 S2 XAudioService - c:\windows\system32\drivers\xa​udio.exe (file missing)


 -- Device Manager: Disabled ------------------------------​----------------------

 No disabled devices found.


 -- Scheduled Tasks ------------------------------​------------------------------​-

 2008-01-24 16:38:01       256 --a------ C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
 2008-01-11 20:52:53       528 --a------ C:\Windows\Tasks\Norton Internet Security - Analyse système complète - olivier.job


 -- Files created between 2007-12-24 and 2008-01-24 -----------------------------

 2008-01-24 13:11:39         0 d-------- \ProgramData\NVIDIA
 2008-01-23 11:33:23         0 d-------- C:\Program Files\Avira
 2008-01-23 11:33:23         0 d-------- \ProgramData\Avira
 2008-01-23 11:18:09         0 d-------- C:\Program Files\Trend Micro
 2008-01-22 21:13:00         0 d-------- C:\Program Files\iPod
 2008-01-22 21:12:30         0 d-------- C:\Program Files\iTunes
 2008-01-22 21:10:35         0 d-------- C:\Program Files\QuickTime
 2008-01-22 21:10:26         0 d-------- \ProgramData\Apple Computer
 2008-01-22 21:04:44         0 d-------- C:\Program Files\Common Files\Apple
 2008-01-22 20:57:59         0 d-------- C:\Program Files\AntiSpyGolden 5.2
 2008-01-22 20:50:49         0 d-------- C:\VundoFix Backups
 2008-01-22 19:09:04         0 d-------- C:\Windows\system32\ZoneLabs
 2008-01-22 19:08:55         0 d-------- \ProgramData\CheckPoint
 2008-01-22 19:02:45         0 d-------- C:\Windows\Internet Logs
 2008-01-22 18:55:54         0 d-------- C:\Program Files\CCleaner
 2008-01-22 18:50:59         0 d-------- C:\Program Files\Lavasoft
 2008-01-22 18:50:58         0 d-------- \ProgramData\Lavasoft
 2008-01-22 18:49:20         0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
 2008-01-22 17:54:55         0 d-------- C:\Program Files\Alwil Software
 2008-01-21 18:03:49         0 d-------- C:\Program Files\Apple Software Update
 2008-01-21 18:03:49         0 d-------- \ProgramData\Apple
 2008-01-16 20:34:51         0 d-------- C:\Program Files\fdrlab
 2007-12-29 21:44:40         0 d-------- C:\Program Files\Common Files\xing shared


 -- Find3M Report ------------------------------​------------------------------​---

 2008-01-24 17:32:28         0 d-------- \Deckard
 2008-01-24 13:23:51         0 d-a------ \Windows
 2008-01-24 13:15:17    690832 --a------ C:\Windows\system32\perfh00C.d​at
 2008-01-24 13:15:17    117572 --a------ C:\Windows\system32\perfc00C.d​at
 2008-01-24 13:11:39         0 d--h----- \ProgramData
 2008-01-24 12:33:37         0 d--hs---- \System Volume Information
 2008-01-24 09:17:22         0 d-------- C:\Program Files\Wanadoo
 2008-01-24 08:55:22 1072349184 --ahs---- \hiberfil.sys
 2008-01-24 08:55:21 1386283008 --ahs---- \pagefile.sys
 2008-01-23 23:33:53         0 d-------- C:\Program Files\Symantec
 2008-01-23 20:17:44         0 d-------- \ComboFix
 2008-01-23 20:11:09         0 d-------- C:\Program Files\MSN Messenger
 2008-01-23 18:07:42         0 d-------- \QooBox
 2008-01-23 18:07:05         0 dr------- \Program Files
 2008-01-22 21:04:44         0 d-------- C:\Program Files\Common Files
 2008-01-22 20:59:32       210 --a------ \VundoFix.txt
 2008-01-22 20:50:49         0 d-------- \VundoFix Backups
 2008-01-16 20:36:58     22016 --a------ \QUESTIONS1 EXAMEN SECOURISME.DOC
 2008-01-09 14:07:46         0 d-------- C:\Program Files\Windows Mail
 2008-01-09 13:43:04         0 d-------- C:\Program Files\Windows Sidebar
 2007-12-29 21:44:28         0 d-------- C:\Program Files\Common Files\Real
 2007-12-13 13:36:53         0 d-------- C:\Program Files\Google
 2007-12-13 13:36:37         0 d-------- C:\Program Files\Real
 2007-12-01 10:40:02         0 d-------- C:\Program Files\Windows Live Toolbar
 2007-11-22 17:33:19     11530 --a------ \error.log


 -- Registry Dump ------------------------------​------------------------------​---

 *Note* empty entries & legit default entries are not shown


 [HKEY_CURRENT_USER\Software\Mic​rosoft\Internet Explorer\Toolbar\WebBrowser]
 "{C4DFA6F3-1245-41E5-8E60-7D31​427F01B3}"= C:\Program Files\Video Add-on\ictmdl.dll [ ]

 [-HKEY_CLASSES_ROOT\CLSID\{C4DF​A6F3-1245-41E5-8E60-7D31427F01​B3}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-28 16:36]
 "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 19:57 C:\Windows\RtHDVCpl.exe]
 "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe" [2006-10-23 20:00]
 "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 21:33]
 "osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [2006-11-21 21:30]
 "Acer Tour"="" []
 "NvSvc"="C:\Windows\system32\n​vsvc.dll" [2006-12-20 21:50]
 "NvCplDaemon"="C:\Windows\syst​em32\NvCpl.dll" [2006-12-20 21:50]
 "NvMediaCenter"="C:\Windows\sy​stem32\NvMcTray.dll" [2006-12-20 21:50]
 "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe" [2007-01-02 17:58]
 "LManager"="C:\PROGRA~1\LAUNCH​~1\LManager.exe" [2006-12-21 01:02]
 "eRecoveryService"="" []
 "WarReg_PopUp"="C:\Acer\WR_Pop​Up\WarReg_PopUp.exe" [2006-11-05 21:48]
 "Acer Tour Reminder"="C:\Acer\AcerTour\Re​minder.exe" [2007-01-14 19:38]
 "WOOWATCH"="C:\PROGRA~1\Wanado​o\Watch.exe" [2004-08-23 14:49]
 "WOOTASKBARICON"="C:\PROGRA~1\​Wanadoo\GestMaj.exe" [2004-10-14 16:55]
 "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" [2007-03-12 10:22]
 "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched​.exe" [2007-12-29 21:43]
 "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-28 05:17]
 "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27]
 "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22]
 "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-23 11:38]

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 13:42]
 "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" [2005-08-11 15:30]
 "Acer Tour Reminder"="" []
 "ehTray.exe"="C:\Windows\ehome​\ehTray.exe" [2006-11-02 13:35]
 "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
 "swg"="C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe" [2007-12-13 13:36]
 "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\runservices]
 "FTRTSVC"=C:\Windows\System32\​FTRTSVC.exe

 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Startup\
 Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
 Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-10 11:29:21]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\policies\system]
 "ConsentPromptBehaviorAdmin"=2 (0x2)

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\windows]
 "appinit_dlls"=eNetHook.dll

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\AppInfo]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\KeyIso]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\NTDS]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\ProfSvc]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\sacsvr]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\SWPRV]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\TabletInputService]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\TBS]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\TrustedInstaller]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\VDS]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\volmgr.sys]
 @="Driver"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\volmgrx.sys]
 @="Driver"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{533C5B84-EC70-11D2-9​505-00C04F79DEAF}]
 @="Volume shadow copy"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{6BDD1FC1-810F-11D0-B​EC7-08002BE2092F}]
 @="IEEE 1394 Bus host controllers"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{D48179BE-EC20-11D1-B​6B8-00C04FA372A7}]
 @="SBP2 IEEE 1394 Devices"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{D94EE5D8-D189-4994-8​3D2-F68D7D41B0E6}]
 @="SecurityDevices"

