Votre question

Désinstallation impossible.[résolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Septembre 2008 10:43:07

Bonjour,

J'ai récupéré ce Programme "Smart antivirus 2009" que je ne peut désinstaller.

Pourriez vous m'aidez . Merci

Autres pages sur : desinstallation impossible resolu

29 Septembre 2008 19:13:16

Bonsoir,

Aurais je omis une politesse ou quelques choses...???

Je ne sais Pas

Bon app !
a b 8 Sécurité
29 Septembre 2008 19:49:08

Bonjour,

Patience patience...

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Contenus similaires
30 Septembre 2008 18:45:44

:hello:  BOnsoir,

Désolé mais j'eusse cru que vous m'oubliates... :pt1cable: 

Avant tout une petit message lors del'envoie du scan.
http://s4.tinypic.com/2ppyhdk.jpg

Et Comme demandé:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:34:54, on 02/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Users\jmk\Program Files\DNA\btdna.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jmk\winlogon.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [QCDriverInstaller] C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1033 /LaunchAtStart
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEWoLFUN.dll,#1
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\jmk\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Windows Logon Applicationedc] C:\Users\jmk\winlogon.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll,c
O4 - HKCU\..\Run: [bc4c9244] rundll32.exe "C:\Users\jmk\AppData\Local\Temp\yothytrr.dll",b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\jmk\AppData\LocalLow\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8506 bytes


Merci d'avance pour votre aide :( 
a b 8 Sécurité
30 Septembre 2008 19:10:52

Re,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    30 Septembre 2008 20:25:05

    Re..

    Le rapport de combofix.

    ComboFix 08-09-28.05 - jmk 2008-09-30 20:11:06.3 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1102 [GMT 2:00]
    Lancé depuis: C:\Users\jmk\Desktop\ComboFix.exe
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\PCHealthCenter
    C:\Windows\dfmlxbpkeqv.dll
    C:\Windows\emrg.exe
    C:\Windows\peltodgx.dll
    C:\Windows\system32\cbXRHyWq.dll
    C:\Windows\system32\pmnlljgf.dll
    C:\Windows\system32\wvUoPfgf.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-08-28 au 2008-09-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-09-28 20:12 . 2008-09-30 18:25 <REP> d-------- C:\Program Files\Smart Antivirus 2009
    2008-09-28 20:12 . 2008-09-28 18:31 86,016 --a------ C:\Windows\fbxrqtwn.exe
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\Program Files\iTunes
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\Program Files\iPod
    2008-09-25 19:17 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
    2008-09-25 19:17 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
    2008-09-25 19:10 . 2008-09-25 19:10 <REP> d-------- C:\Program Files\Bonjour
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\Users\jmk\AppData\Roaming\TVU Networks
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\Users\All Users\TVU Networks
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\ProgramData\TVU Networks
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\Program Files\TVUPlayer
    2008-09-10 19:04 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-09-10 19:04 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
    2008-09-10 19:04 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
    2008-09-10 19:04 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
    2008-09-10 19:04 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
    2008-09-10 19:04 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
    2008-09-10 19:04 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll
    2008-09-10 19:04 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll
    2008-09-10 19:04 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
    2008-09-07 16:18 . 2008-09-07 16:25 <REP> d-------- C:\Users\jmk\AppData\Roaming\RayV
    2008-09-07 12:31 . 2008-09-07 12:31 <REP> dr------- C:\Users\jmk\Downloads
    2008-09-06 20:36 . 2008-09-06 20:43 <REP> d-------- C:\Users\jmk\.gimp-2.4
    2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\Windows\System32\QuickTimeVR.qtx
    2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\Windows\System32\QuickTime.qts
    2008-09-05 18:48 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
    2008-09-05 18:48 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
    2008-09-05 18:48 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
    2008-09-05 18:48 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
    2008-09-05 18:47 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
    2008-09-05 18:47 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
    2008-09-05 18:47 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
    2008-09-05 18:47 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
    2008-09-05 18:47 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
    2008-08-31 23:03 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll
    2008-08-31 11:52 . 2008-08-31 11:53 <REP> d-------- C:\Program Files\Apple Software Update
    2008-08-31 11:46 . 2008-08-31 11:46 <REP> d-------- C:\Program Files\Safari
    2008-08-31 10:08 . 2008-06-27 03:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-08-31 10:08 . 2008-06-27 06:15 827,392 --a------ C:\Windows\System32\wininet.dll
    2008-08-31 10:08 . 2008-06-19 05:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
    2008-08-31 10:08 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll
    2008-08-31 10:07 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
    2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\Windows\System32\dns-sd.exe
    2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\Windows\System32\dnssd.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-30 18:12 --------- d-----w C:\Users\jmk\AppData\Roaming\DNA
    2008-09-29 15:21 --------- d-----w C:\Users\jmk\AppData\Roaming\LimeWire
    2008-09-27 13:01 --------- d-----w C:\Users\jmk\AppData\Roaming\BitTorrent
    2008-09-25 17:15 --------- d-----w C:\Program Files\Common Files\Apple
    2008-09-20 12:46 --------- d-----w C:\ProgramData\Microsoft Help
    2008-09-07 10:23 --------- d-----w C:\Users\jmk\AppData\Roaming\Apple Computer
    2008-08-31 21:00 --------- d-----w C:\Program Files\Windows Mail
    2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-07-28 19:14 --------- d-----w C:\Program Files\Sun
    2008-07-28 19:14 --------- d-----w C:\Program Files\Java
    2008-07-24 17:18 318,904 ----a-w C:\Users\jmk\wmpfirefoxplugin.exe
    2008-07-10 16:34 4,961,336 ----a-w C:\Users\jmk\PandoSetup.exe
    2008-07-08 17:08 59,839,784 ----a-w C:\Users\jmk\iTunesSetup.exe
    2008-07-02 21:33 812,344 ----a-w C:\Users\jmk\HJTInstall.exe
    2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
    2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
    2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
    2008-06-21 09:35 7,599,856 ----a-w C:\Users\jmk\Firefox Setup 3.0.exe
    2008-06-21 09:16 174 --sha-w C:\Program Files\desktop.ini
    2008-06-21 08:42 82,432 ----a-w C:\Windows\System32\axaltocm.dll
    2008-06-21 08:42 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
    2008-06-12 20:55 5,318,091 ----a-w C:\Users\jmk\Setup_FreeFlvConverter(2).exe
    2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-06-01 15:25 10,536,468 ----a-w C:\Users\jmk\c2c_pdftoolbox.exe
    2008-05-30 20:06 23,700,784 ----a-w C:\Users\jmk\quicktime_quicktime_7.4.5_francais_anglais_9524.exe
    2008-05-30 20:00 9,318,211 ----a-w C:\Users\jmk\vlc-0.8.6h-win32.exe
    2008-05-30 19:52 5,164,596 ----a-w C:\Users\jmk\Setup_FreeFlvConverter.exe
    2008-02-22 21:50 4,506,256 ----a-w C:\Program Files\LimeWireWin.exe
    2008-02-21 19:38 0 ----a-w C:\Users\jmk\AppData\Roaming\wklnhst.dat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 360448]
    "Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [2008-07-01 6587720]
    "Google Update"="C:\Users\jmk\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]
    "BitTorrent DNA"="C:\Users\jmk\Program Files\DNA\btdna.exe" [2008-09-20 289088]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
    "toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "au"="C:\Program Files\Dealio\DealioAU.exe" [2008-02-08 546144]
    "SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2008-02-06 1036640]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
    "QCDriverInstaller"="C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe" [2002-12-10 638976]
    "LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
    "LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-06 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-06 8466432]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-06 81920]
    "QuickTime Task"="C:\Program Files\VistaCodecPack\QT\QTTask.exe" [2008-09-06 413696]
    "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 C:\Windows\RtHDVCpl.exe]