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\svchost]
 LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

 *Newly Created Service* - COMHOST

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
 C:\Windows\system32\unregmp2.e​xe /ShowWMP

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
 %SystemRoot%\system32\unregmp2​.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



 -- End of Deckard's System Scanner: finished at 2008-01-24 17:36:26 ------------


 Deckard's System Scanner v20071014.68
 Extra logfile - please post this as an attachment with your post.
 ------------------------------​------------------------------​--------------------

 -- System Information ------------------------------​----------------------------

 Microsoft® Windows Vista™ Édition Familiale Premium  (build 6000)
 Architecture: X86; Language: French

 CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-52
 Percentage of Memory in Use: 70%
 Physical Memory (total/avail): 1022.06 MiB / 296.77 MiB
 Pagefile Memory (total/avail): 2293.74 MiB / 951.36 MiB
 Virtual Memory (total/avail): 2047.88 MiB / 1928.29 MiB

 C: is Fixed (NTFS) - 70.62 GiB total, 46.61 GiB free.
 D: is Fixed (NTFS) - 70.61 GiB total, 70.52 GiB free.
 E: is CDROM (No Media)

 \\.\PHYSICALDRIVE0 - Hitachi HTS541616J9S SCSI Disk Device - 149.05 GiB - 3 partitions
  \PARTITION0 - Unknown - 7.81 GiB
  \PARTITION1 (bootable) - Système de fichiers installable - 70.62 GiB - C:
  \PARTITION2 - Système de fichiers installable - 70.61 GiB - D:



 -- Security Center ------------------------------​------------------------------​-

 AUOptions is scheduled to auto-install.
 Windows Internal Firewall is disabled.

 FW: Norton Internet Security v2007 (Symantec Corporation) Disabled
 FW: ZoneAlarm Firewall v7.1.099.000 (Check Point, LTD.)
 AV: Avira AntiVir PersonalEdition v 7.0.2.39
 (Avira GmbH)
 AV: Norton Internet Security v2007 (Symantec Corporation) Outdated
 AS: Avira AntiVir PersonalEdition v 7.0.2.39
 (Avira GmbH)
 AS: Spybot - Search and Destroy v1.0.0.4 (Safer Networking Ltd.)
 AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Outdated
 AS: Norton Internet Security v2007 (Symantec Corporation) Outdated

 [HKLM\System\CurrentControlSet\​Services\SharedAccess\Paramete​rs\FirewallPolicy\DomainProfil​e\AuthorizedApplications\List]

 [HKLM\System\CurrentControlSet\​Services\SharedAccess\Paramete​rs\FirewallPolicy\StandardProf​ile\AuthorizedApplications\Lis​t]


 -- Environment Variables ------------------------------​-------------------------

 ALLUSERSPROFILE=C:\ProgramData
 APPDATA=C:\Users\olivier\AppDa​ta\Roaming
 CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJav​a.zip
 CommonProgramFiles=C:\Program Files\Common Files
 COMPUTERNAME=PC-PORTABLE
 ComSpec=C:\Windows\system32\cm​d.exe
 FP_NO_HOST_CHECK=NO
 HOMEDRIVE=C:
 HOMEPATH=\Users\olivier
 LOCALAPPDATA=C:\Users\olivier\​AppData\Local
 LOGONSERVER=\\PC-PORTABLE
 NUMBER_OF_PROCESSORS=2
 OS=Windows_NT
 Path=C:\Windows\system32;C:\Wi​ndows;C:\Windows\System32\Wbem​;C:\Program Files\QuickTime\QTSystem\
 PATHEXT=.COM;.EXE;.BAT;.CMD;.V​BS;.VBE;.JS;.JSE;.WSF;.WSH;.MS​C
 PROCESSOR_ARCHITECTURE=x86
 PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
 PROCESSOR_LEVEL=15
 PROCESSOR_REVISION=4802
 ProgramData=C:\ProgramData
 ProgramFiles=C:\Program Files
 PROMPT=$P$G
 PUBLIC=C:\Users\Public
 QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJav​a.zip
 SystemDrive=C:
 SystemRoot=C:\Windows
 TEMP=C:\Users\olivier\AppData\​Local\Temp
 TMP=C:\Users\olivier\AppData\L​ocal\Temp
 tvdumpflags=8
 USERDOMAIN=PC-portable
 USERNAME=olivier
 USERPROFILE=C:\Users\olivier
 windir=C:\Windows


 -- User Profiles ------------------------------​------------------------------​---

 olivier


 -- Add/Remove Programs ------------------------------​---------------------------