    C:\Users\jmk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.SP53"= SP5X_32.DLL
    "VIDC.SP54"= SP5X_32.DLL
    "VIDC.SP55"= SP5X_32.DLL
    "VIDC.SP56"= SP5X_32.DLL
    "VIDC.SP57"= SP5X_32.DLL
    "VIDC.SP58"= SP5X_32.DLL
    "VIDC.SP59"= SP5X_32.DLL
    "msacm.avis"= ff_acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{EDC12409-9FD8-4727-A4C2-4474819DD053}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{DB3005BF-F341-4566-A6D6-2958CD1ABD1A}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{C187EEAF-9027-437E-AAA8-A7D582D421A3}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
    "{210B06F8-3A85-45F2-95F4-062E25FAE6BE}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
    "{B0FFDFBF-A60D-464D-9248-85D7C1E569A5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{C5D3BA42-092C-4271-AA3B-2CBE8557AC10}"= UDP:C:\Program Files\DNA\btdna.exe:D NA
    "{443293DC-F328-4C24-B642-D2C601C41121}"= TCP:C:\Program Files\DNA\btdna.exe:D NA
    "{E6B827FE-FC56-4288-906B-77839038F91D}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
    "{A533CBF4-A9EC-4A47-B3AC-50D87A2F3575}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
    "TCP Query User{0BB4D371-76E1-49C9-AE7B-01A42A162103}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{CC7C3333-0913-4124-AE5F-95757E566DFE}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{D0C531FC-5E03-4296-9A07-40BE6F0CD507}C:\\program files\\tvants\\tvants.exe"= UDP:C:\program files\tvants\tvants.exe:TVAnts
    "UDP Query User{01F3F37E-29C0-4976-B35A-23E5FFBFD614}C:\\program files\\tvants\\tvants.exe"= TCP:C:\program files\tvants\tvants.exe:TVAnts
    "TCP Query User{CAF213A5-B0D7-4C05-A8A1-8AF0A4F9C643}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
    "UDP Query User{80B91812-84F6-408A-9DB8-E399BA09F63F}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
    "TCP Query User{36637D66-BA75-48A6-A34D-2D088147CB93}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
    "UDP Query User{0C64A3D3-59BB-4883-8F5C-FB4DB0A55CF2}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
    "TCP Query User{6BE23D23-D214-470E-AE8A-C95AA747C489}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{E859617A-08BD-4E61-8E77-ABCC59AA8EB4}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "TCP Query User{0E984E2E-1539-46AD-B3CA-F87BBD385F29}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{A06A8328-751A-487D-8ED4-2D9B5951DDFD}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "{1F3B5A98-6DF7-4B79-8C18-D29F986C8D60}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
    "{CD5CFD73-E972-4B0D-BB1C-D958AEFD0E66}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
    "{89300AFC-4BE5-4407-8FD2-39CB38C89E9B}"= UDP:57977:p ando P2P TCP Listening Port
    "{8B9D7206-0034-4D61-8285-4028519BA224}"= TCP:57977:p ando P2P UDP Listening Port
    "TCP Query User{900AA425-F85E-4EE0-9690-DDA384741FEE}C:\\program files\\pando networks\\pando\\pando.exe"= UDP:C:\program files\pando networks\pando\pando.exe:p ando
    "UDP Query User{860A0237-76B4-490A-862A-C5EAA6C871A6}C:\\program files\\pando networks\\pando\\pando.exe"= TCP:C:\program files\pando networks\pando\pando.exe:p ando
    "TCP Query User{308D016C-1591-4D34-9983-F0E01BAB8F28}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
    "UDP Query User{75331C9A-694C-4E69-82AB-17DD478F85C2}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
    "TCP Query User{C9E61495-5847-4FC9-9DDF-B35718564119}C:\\program files\\rayv\\rayv\\rayv.exe"= UDP:C:\program files\rayv\rayv\rayv.exe:RayV
    "UDP Query User{B3E11B9A-D161-4C16-8654-AC751B0450A6}C:\\program files\\rayv\\rayv\\rayv.exe"= TCP:C:\program files\rayv\rayv\rayv.exe:RayV
    "TCP Query User{AF6C1B75-C566-4009-B56A-30F2549F06DA}C:\\program files\\pando networks\\pando\\pando.exe"= UDP:C:\program files\pando networks\pando\pando.exe:p ando
    "UDP Query User{84F33BE1-8330-4AB8-8ED5-1264FE49A83B}C:\\program files\\pando networks\\pando\\pando.exe"= TCP:C:\program files\pando networks\pando\pando.exe:p ando
    "TCP Query User{898BC3F3-DCDB-46FF-9C1E-4A44DB6BFA54}C:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:C:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
    "UDP Query User{D2EEB3DC-F63F-4385-AA5E-D7D5D376F35D}C:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:C:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
    "{69FCA0C3-9AEF-4061-86AE-7E89522D40AC}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
    "{28A8B817-A61C-41CA-9EEB-0DE40E355636}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
    "{483914DD-9ECC-4760-A299-B3844B73D5DB}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{77E3A751-FD89-4AEF-AD29-29513C9187A9}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "TCP Query User{BFEECC57-2D4D-4F42-A057-FE1EC08CA159}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
    "UDP Query User{BA0EFC99-8554-424C-8408-4237523778F6}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
    S3 LVBulk;LVBulk Service;C:\Windows\system32\DRIVERS\LVBulk.sys [2002-06-10 10254]
    S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\Windows\system32\DRIVERS\LV551AV.sys [2002-06-10 220079]
    S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
    S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
    S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
    S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
    S4 nvrd32;NVIDIA nForce RAID Driver ;C:\Windows\system32\drivers\nvrd32.sys [2006-12-22 122880]
    .
    Contenu du dossier 'Tâches planifiées'
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{75CFDBEA-56E3-4065-B218-4A11FE8C46DB} - C:\Windows\dfmlxbpkeqv.dll
    Toolbar-{4516441E-853A-4B41-9263-676281A853AE} - C:\Windows\peltodgx.dll


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Users\jmk\AppData\Roaming\Mozilla\Firefox\Profiles\uxl9d45x.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/
    FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
    FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin2.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin3.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin4.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin5.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin6.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin7.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
    FF -: plugin - C:\Users\jmk\AppData\Local\Google\Update\1.2.131.11\npGoogleOneClick5.dll
    FF -: plugin - C:\Users\jmk\AppData\Roaming\Mozilla\Firefox\Profiles\uxl9d45x.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    FF -: plugin - C:\Users\jmk\Program Files\DNA\plugins\npbtdna.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-30 20:13:24
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-09-30 20:14:47
    ComboFix-quarantined-files.txt 2008-09-30 18:14:43

    Avant-CF: 381ÿ208ÿ461ÿ312 octets libres
    Après-CF: 381,391,347,712 octets libres

    248 --- E O F --- 2008-09-26 17:13:58


    Voila, voila :sarcastic: 
    a b 8 Sécurité
    30 Septembre 2008 21:10:59

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    30 Septembre 2008 22:38:28

    Le rapport de Mbam. est servi

    Malwarebytes' Anti-Malware 1.28
    Version de la base de données: 1225
    Windows 6.0.6001 Service Pack 1

    30/09/2008 22:34:10
    mbam-log-2008-09-30 (22-34-10).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 129131
    Temps écoulé: 20 minute(s), 58 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 5
    Fichier(s) infecté(s): 12

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\peltodgx.bmqr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\peltodgx.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\Smart Antivirus 2009 (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\Program Files\Smart Antivirus 2009\Infected (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\Program Files\Smart Antivirus 2009\Suspicious (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Antivirus 2009 (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\Users\jmk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Antivirus 2009 (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\QooBox\Quarantine\C\Windows\emrg.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\Windows\System32\cbXRHyWq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\Windows\System32\pmnlljgf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\Windows\System32\wvUoPfgf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\jmk\AppData\Local\Temp\spcjdytp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Program Files\Smart Antivirus 2009\vscan.tsi (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\Program Files\Smart Antivirus 2009\zlib.dll (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Antivirus 2009\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\Users\jmk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Antivirus 2009\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\Windows\fbxrqtwn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\jmk\Desktop\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
    C:\Users\jmk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.


    C'est y pas beau ca :wahoo: 
    a b 8 Sécurité
    1 Octobre 2008 13:06:42

    Reposte un rapport Hijackthis.
    1 Octobre 2008 18:24:31

    Bonsoir à vous tous

    Un rapport HT

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:34:54, on 02/07/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Windows\ehome\ehtray.exe
    C:\Users\jmk\Program Files\DNA\btdna.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\jmk\winlogon.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [QCDriverInstaller] C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1033 /LaunchAtStart
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEWoLFUN.dll,#1
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\jmk\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Windows Logon Applicationedc] C:\Users\jmk\winlogon.exe
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll,c
    O4 - HKCU\..\Run: [bc4c9244] rundll32.exe "C:\Users\jmk\AppData\Local\Temp\yothytrr.dll",b
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\jmk\AppData\LocalLow\Dealio\kb126\res\DealioSearch.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 8506 bytes