 --> C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D​8-9D75-000129760D75}\setup.exe​"  -uninstall
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447​A-84BD-C6B88C392C3A}\setup.exe​"  -uninstall
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D​9-9D77-000129760D75}\setup.exe​"  -uninstall
 ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CC​F359BAC07}
 Acer Arcade Deluxe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B7​8-8DE1-AEBE7958FA37}\setup.exe​"  -uninstall
 Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDSns​tHelper.exe -Operation UNINSTALL
 Acer eLock Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC​2-9B01-5BC5BD46B0B3}\setup.exe​" -l0x40c  -removeonly
 Acer Empowering Technology --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-498​7-BD9E-A076E2848EE2}\setup.exe​" -l0x40c  -removeonly
 Acer eNet Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D2​0-B613-EE62C79927CC}\setup.exe​" -l0x40c  -removeonly
 Acer ePower Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413​D-83D1-99294BF6C74F}\setup.exe​" -l0x40c  -removeonly
 Acer ePresentation Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-405​6-ACBF-4377F4A88E2A}\setup.exe​" -l0x40c  -removeonly
 Acer eSettings Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C​6-9098-3C9543A412F0}\setup.exe​" -l0x40c  -removeonly
 Acer GridVista --> C:\Windows\UnInst32.exe GridV.UNI
 Acer Mobility Center Plug-In --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467​B-AC34-183FCB5D4335}\setup.exe​" -l0x40c  -removeonly
 Acer OrbiCam --> C:\Program Files\InstallShield Installation Information\{DD1DED37-2486-4F5​6-8F89-56AA814003F5}\Setup.exe -runfromtemp -l0x040c -removeonly
 Acer OrbiCam --> Rundll32.exe BisonR07.dll,WinMainRmv
 Acer ScreenSaver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F​5-9C80-78B62E05F9BC}\setup.exe​" -l0x9  -removeonly
 Acer Tour --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-488​2-9BE8-9F0B004ECA35}\setup.exe​" -l0x40c  -removeonly
 Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6F​D3C28D1EF}
 Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70​000000000}
 AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634​EEFE32C1B}
 Apple Mobile Device Support --> MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219​B064813F4}
 Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387​BB172F0A4}
 AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A​8066251CA}
 Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
 ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AAB​F370282D3}
 CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
 CCPlayer --> C:\Windows\unvise32.exe C:\Program Files\CCPlayer\uninstalCCPlaye​r.log
 Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBF​CAE852976}
 EPSON-Drucker-Software --> C:\Windows\system32\spool\DRIV​ERS\W32X86\3\EPUPDATE.EXE /R
 EPSON Attach To Email --> C:\Program Files\Common Files\InstallShield\Driver\8\I​ntel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-589​50CAF05E5} /l1033 ADDREMOVEDLG
 EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D5​9-87BD-950616D6E857}\SETUP.EXE​" -l0x40c -UnInstall
 EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9​B-BB31-0D4DB2BA1312}\SETUP.EXE​" -l0x40c UNINST
 EPSON File Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F​6-ADE6-2C136734C96B}\Setup.exe​" -l0x40c UNINST
 EPSON Scan --> C:\Program Files\epson\escndv\setup\setup​.exe /r
 EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E4​2-84B1-6B4ACB83AC64}\Setup.exe​" -l0x40c -u
 EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F8​8-B3FD-7F449C1EBF32}\SETUP.EXE​" -l0x40c -anything
 ESDX6000_CX5900 Guide util. --> C:\Program Files\EPSON\TPMANUAL\ESDX6000_​CX5900\USE_G\DOCUNINS.EXE
 Gestionnaire Internet --> C:\PROGRA~1\Wanadoo\uninstall.​exe
 Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C​4EF0CFA29}
 Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dl​l"
 HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e" /uninstall
 IE Custom Tools --> "C:\Program Files\Video Add-on\ictun.exe"
 IE Safety Features --> "C:\Program Files\Video Add-on\isfun.exe"
 Information Center --> "C:\Program Files\Video Add-on\icun.exe"
 iTunes --> MsiExec.exe /I{B85C4D19-6CEB-48CF-BD98-C88​7AC8C6F94}
 Launch Manager --> C:\Windows\UnInst32.exe LManager.UNI
 livebox --> C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6​F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
 LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSET​UP.EXE" /U
 LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98A​B1F1249C8}
 Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\swflash.inf,Def​aultUninstall,5
 Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86F​FD98EC929}
 Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-015​0048383C9}
 Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B25​85E8E76B7}
 MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D3​4DB8EAF69}
 MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-696​9D703A9EF}
 MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3D​E528246EF}
 MultiMedia Software --> C:\Program Files\Video Add-on\uninst.exe
 Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C​2106332E0}
 Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D​0A5EAE164}
 Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-520​03DA1E05A}
 Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29A​E6D9D2B34}
 Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71B​D20580E1B}
 Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5​A031F2B3B}
 Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1​D58A01555}
 Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C4​9E16A4F43}
 Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F​-41f3-87C5-2B5A031F2B3B}_10_1_​0_26\{5AA2CD16-706F-41f3-87C5-​2B5A031F2B3B}.exe" /X
 Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5D​EDFB7CCA8}
 NTI Backup NOW! 4.7 --> "C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-408​9-8825-55DE4B366799}\setup.exe​" -removeonly
 NTI CD & DVD-Maker --> C:\PROGRA~1\COMMON~1\INSTAL~1\​Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE7​48FA44EC2} /l1036 CDM7
 NVIDIA Drivers --> C:\Windows\system32\NVUNINST.E​XE UninstallGUI
 PIF DESIGNER --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46F​D-B1F1-0C86DA40E443}\SETUP.EXE​" -l0x40c anything
 PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D​6-97FD-0050BACBF861}\Setup.exe​"  -uninstall
 QuickTime --> MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B10​66D6B74AA}
 RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4ED​E-8A7C-958108FE7DBC}\setup.exe​" -l0x9  -removeonly
 Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1​D01A8DA56}
 Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL​.dll",standAloneUninstall
 Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F7​6-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x0409
 Undelete Plus 2.93 --> "C:\Program Files\fdrlab\Undelete Plus\unins000.exe"
 USB Storage Driver --> DelUIDrv.exe
 Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7​404F44411}
 Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D​7806360D7}
 Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA9​5A77D0D}
 Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3AB​A95A77D0D}
 ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


 -- Application Event Log ------------------------------​-------------------------

 Event Record #/Type22570 / Error
 Event Submitted/Written: 01/24/2008 00:53:20 PM
 Event ID/Source: 1000 / Application Error
 Event Description:
 Application défaillante Explorer.EXE, version 6.0.6000.16549, horodatage 0x46d230c5, module défaillant flvrender.dll, version 10.0.0.7491, horodatage 0x473248c4, code d’exception 0xc0000005, décalage d’erreur 0x00003f67,
 ID du processus 0xe68, heure de début de l’application 0xExplorer.EXE0.

 Event Record #/Type22553 / Success
 Event Submitted/Written: 01/24/2008 10:59:45 AM
 Event ID/Source: 12001 / usnjsvc
 Event Description:
 The Messenger Sharing USN Journal Reader service started successfully.

 Event Record #/Type22535 / Success
 Event Submitted/Written: 01/24/2008 08:56:20 AM
 Event ID/Source: 5617 / WinMgmt
 Event Description:


 Event Record #/Type22532 / Success
 Event Submitted/Written: 01/24/2008 08:56:18 AM
 Event ID/Source: 5615 / WinMgmt
 Event Description:


 Event Record #/Type22512 / Success
 Event Submitted/Written: 01/24/2008 08:55:35 AM
 Event ID/Source: 902 / Software Licensing Service
 Event Description:
 Le service de gestion des licences du logiciel a démarré.



 -- Security Event Log ------------------------------​----------------------------

 No Errors/Warnings found.


 -- System Event Log ------------------------------​------------------------------

 Event Record #/Type60600 / Warning
 Event Submitted/Written: 01/24/2008 05:30:46 PM
 Event ID/Source: 134 / W32Time
 Event Description:
 NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)

 Event Record #/Type60578 / Error
 Event Submitted/Written: 01/24/2008 03:27:49 PM
 Event ID/Source: 7011 / Service Control Manager
 Event Description:
 30000Symantec Core LC

 Event Record #/Type60565 / Warning
 Event Submitted/Written: 01/24/2008 01:15:56 PM
 Event ID/Source: 57 / volmgr
 Event Description:
 Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.

 Event Record #/Type60564 / Warning
 Event Submitted/Written: 01/24/2008 01:14:47 PM
 Event ID/Source: 57 / volmgr
 Event Description:
 Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.

 Event Record #/Type60468 / Error
 Event Submitted/Written: 01/24/2008 08:56:21 AM
 Event ID/Source: 7000 / Service Control Manager
 Event Description:
 XAudioService%%2



 -- End of Deckard's System Scanner: finished at 2008-01-24 17:36:26 ------------


oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/01/2008 à 17:39:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Deckard's System Scanner v20071014.68
 Run by olivier on 2008-01-24 17:32:53
 Computer is in Normal Mode.
 ------------------------------​------------------------------​--------------------

 -- Last 5 Restore Point(s) --
 10: 2008-01-24 11:33:11 UTC - RP224 - Point de contrôle planifié
 9: 2008-01-23 17:02:06 UTC - RP223 - ComboFix created restore point
 8: 2008-01-23 10:32:26 UTC - RP222 - AntiVir PersonalEdition Classic - 23/01/2008 11:32
 7: 2008-01-22 20:05:20 UTC - RP220 - Installation du package de pilote logiciel : Apple, Inc. Contrôleurs de bus USB
 6: 2008-01-22 18:04:33 UTC - RP219 - Installation du package de pilote logiciel : Zone Labs, a Check Point company Service réseau


 -- First Restore Point --
 1: 2008-01-11 11:22:41 UTC - RP214 - Point de contrôle planifié


 Backed up registry hives.
 Performed disk cleanup.

 Total Physical Memory: 1023 MiB (1024 MiB recommended).