    :) 
    a b 8 Sécurité
    1 Octobre 2008 18:50:54

    Re,

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEWoLFUN.dll,#1
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll,c
    O4 - HKCU\..\Run: [bc4c9244] rundll32.exe "C:\Users\jmk\AppData\Local\Temp\yothytrr.dll",b O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll


    Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :files
    C:\Program Files\Search Settings
    C:\Program Files\Dealio
    C:\Windows\system32\gEWoLFUN.dll
    C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll
    C:\Users\jmk\AppData\Local\Temp\yothytrr.dll


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    1 Octobre 2008 19:47:25

    :cry: 
    J'ai commis une "Boulette" apres avoir posté le dernier rapport HT. J'ai fermé HT sans faire de sauvegarde... Pour le cas , je vous joint un Nv rapport HT

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:34:54, on 02/07/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Windows\ehome\ehtray.exe
    C:\Users\jmk\Program Files\DNA\btdna.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\jmk\winlogon.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [QCDriverInstaller] C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1033 /LaunchAtStart
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEWoLFUN.dll,#1
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\jmk\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Windows Logon Applicationedc] C:\Users\jmk\winlogon.exe
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll,c
    O4 - HKCU\..\Run: [bc4c9244] rundll32.exe "C:\Users\jmk\AppData\Local\Temp\yothytrr.dll",b
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\jmk\AppData\LocalLow\Dealio\kb126\res\DealioSearch.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 8506 bytes

    Je vous prie de bien vouloir m'excuser
    a b 8 Sécurité
    1 Octobre 2008 19:51:13

    Fais ce que j'ai dit :) 
    1 Octobre 2008 20:42:43

    Ok Merci

    voila le rapport
    ========== FILES ==========
    Folder move failed. C:\Program Files\Search Settings\kb126\temp scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Search Settings\kb126\res scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Search Settings\kb126 scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Search Settings scheduled to be moved on reboot.
    C:\Program Files\Dealio\kb126\temp moved successfully.
    C:\Program Files\Dealio\kb126\rulesFF moved successfully.
    C:\Program Files\Dealio\kb126\rules moved successfully.
    C:\Program Files\Dealio\kb126\resFF moved successfully.
    C:\Program Files\Dealio\kb126\res moved successfully.
    C:\Program Files\Dealio\kb126 moved successfully.
    C:\Program Files\Dealio moved successfully.
    File/Folder C:\Windows\system32\gEWoLFUN.dll not found.
    File/Folder C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll not found.
    File/Folder C:\Users\jmk\AppData\Local\Temp\yothytrr.dll not found.

    OTMoveIt3 by OldTimer - Version 1.0.2.2 log created on 10012008_202841



    Parcontre 4 lignes du tableau HT n'ont pas pu etre fixées car elles n'apparaisssent pas
    Il s'agit :
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEWoLFUN.dll,#1
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll,c
    O4 - HKCU\..\Run: [bc4c9244] rundll32.exe "C:\Users\jmk\AppData\Local\Temp\yothytrr.dll",b O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll

    A ta disposition.
    a b 8 Sécurité
    2 Octobre 2008 18:12:30

    Reposte un rapport Hijackthis :) 
    4 Octobre 2008 11:08:34



    Bonjour et désolé pour le retard...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:34:54, on 02/07/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Windows\ehome\ehtray.exe
    C:\Users\jmk\Program Files\DNA\btdna.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\jmk\winlogon.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [QCDriverInstaller] C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1033 /LaunchAtStart
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEWoLFUN.dll,#1
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\jmk\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Windows Logon Applicationedc] C:\Users\jmk\winlogon.exe
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\jmk\AppData\Local\Temp\oPiFxvTl.dll,c
    O4 - HKCU\..\Run: [bc4c9244] rundll32.exe "C:\Users\jmk\AppData\Local\Temp\yothytrr.dll",b
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\jmk\AppData\LocalLow\Dealio\kb126\res\DealioSearch.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 8506 bytes

    Excellent Week end
    a b 8 Sécurité
    4 Octobre 2008 12:48:48

    Refais un scan Combofix.
    4 Octobre 2008 13:34:55


    voila

    ComboFix 08-10-03.06 - jmk 2008-10-04 13:21:26.4 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1247 [GMT 2:00]
    Lancé depuis: C:\Users\jmk\Desktop\ComboFix.exe
    * Un nouveau point de restauration a été créé