 -- HijackThis (run as olivier.exe) ------------------------------​---------------

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 17:34, on 2008-01-24
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v7.00 (7.00.6000.16575)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Dwm.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
 C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\MSN Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Windows\ehome\ehmsas.exe
 C:\Program Files\Wanadoo\TaskBarIcon.exe
 C:\Users\olivier\AppData\Local​\Temp\RtkBtMnt.exe
 C:\Windows\Explorer.exe
 C:\Program Files\Internet Explorer\ieuser.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
 C:\Users\olivier\Desktop\dss.e​xe
 C:\Windows\system32\conime.exe
 C:\PROGRA~1\TRENDM~1\HIJACK~1\​olivier.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.orange.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A5​3123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\Np​pBho.dll
 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\Program Files\Real\RealPlayer\rpbrowse​rrecordplugin.dll
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar1.dl​l
 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027​CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60​AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar1.dl​l
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
 O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
 O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.ex​e TaskBarIcon.exe
 O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\AlertEng.d​ll"
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
 O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.ex​e
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" -startup
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
 O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF27​8BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
 O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284​D0FE16E} - http://www.orange.fr (file missing) (HKCU)
 O13 - Gopher Prefix:
 O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488​ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edge [...] plugin.cab
 O20 - AppInit_DLLs: eNetHook.dll
 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
 O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
 O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSSe​rvice.exe
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\​LUCOMS~1.EXE
 O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
 O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\v​smon.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xa​udio.exe (file missing)

 --
 End of file - 11498 bytes

 -- File Associations ------------------------------​-----------------------------

 .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*


 -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 R0 UBHelper - c:\windows\system32\drivers\ub​helper.sys
 R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\nt​idrvr.sys <Not Verified; NewTech Infosystems, Inc.; >


 -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>
 R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledevices​ervice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
 R2 eLockService (eLock Service) - c:\acer\empowering technology\elock\service\elock​serv.exe <Not Verified; Acer Inc.; Acer eLock Management>
 R2 eNet Service - c:\acer\empowering technology\enet\enet service.exe <Not Verified; Acer Inc.; Acer eNet Management>
 R2 eRecoveryService (eRecovery Service) - c:\acer\empowering technology\erecovery\erecovery​service.exe <Not Verified; Acer Inc.; eRecoveryService>
 R2 eSettingsService (eSettings Service) - c:\acer\empowering technology\esettings\service\c​apuserv.exe <Not Verified; ; Service>
 R2 MobilityService - c:\acer\mobility center\mobilityservice.exe -p
 R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>
 R2 WMIService (ePower Service) - c:\acer\empowering technology\epower\epowersvc.ex​e <Not Verified; acer; Acer ePower Management>

 S2 XAudioService - c:\windows\system32\drivers\xa​udio.exe (file missing)


 -- Device Manager: Disabled ------------------------------​----------------------

 No disabled devices found.


 -- Scheduled Tasks ------------------------------​------------------------------​-

 2008-01-24 16:38:01       256 --a------ C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
 2008-01-11 20:52:53       528 --a------ C:\Windows\Tasks\Norton Internet Security - Analyse système complète - olivier.job


 -- Files created between 2007-12-24 and 2008-01-24 -----------------------------

 2008-01-24 13:11:39         0 d-------- \ProgramData\NVIDIA
 2008-01-23 11:33:23         0 d-------- C:\Program Files\Avira
 2008-01-23 11:33:23         0 d-------- \ProgramData\Avira
 2008-01-23 11:18:09         0 d-------- C:\Program Files\Trend Micro
 2008-01-22 21:13:00         0 d-------- C:\Program Files\iPod
 2008-01-22 21:12:30         0 d-------- C:\Program Files\iTunes
 2008-01-22 21:10:35         0 d-------- C:\Program Files\QuickTime
 2008-01-22 21:10:26         0 d-------- \ProgramData\Apple Computer
 2008-01-22 21:04:44         0 d-------- C:\Program Files\Common Files\Apple
 2008-01-22 20:57:59         0 d-------- C:\Program Files\AntiSpyGolden 5.2
 2008-01-22 20:50:49         0 d-------- C:\VundoFix Backups
 2008-01-22 19:09:04         0 d-------- C:\Windows\system32\ZoneLabs
 2008-01-22 19:08:55         0 d-------- \ProgramData\CheckPoint
 2008-01-22 19:02:45         0 d-------- C:\Windows\Internet Logs
 2008-01-22 18:55:54         0 d-------- C:\Program Files\CCleaner
 2008-01-22 18:50:59         0 d-------- C:\Program Files\Lavasoft
 2008-01-22 18:50:58         0 d-------- \ProgramData\Lavasoft
 2008-01-22 18:49:20         0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
 2008-01-22 17:54:55         0 d-------- C:\Program Files\Alwil Software
 2008-01-21 18:03:49         0 d-------- C:\Program Files\Apple Software Update
 2008-01-21 18:03:49         0 d-------- \ProgramData\Apple
 2008-01-16 20:34:51         0 d-------- C:\Program Files\fdrlab
 2007-12-29 21:44:40         0 d-------- C:\Program Files\Common Files\xing shared


 -- Find3M Report ------------------------------​------------------------------​---

 2008-01-24 17:32:28         0 d-------- \Deckard
 2008-01-24 13:23:51         0 d-a------ \Windows
 2008-01-24 13:15:17    690832 --a------ C:\Windows\system32\perfh00C.d​at
 2008-01-24 13:15:17    117572 --a------ C:\Windows\system32\perfc00C.d​at
 2008-01-24 13:11:39         0 d--h----- \ProgramData
 2008-01-24 12:33:37         0 d--hs---- \System Volume Information
 2008-01-24 09:17:22         0 d-------- C:\Program Files\Wanadoo
 2008-01-24 08:55:22 1072349184 --ahs---- \hiberfil.sys
 2008-01-24 08:55:21 1386283008 --ahs---- \pagefile.sys
 2008-01-23 23:33:53         0 d-------- C:\Program Files\Symantec
 2008-01-23 20:17:44         0 d-------- \ComboFix
 2008-01-23 20:11:09         0 d-------- C:\Program Files\MSN Messenger
 2008-01-23 18:07:42         0 d-------- \QooBox
 2008-01-23 18:07:05         0 dr------- \Program Files
 2008-01-22 21:04:44         0 d-------- C:\Program Files\Common Files
 2008-01-22 20:59:32       210 --a------ \VundoFix.txt
 2008-01-22 20:50:49         0 d-------- \VundoFix Backups
 2008-01-16 20:36:58     22016 --a------ \QUESTIONS1 EXAMEN SECOURISME.DOC
 2008-01-09 14:07:46         0 d-------- C:\Program Files\Windows Mail
 2008-01-09 13:43:04         0 d-------- C:\Program Files\Windows Sidebar
 2007-12-29 21:44:28         0 d-------- C:\Program Files\Common Files\Real
 2007-12-13 13:36:53         0 d-------- C:\Program Files\Google
 2007-12-13 13:36:37         0 d-------- C:\Program Files\Real
 2007-12-01 10:40:02         0 d-------- C:\Program Files\Windows Live Toolbar
 2007-11-22 17:33:19     11530 --a------ \error.log


 -- Registry Dump ------------------------------​------------------------------​---

 *Note* empty entries & legit default entries are not shown


 [HKEY_CURRENT_USER\Software\Mic​rosoft\Internet Explorer\Toolbar\WebBrowser]
 "{C4DFA6F3-1245-41E5-8E60-7D31​427F01B3}"= C:\Program Files\Video Add-on\ictmdl.dll [ ]