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-04 au 2008-10-04 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-01 20:28 . 2008-10-01 20:28 <REP> d-------- C:\_OTMoveIt
    2008-09-30 21:56 . 2008-09-30 21:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-09-30 21:56 . 2008-09-10 00:04 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
    2008-09-30 21:56 . 2008-09-10 00:03 17,200 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\Program Files\iTunes
    2008-09-25 19:17 . 2008-09-25 19:17 <REP> d-------- C:\Program Files\iPod
    2008-09-25 19:17 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
    2008-09-25 19:17 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
    2008-09-25 19:10 . 2008-09-25 19:10 <REP> d-------- C:\Program Files\Bonjour
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\Users\jmk\AppData\Roaming\TVU Networks
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\Users\All Users\TVU Networks
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\ProgramData\TVU Networks
    2008-09-20 21:53 . 2008-09-20 21:53 <REP> d-------- C:\Program Files\TVUPlayer
    2008-09-10 19:04 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-09-10 19:04 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
    2008-09-10 19:04 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
    2008-09-10 19:04 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
    2008-09-10 19:04 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
    2008-09-10 19:04 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
    2008-09-10 19:04 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll
    2008-09-10 19:04 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll
    2008-09-10 19:04 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
    2008-09-07 16:18 . 2008-09-07 16:25 <REP> d-------- C:\Users\jmk\AppData\Roaming\RayV
    2008-09-07 12:31 . 2008-09-07 12:31 <REP> dr------- C:\Users\jmk\Downloads
    2008-09-06 20:36 . 2008-09-06 20:43 <REP> d-------- C:\Users\jmk\.gimp-2.4
    2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\Windows\System32\QuickTimeVR.qtx
    2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\Windows\System32\QuickTime.qts
    2008-09-05 18:48 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
    2008-09-05 18:48 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
    2008-09-05 18:48 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
    2008-09-05 18:48 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
    2008-09-05 18:47 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
    2008-09-05 18:47 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
    2008-09-05 18:47 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
    2008-09-05 18:47 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
    2008-09-05 18:47 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-04 11:15 --------- d-----w C:\Users\jmk\AppData\Roaming\DNA
    2008-10-03 18:41 --------- d-----w C:\Users\jmk\AppData\Roaming\LimeWire
    2008-09-27 13:01 --------- d-----w C:\Users\jmk\AppData\Roaming\BitTorrent
    2008-09-25 17:15 --------- d-----w C:\Program Files\Common Files\Apple
    2008-09-20 12:46 --------- d-----w C:\ProgramData\Microsoft Help
    2008-09-07 10:23 --------- d-----w C:\Users\jmk\AppData\Roaming\Apple Computer
    2008-08-31 21:00 --------- d-----w C:\Program Files\Windows Mail
    2008-08-31 09:53 --------- d-----w C:\Program Files\Apple Software Update
    2008-08-31 09:46 --------- d-----w C:\Program Files\Safari
    2008-08-29 08:18 87,336 ----a-w C:\Windows\System32\dns-sd.exe
    2008-08-29 07:53 61,440 ----a-w C:\Windows\System32\dnssd.dll
    2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-07-24 17:18 318,904 ----a-w C:\Users\jmk\wmpfirefoxplugin.exe
    2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-07-10 16:34 4,961,336 ----a-w C:\Users\jmk\PandoSetup.exe
    2008-07-08 17:08 59,839,784 ----a-w C:\Users\jmk\iTunesSetup.exe
    2008-07-02 21:33 812,344 ----a-w C:\Users\jmk\HJTInstall.exe
    2008-06-21 09:35 7,599,856 ----a-w C:\Users\jmk\Firefox Setup 3.0.exe
    2008-06-21 09:16 174 --sha-w C:\Program Files\desktop.ini
    2008-06-12 20:55 5,318,091 ----a-w C:\Users\jmk\Setup_FreeFlvConverter(2).exe
    2008-06-01 15:25 10,536,468 ----a-w C:\Users\jmk\c2c_pdftoolbox.exe
    2008-05-30 20:06 23,700,784 ----a-w C:\Users\jmk\quicktime_quicktime_7.4.5_francais_anglais_9524.exe
    2008-05-30 20:00 9,318,211 ----a-w C:\Users\jmk\vlc-0.8.6h-win32.exe
    2008-05-30 19:52 5,164,596 ----a-w C:\Users\jmk\Setup_FreeFlvConverter.exe
    2008-02-22 21:50 4,506,256 ----a-w C:\Program Files\LimeWireWin.exe
    2008-02-21 19:38 0 ----a-w C:\Users\jmk\AppData\Roaming\wklnhst.dat
    .