 [-HKEY_CLASSES_ROOT\CLSID\{C4DF​A6F3-1245-41E5-8E60-7D31427F01​B3}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-28 16:36]
 "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 19:57 C:\Windows\RtHDVCpl.exe]
 "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe" [2006-10-23 20:00]
 "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 21:33]
 "osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [2006-11-21 21:30]
 "Acer Tour"="" []
 "NvSvc"="C:\Windows\system32\n​vsvc.dll" [2006-12-20 21:50]
 "NvCplDaemon"="C:\Windows\syst​em32\NvCpl.dll" [2006-12-20 21:50]
 "NvMediaCenter"="C:\Windows\sy​stem32\NvMcTray.dll" [2006-12-20 21:50]
 "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe" [2007-01-02 17:58]
 "LManager"="C:\PROGRA~1\LAUNCH​~1\LManager.exe" [2006-12-21 01:02]
 "eRecoveryService"="" []
 "WarReg_PopUp"="C:\Acer\WR_Pop​Up\WarReg_PopUp.exe" [2006-11-05 21:48]
 "Acer Tour Reminder"="C:\Acer\AcerTour\Re​minder.exe" [2007-01-14 19:38]
 "WOOWATCH"="C:\PROGRA~1\Wanado​o\Watch.exe" [2004-08-23 14:49]
 "WOOTASKBARICON"="C:\PROGRA~1\​Wanadoo\GestMaj.exe" [2004-10-14 16:55]
 "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" [2007-03-12 10:22]
 "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched​.exe" [2007-12-29 21:43]
 "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-28 05:17]
 "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27]
 "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22]
 "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-23 11:38]

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 13:42]
 "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" [2005-08-11 15:30]
 "Acer Tour Reminder"="" []
 "ehTray.exe"="C:\Windows\ehome​\ehTray.exe" [2006-11-02 13:35]
 "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
 "swg"="C:\Program Files\Google\GoogleToolbarNoti​fier\1.2.1128.5462\GoogleToolb​arNotifier.exe" [2007-12-13 13:36]
 "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\runservices]
 "FTRTSVC"=C:\Windows\System32\​FTRTSVC.exe

 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Startup\
 Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
 Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-10 11:29:21]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\policies\system]
 "ConsentPromptBehaviorAdmin"=2 (0x2)

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\windows]
 "appinit_dlls"=eNetHook.dll

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\AppInfo]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\KeyIso]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\NTDS]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\ProfSvc]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\sacsvr]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\SWPRV]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\TabletInputService]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\TBS]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\TrustedInstaller]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\VDS]
 @="Service"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\volmgr.sys]
 @="Driver"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\volmgrx.sys]
 @="Driver"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{533C5B84-EC70-11D2-9​505-00C04F79DEAF}]
 @="Volume shadow copy"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{6BDD1FC1-810F-11D0-B​EC7-08002BE2092F}]
 @="IEEE 1394 Bus host controllers"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{D48179BE-EC20-11D1-B​6B8-00C04FA372A7}]
 @="SBP2 IEEE 1394 Devices"

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\{D94EE5D8-D189-4994-8​3D2-F68D7D41B0E6}]
 @="SecurityDevices"

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\svchost]
 LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

 *Newly Created Service* - COMHOST

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
 C:\Windows\system32\unregmp2.e​xe /ShowWMP

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
 %SystemRoot%\system32\unregmp2​.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



 -- End of Deckard's System Scanner: finished at 2008-01-24 17:36:26 ------------


 Deckard's System Scanner v20071014.68
 Extra logfile - please post this as an attachment with your post.
 ------------------------------​------------------------------​--------------------

 -- System Information ------------------------------​----------------------------

 Microsoft® Windows Vista™ Édition Familiale Premium  (build 6000)
 Architecture: X86; Language: French

 CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-52
 Percentage of Memory in Use: 70%
 Physical Memory (total/avail): 1022.06 MiB / 296.77 MiB
 Pagefile Memory (total/avail): 2293.74 MiB / 951.36 MiB
 Virtual Memory (total/avail): 2047.88 MiB / 1928.29 MiB

 C: is Fixed (NTFS) - 70.62 GiB total, 46.61 GiB free.
 D: is Fixed (NTFS) - 70.61 GiB total, 70.52 GiB free.
 E: is CDROM (No Media)

 \\.\PHYSICALDRIVE0 - Hitachi HTS541616J9S SCSI Disk Device - 149.05 GiB - 3 partitions
  \PARTITION0 - Unknown - 7.81 GiB
  \PARTITION1 (bootable) - Système de fichiers installable - 70.62 GiB - C:
  \PARTITION2 - Système de fichiers installable - 70.61 GiB - D:



 -- Security Center ------------------------------​------------------------------​-

 AUOptions is scheduled to auto-install.
 Windows Internal Firewall is disabled.

 FW: Norton Internet Security v2007 (Symantec Corporation) Disabled
 FW: ZoneAlarm Firewall v7.1.099.000 (Check Point, LTD.)
 AV: Avira AntiVir PersonalEdition v 7.0.2.39
 (Avira GmbH)
 AV: Norton Internet Security v2007 (Symantec Corporation) Outdated
 AS: Avira AntiVir PersonalEdition v 7.0.2.39
 (Avira GmbH)
 AS: Spybot - Search and Destroy v1.0.0.4 (Safer Networking Ltd.)
 AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Outdated
 AS: Norton Internet Security v2007 (Symantec Corporation) Outdated

 [HKLM\System\CurrentControlSet\​Services\SharedAccess\Paramete​rs\FirewallPolicy\DomainProfil​e\AuthorizedApplications\List]

 [HKLM\System\CurrentControlSet\​Services\SharedAccess\Paramete​rs\FirewallPolicy\StandardProf​ile\AuthorizedApplications\Lis​t]


 -- Environment Variables ------------------------------​-------------------------

 ALLUSERSPROFILE=C:\ProgramData
 APPDATA=C:\Users\olivier\AppDa​ta\Roaming
 CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJav​a.zip
 CommonProgramFiles=C:\Program Files\Common Files
 COMPUTERNAME=PC-PORTABLE
 ComSpec=C:\Windows\system32\cm​d.exe
 FP_NO_HOST_CHECK=NO
 HOMEDRIVE=C:
 HOMEPATH=\Users\olivier
 LOCALAPPDATA=C:\Users\olivier\​AppData\Local
 LOGONSERVER=\\PC-PORTABLE
 NUMBER_OF_PROCESSORS=2
 OS=Windows_NT
 Path=C:\Windows\system32;C:\Wi​ndows;C:\Windows\System32\Wbem​;C:\Program Files\QuickTime\QTSystem\
 PATHEXT=.COM;.EXE;.BAT;.CMD;.V​BS;.VBE;.JS;.JSE;.WSF;.WSH;.MS​C
 PROCESSOR_ARCHITECTURE=x86
 PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
 PROCESSOR_LEVEL=15
 PROCESSOR_REVISION=4802
 ProgramData=C:\ProgramData
 ProgramFiles=C:\Program Files
 PROMPT=$P$G
 PUBLIC=C:\Users\Public
 QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJav​a.zip
 SystemDrive=C:
 SystemRoot=C:\Windows
 TEMP=C:\Users\olivier\AppData\​Local\Temp
 TMP=C:\Users\olivier\AppData\L​ocal\Temp
 tvdumpflags=8
 USERDOMAIN=PC-portable
 USERNAME=olivier
 USERPROFILE=C:\Users\olivier
 windir=C:\Windows


 -- User Profiles ------------------------------​------------------------------​---

 olivier


 -- Add/Remove Programs ------------------------------​---------------------------

 --> C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D​8-9D75-000129760D75}\setup.exe​"  -uninstall
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447​A-84BD-C6B88C392C3A}\setup.exe​"  -uninstall
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D​9-9D77-000129760D75}\setup.exe​"  -uninstall
 ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CC​F359BAC07}
 Acer Arcade Deluxe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B7​8-8DE1-AEBE7958FA37}\setup.exe​"  -uninstall
 Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDSns​tHelper.exe -Operation UNINSTALL
 Acer eLock Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC​2-9B01-5BC5BD46B0B3}\setup.exe​" -l0x40c  -removeonly
 Acer Empowering Technology --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-498​7-BD9E-A076E2848EE2}\setup.exe​" -l0x40c  -removeonly
 Acer eNet Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D2​0-B613-EE62C79927CC}\setup.exe​" -l0x40c  -removeonly
 Acer ePower Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413​D-83D1-99294BF6C74F}\setup.exe​" -l0x40c  -removeonly
 Acer ePresentation Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-405​6-ACBF-4377F4A88E2A}\setup.exe​" -l0x40c  -removeonly
 Acer eSettings Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C​6-9098-3C9543A412F0}\setup.exe​" -l0x40c  -removeonly
 Acer GridVista --> C:\Windows\UnInst32.exe GridV.UNI
 Acer Mobility Center Plug-In --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467​B-AC34-183FCB5D4335}\setup.exe​" -l0x40c  -removeonly
 Acer OrbiCam --> C:\Program Files\InstallShield Installation Information\{DD1DED37-2486-4F5​6-8F89-56AA814003F5}\Setup.exe -runfromtemp -l0x040c -removeonly
 Acer OrbiCam --> Rundll32.exe BisonR07.dll,WinMainRmv
 Acer ScreenSaver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F​5-9C80-78B62E05F9BC}\setup.exe​" -l0x9  -removeonly
 Acer Tour --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-488​2-9BE8-9F0B004ECA35}\setup.exe​" -l0x40c  -removeonly
 Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6F​D3C28D1EF}
 Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70​000000000}
 AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634​EEFE32C1B}
 Apple Mobile Device Support --> MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219​B064813F4}
 Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387​BB172F0A4}
 AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A​8066251CA}
 Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
 ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AAB​F370282D3}
 CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
 CCPlayer --> C:\Windows\unvise32.exe C:\Program Files\CCPlayer\uninstalCCPlaye​r.log
 Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBF​CAE852976}
 EPSON-Drucker-Software --> C:\Windows\system32\spool\DRIV​ERS\W32X86\3\EPUPDATE.EXE /R
 EPSON Attach To Email --> C:\Program Files\Common Files\InstallShield\Driver\8\I​ntel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-589​50CAF05E5} /l1033 ADDREMOVEDLG
 EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D5​9-87BD-950616D6E857}\SETUP.EXE​" -l0x40c -UnInstall
 EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9​B-BB31-0D4DB2BA1312}\SETUP.EXE​" -l0x40c UNINST
 EPSON File Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F​6-ADE6-2C136734C96B}\Setup.exe​" -l0x40c UNINST
 EPSON Scan --> C:\Program Files\epson\escndv\setup\setup​.exe /r
 EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E4​2-84B1-6B4ACB83AC64}\Setup.exe​" -l0x40c -u
 EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F8​8-B3FD-7F449C1EBF32}\SETUP.EXE​" -l0x40c -anything
 ESDX6000_CX5900 Guide util. --> C:\Program Files\EPSON\TPMANUAL\ESDX6000_​CX5900\USE_G\DOCUNINS.EXE
 Gestionnaire Internet --> C:\PROGRA~1\Wanadoo\uninstall.​exe
 Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C​4EF0CFA29}
 Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dl​l"
 HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e" /uninstall
 IE Custom Tools --> "C:\Program Files\Video Add-on\ictun.exe"
 IE Safety Features --> "C:\Program Files\Video Add-on\isfun.exe"
 Information Center --> "C:\Program Files\Video Add-on\icun.exe"
 iTunes --> MsiExec.exe /I{B85C4D19-6CEB-48CF-BD98-C88​7AC8C6F94}
 Launch Manager --> C:\Windows\UnInst32.exe LManager.UNI
 livebox --> C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6​F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
 LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSET​UP.EXE" /U
 LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98A​B1F1249C8}
 Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\swflash.inf,Def​aultUninstall,5
 Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86F​FD98EC929}
 Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-015​0048383C9}
 Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B25​85E8E76B7}
 MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D3​4DB8EAF69}
 MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-696​9D703A9EF}
 MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3D​E528246EF}
 MultiMedia Software --> C:\Program Files\Video Add-on\uninst.exe
 Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C​2106332E0}
 Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D​0A5EAE164}
 Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-520​03DA1E05A}
 Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29A​E6D9D2B34}
 Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71B​D20580E1B}
 Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5​A031F2B3B}
 Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1​D58A01555}
 Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C4​9E16A4F43}
 Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F​-41f3-87C5-2B5A031F2B3B}_10_1_​0_26\{5AA2CD16-706F-41f3-87C5-​2B5A031F2B3B}.exe" /X
 Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5D​EDFB7CCA8}
 NTI Backup NOW! 4.7 --> "C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-408​9-8825-55DE4B366799}\setup.exe​" -removeonly
 NTI CD & DVD-Maker --> C:\PROGRA~1\COMMON~1\INSTAL~1\​Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE7​48FA44EC2} /l1036 CDM7
 NVIDIA Drivers --> C:\Windows\system32\NVUNINST.E​XE UninstallGUI
 PIF DESIGNER --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46F​D-B1F1-0C86DA40E443}\SETUP.EXE​" -l0x40c anything
 PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D​6-97FD-0050BACBF861}\Setup.exe​"  -uninstall
 QuickTime --> MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B10​66D6B74AA}
 RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4ED​E-8A7C-958108FE7DBC}\setup.exe​" -l0x9  -removeonly
 Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1​D01A8DA56}
 Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL​.dll",standAloneUninstall
 Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F7​6-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x0409
 Undelete Plus 2.93 --> "C:\Program Files\fdrlab\Undelete Plus\unins000.exe"
 USB Storage Driver --> DelUIDrv.exe
 Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7​404F44411}
 Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D​7806360D7}
 Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA9​5A77D0D}
 Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3AB​A95A77D0D}
 ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


 -- Application Event Log ------------------------------​-------------------------

 Event Record #/Type22570 / Error
 Event Submitted/Written: 01/24/2008 00:53:20 PM
 Event ID/Source: 1000 / Application Error
 Event Description:
 Application défaillante Explorer.EXE, version 6.0.6000.16549, horodatage 0x46d230c5, module défaillant flvrender.dll, version 10.0.0.7491, horodatage 0x473248c4, code d’exception 0xc0000005, décalage d’erreur 0x00003f67,
 ID du processus 0xe68, heure de début de l’application 0xExplorer.EXE0.

 Event Record #/Type22553 / Success
 Event Submitted/Written: 01/24/2008 10:59:45 AM
 Event ID/Source: 12001 / usnjsvc
 Event Description:
 The Messenger Sharing USN Journal Reader service started successfully.

 Event Record #/Type22535 / Success
 Event Submitted/Written: 01/24/2008 08:56:20 AM
 Event ID/Source: 5617 / WinMgmt
 Event Description:


 Event Record #/Type22532 / Success
 Event Submitted/Written: 01/24/2008 08:56:18 AM
 Event ID/Source: 5615 / WinMgmt
 Event Description:


 Event Record #/Type22512 / Success
 Event Submitted/Written: 01/24/2008 08:55:35 AM
 Event ID/Source: 902 / Software Licensing Service
 Event Description:
 Le service de gestion des licences du logiciel a démarré.



 -- Security Event Log ------------------------------​----------------------------

 No Errors/Warnings found.


 -- System Event Log ------------------------------​------------------------------

 Event Record #/Type60600 / Warning
 Event Submitted/Written: 01/24/2008 05:30:46 PM
 Event ID/Source: 134 / W32Time
 Event Description:
 NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)

 Event Record #/Type60578 / Error
 Event Submitted/Written: 01/24/2008 03:27:49 PM
 Event ID/Source: 7011 / Service Control Manager
 Event Description:
 30000Symantec Core LC

 Event Record #/Type60565 / Warning
 Event Submitted/Written: 01/24/2008 01:15:56 PM
 Event ID/Source: 57 / volmgr
 Event Description:
 Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.

 Event Record #/Type60564 / Warning
 Event Submitted/Written: 01/24/2008 01:14:47 PM
 Event ID/Source: 57 / volmgr
 Event Description:
 Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.

 Event Record #/Type60468 / Error
 Event Submitted/Written: 01/24/2008 08:56:21 AM
 Event ID/Source: 7000 / Service Control Manager
 Event Description:
 XAudioService%%2



 -- End of Deckard's System Scanner: finished at 2008-01-24 17:36:26 ------------


merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 24/01/2008 à 18:11:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
1) Télécharge ToolsCleaner sur ton bureau.
 http://www.commentcamarche.net [...] nions.php3

 # Clique sur Recherche et laisse le scan agir ...
 # Clique sur Suppression pour finaliser.
 # Tu peux, si tu le souhaites, te servir des Options facultatives.
 # Clique sur Quitter pour obtenir le rapport.
 # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

 2) Fais un scan en linge avec BitDefender, avec internet explorer ! Sauvegarde tes musiques et photos, il arrive que BitDefender les supprime ;)

 http://www.bitdefender.fr/
 et copie colle le résultat ici
 * En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
 * Dans la nouvelle fenêtre, clique sur I agree
 * La fenêtre change encore, clique sur Click here to scan
 * Les signatures se chargent, etc.

 tuto en image

 http://pageperso.aol.fr/rginfo [...] fender.htm


 Poste-moi le rapport en entier ;)
 

(Publicité)
oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/01/2008 à 20:50:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Toolscleaner2 m'indique: Impossible de créer le fichier "C:\Tcleaner.txt" Accès refusé"

 Je poste quand même le résultat de la recherche:
 -->- Recherche:

 C:\Qoobox: trouvé !
 C:\Program Files\Trend Micro\HijackThis: trouvé !
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e: trouvé !
 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programmes\HijackThis: trouvé !
 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\HijackThis: trouvé !
 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\HijackThis\Hijac​kThis.lnk: trouvé !
 C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
 C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
 C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\Hijac​kThis.lnk: trouvé !

 ------------------------------​---
 -->- Suppression:

 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e: Erreur de suppression !
 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\HijackThis\Hijac​kThis.lnk: Erreur de suppression !
 C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\Hijac​kThis.lnk: Erreur de suppression !
 C:\Qoobox: Erreur de suppression !
 C:\Program Files\Trend Micro\HijackThis: Erreur de suppression !
 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programmes\HijackThis: Erreur de suppression !
 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\HijackThis: Erreur de suppression !
 C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: Erreur de suppression !
 C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: Erreur de suppression !

 Concernant BITDEFENDER, j'ai suivi le tuto mais une fenêtre nommée Bitdefender Online Scanner s'ouvre et dit:
 - Bitdefender n'a pas pu mettre à jour les définitions de virus.
 - Impossible d'analyser l'ordinateur contre les virus.

 Voilà, c'est un peu la galère, je rma déjà pas mal, en plus rien ne va, encore désolé!  :pfff:

merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 24/01/2008 à 22:13:33  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
1) Désactive ton antivirus Norton et télécharge et installe Antivir comme indiqué ici : http://mickael.barroux.free.fr [...] ntivir.php

 Lance un scan avec antivir en mode sans échec et poste-moi le résultat ;)

oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 25/01/2008 à 12:56:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour, voilà le résultat, Antivir a fait 6 détections:



 AntiVir PersonalEdition Classic
 Report file date: 2008-01-25  11:50

 Scanning for 1069367 virus strains and unwanted programs.

 Licensed to:      Avira AntiVir PersonalEdition Classic
 Serial number:    0000149996-ADJIE-0001
 Platform:         Windows Vista
 Windows version:  (plain)  [6.0.6000]
 Username:         olivier
 Computer name:    PC-PORTABLE

 Version information:
 BUILD.DAT    : 270           15603 Bytes  2007-09-19 13:32:00
 AVSCAN.EXE   : 7.0.6.1      290856 Bytes  2007-08-23 13:16:29
 AVSCAN.DLL   : 7.0.6.0       49192 Bytes  2007-08-16 12:23:51
 LUKE.DLL     : 7.0.5.3      147496 Bytes  2007-08-14 15:32:47
 LUKERES.DLL  : 7.0.6.1       10280 Bytes  2007-08-21 12:35:20
 ANTIVIR0.VDF : 6.40.0.0    11030528 Bytes  2007-07-18 14:27:15
 ANTIVIR1.VDF : 7.0.1.95    3367424 Bytes  2007-12-14 10:38:39
 ANTIVIR2.VDF : 7.0.2.0      948736 Bytes  2008-01-15 10:38:39
 ANTIVIR3.VDF : 7.0.2.46     403968 Bytes  2008-01-25 10:40:20
 AVEWIN32.DLL : 7.6.0.53    3211776 Bytes  2008-01-25 10:40:20
 AVWINLL.DLL  : 1.0.0.7       14376 Bytes  2007-02-26 10:36:26
 AVPREF.DLL   : 7.0.2.2       25640 Bytes  2007-07-18 07:39:17
 AVREP.DLL    : 7.0.0.1      155688 Bytes  2007-04-16 13:16:24
 AVPACK32.DLL : 7.6.0.3      360488 Bytes  2008-01-23 10:38:42
 AVREG.DLL    : 7.0.1.6       30760 Bytes  2007-07-18 07:17:06
 AVARKT.DLL   : 1.0.0.20     278568 Bytes  2007-08-28 12:26:33
 AVEVTLOG.DLL : 7.0.0.20      86056 Bytes  2007-07-18 07:10:18
 NETNT.DLL    : 7.0.0.0        7720 Bytes  2007-03-08 11:09:42
 RCIMAGE.DLL  : 7.0.1.30    2342952 Bytes  2007-08-07 12:38:13
 RCTEXT.DLL   : 7.0.62.0      86056 Bytes  2007-08-21 12:50:37
 SQLITE3.DLL  : 3.3.17.1     339968 Bytes  2007-07-23 09:37:21

 Configuration settings for the scan:
 Jobname.......................​...: Complete system scan
 Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
 Logging.......................​...: low
 Primary action...................: interactive
 Secondary action.................: ignore
 Scan master boot sector..........: off
 Scan boot sector.................: on
 Boot sectors.....................: D:,
 Scan memory......................: on
 Process scan.....................: on
 Scan registry....................: on
 Search for rootkits..............: off
 Scan all files...................: Intelligent file selection
 Scan archives....................: on
 Recursion depth..................: 20
 Smart extensions.................: on
 Macro heuristic..................: on
 File heuristic...................: medium

 Start of the scan: 2008-01-25  11:50

 The scan of running processes will be started
 Scan process 'avscan.exe' - '1' Module(s) have been scanned
 Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
 Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
 Scan process 'avcenter.exe' - '1' Module(s) have been scanned
 Scan process 'explorer.exe' - '1' Module(s) have been scanned
 Scan process 'svchost.exe' - '1' Module(s) have been scanned
 Scan process 'aawservice.exe' - '1' Module(s) have been scanned
 Scan process 'svchost.exe' - '1' Module(s) have been scanned
 Scan process 'svchost.exe' - '1' Module(s) have been scanned
 Scan process 'svchost.exe' - '1' Module(s) have been scanned
 Scan process 'svchost.exe' - '1' Module(s) have been scanned
 Scan process 'lsm.exe' - '1' Module(s) have been scanned
 Scan process 'lsass.exe' - '1' Module(s) have been scanned
 Scan process 'services.exe' - '1' Module(s) have been scanned
 Scan process 'winlogon.exe' - '1' Module(s) have been scanned
 Scan process 'wininit.exe' - '1' Module(s) have been scanned
 Scan process 'csrss.exe' - '1' Module(s) have been scanned
 Scan process 'csrss.exe' - '1' Module(s) have been scanned
 Scan process 'smss.exe' - '1' Module(s) have been scanned
 19 processes with 19 modules were scanned

 Start scanning boot sectors:
 Boot sector 'C:\'

[NOTE]      No virus was found!
 Boot sector 'D:\'

[NOTE]      No virus was found!

 Starting to scan the registry.
 The registry was scanned ( '26' files ).


 Starting the file scan:

 Begin scan in 'C:\' <ACER>
 C:\pagefile.sys

[WARNING]   The file could not be opened!
 C:\QooBox\Quarantine\C\Program Files\Helper\1201016072.dll.vi​r

[DETECTION] Is the Trojan horse TR/Zlob.CDJ

[INFO]      The file was moved to '47c9c0f9.qua'!
 C:\QooBox\Quarantine\C\Program Files\Video Add-on\icmntr.exe.vir

[DETECTION] Is the Trojan horse TR/Dldr.Zlob.trf

[INFO]      The file was moved to '4806c12e.qua'!
 C:\QooBox\Quarantine\C\Program Files\Video Add-on\icthis.exe.vir

[DETECTION] Is the Trojan horse TR/Renos.30720.512

[INFO]      The file was moved to '480dc135.qua'!
 C:\QooBox\Quarantine\C\Program Files\Video Add-on\ictun.exe.vir

[DETECTION] Is the Trojan horse TR/Dldr.Zlob.hzy

[INFO]      The file was moved to '480dc139.qua'!
 C:\QooBox\Quarantine\C\Program Files\Video Add-on\isfmdl.dll.vir

[DETECTION] Is the Trojan horse TR/Dldr.Zlob.ghd

[INFO]      The file was moved to '47ffc14d.qua'!
 C:\QooBox\Quarantine\C\Program Files\Video Add-on\isfmm.exe.vir

[DETECTION] Is the Trojan horse TR/Dldr.Zlob.gju

[INFO]      The file was moved to '47ffc152.qua'!
 Begin scan in 'D:\' <ACERDATA>


 End of the scan: 2008-01-25  12:10
 Used time: 20:38 min

 The scan has been done completely.

  11781 Scanning directories
 120716 Files were scanned

6 viruses and/or unwanted programs were found

0 Files were classified as suspicious:

0 files were deleted

0 files were repaired

6 files were moved to quarantine

0 files were renamed

1 Files cannot be scanned
 120710 Files not concerned

1302 Archives were scanned

1 Warnings

0 Notes

(Publicité)
merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 25/01/2008 à 12:58:01  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Toujours des problèmes de ton côté ?

oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 25/01/2008 à 13:57:36  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Pour moi ça a l'air d'aller, mon ordi refonctionne normalement, après, tout dépend de ce que tu penses du rapport que je t'ai posté avec ANTIVIR! :)

merillym
Habitué (de 5 000 à 9 999 messages postés)
  1. Posté le 25/01/2008 à 16:03:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
C'est OK tu n'es plus infecté, fais les manipulations suivantes pour finaliser proprement la désinfection ;)

 1)Télécharge ToolsCleaner sur ton bureau.
 http://www.commentcamarche.net [...] nions.php3

 # Clique sur Recherche et laisse le scan agir ...
 # Clique sur Suppression pour finaliser.
 # Tu peux, si tu le souhaites, te servir des Options facultatives.
 # Clique sur Quitter pour obtenir le rapport.
 # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

 ------------------------------​------

 2) Télécharge et installe Ccleaner :
 http://www.01net.com/telecharg [...] leurs(...)
 -> Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Clique sur l'onglet "Nettoyeur" puis sur "Lancer le Nettoyage".
 -> Ensuite clique sur l'onglet Registre, clique sur "Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées". Il est inutile de faire des sauvegardes des clés. Répète l'opération autant de fois qu'il le faut jusqu'à qu'il ne trouve plus d'erreurs.

 ------------------------------​--------

 3) Désactives ta restauration systeme

 Réactives ta restauration systeme

 Tuto/aide: http://www.libellules.ch/desac [...] ration.php

 ******************************​******************************​********************

 4) Edite ton premier message avec http://forum.telecharger.com/d​ata/units/telecharger/skins/01​net/icon/button_edit.gif et mets [resolu] devant le titre de ton sujet.

 5) Rapporte ton infection pour faire condamner les auteurs sur Malware-Complaints. http://mickael.barroux.free.fr/securite/img/reagir_miniban.g​if
 Pour faire entendre notre voix, nous devons être le plus nombreux possibles, alors rapport ton infection :
 - Voir les règles de Malware-Complaints
 - Enregistre sur le forum à partir du bouton register en haut :
 Si tu as plus de 13 ans, choisir : I Agree to these terms and am over or exactly 13 years of age
 Si tu as moins, clic sur : I Agree to these terms and am under 13 years of age

 Après t'être enregistré, tu as sous forme de liste les types d'infection (Look2Me, Smitfraud, SpywareQuake etc..) : http://www.malwarecomplaints.i [...] 5873f(...)

 Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas quelle infection tu as eu, créé un message dans le sujet "Autres infections" conforme au règle du forum (age, ville, département etc..) : http://www.malwarecomplaints.i [...] m.php?f=10

 a+ et bon surf  :hello:


 Quelques liens intéressants ;)

 http://bibou0007.forumpro.fr/a [...] e-t223.htm
 http://mickael.barroux.free.fr/securite/
 http://mickael.barroux.free.fr [...] ection.php
 http://www.malekal.com/
 http://bibou0007.forumpro.fr/portal.htm

oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 25/01/2008 à 17:05:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci encore à toi, sans tes conseils, cette saleté de virus ferait encore des siennes!
 a+ et encore merci  :super:

oliver39
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 25/01/2008 à 17:09:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
merci encore pour ton aide précieuse, sans toi j'y serai encore
 a+ et merci  :super:

 Page :
1

Aller à :
 

Sujets relatifs
Encore le virus msn [resolu] RESOLU trojan Retapu.D et compagnie
(resolu) probleme avec un dll au demarage résolu pb fenêtres secure
[résolu] Antivirus et autres court-circuités (bagle) [résolu] help, Ranky fz attaque
win32.alphabet-P[Trj] [Resolu] Infection par Dcads
<resolu> merci de m aider probleme virus dialer Win 32... Une soluce ?
Plus de sujets relatifs à : [résolu] Win 32 spyware - gen [Trj]

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Encore le virus msn [resolu] 28
Trojan Win32 Pakes bwy/Bagle 0
gros pb besoin d'aide 1
Trojan-Spy.Win32@mx 0
supprimer win32/messengerskinner 1