    ((((((((((((((((((((((((((((( snapshot@2008-09-30_20.13.52.68 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-09-30 16:23:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-10-04 09:02:04 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2008-09-30 16:23:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2008-10-04 09:02:04 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-09-30 16:24:37 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-10-04 11:20:47 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-10-04 11:20:47 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
    - 2008-09-30 16:25:12 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-10-04 09:04:12 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    - 2008-09-30 16:23:42 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-10-04 09:02:18 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-09-30 16:23:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-10-04 09:02:18 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-09-30 16:23:42 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-10-04 09:02:18 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-09-30 18:10:58 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-10-04 11:21:21 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-10-04 11:21:21 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
    - 2008-09-30 16:28:13 104,742 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-10-04 09:07:42 104,742 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-09-30 16:28:13 127,798 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-10-04 09:07:42 127,798 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-09-30 16:28:13 595,308 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-10-04 09:07:42 595,308 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-09-30 16:28:13 678,718 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-10-04 09:07:42 678,718 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-09-30 16:26:06 9,884 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3463401329-3998780706-3829550914-1002_UserData.bin
    + 2008-10-04 09:04:49 9,908 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3463401329-3998780706-3829550914-1002_UserData.bin
    - 2008-09-30 16:26:06 57,532 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-10-04 09:04:49 57,804 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-09-30 16:20:22 40,720 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-10-04 09:04:48 41,382 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    -- Instantané actualisé --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 360448]
    "Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [2008-07-01 6587720]
    "Google Update"="C:\Users\jmk\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]
    "BitTorrent DNA"="C:\Users\jmk\Program Files\DNA\btdna.exe" [2008-09-20 289088]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
    "toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2008-02-06 1036640]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
    "QCDriverInstaller"="C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe" [2002-12-10 638976]
    "LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
    "LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-06 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-06 8466432]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-06 81920]
    "QuickTime Task"="C:\Program Files\VistaCodecPack\QT\QTTask.exe" [2008-09-06 413696]
    "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 C:\Windows\RtHDVCpl.exe]

    C:\Users\jmk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.SP53"= SP5X_32.DLL
    "VIDC.SP54"= SP5X_32.DLL
    "VIDC.SP55"= SP5X_32.DLL
    "VIDC.SP56"= SP5X_32.DLL
    "VIDC.SP57"= SP5X_32.DLL
    "VIDC.SP58"= SP5X_32.DLL
    "VIDC.SP59"= SP5X_32.DLL
    "msacm.avis"= ff_acm.acm

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
    @="IEEE 1394 Bus host controllers"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
    @="SBP2 IEEE 1394 Devices"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
    @="SecurityDevices"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    R0 CLFS;Common Log (CLFS);C:\Windows\system32\CLFS.sys [2008-01-19 247352]
    R0 Ecache;ReadyBoost Caching Driver;C:\Windows\system32\drivers\ecache.sys [2008-01-19 143416]
    R0 FileInfo;File Information FS MiniFilter;C:\Windows\system32\drivers\fileinfo.sys [2008-01-19 58936]
    R0 msisadrv;Pilote de classe ISA/EISA;C:\Windows\system32\drivers\msisadrv.sys [2008-01-19 16440]
    R0 spldr;Security Processor Loader Driver;C:\Windows\system32\drivers\spldr.sys [2008-01-19 21048]
    R0 volmgr;Pilote du Gestionnaire de volume;C:\Windows\system32\drivers\volmgr.sys [2008-01-19 52792]
    R0 volmgrx;Dynamic Volume Manager;C:\Windows\system32\drivers\volmgrx.sys [2008-01-19 294456]
    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
    R1 DfsC;DFS Namespace Client Driver;C:\Windows\system32\Drivers\dfsc.sys [2008-01-19 75264]
    R1 nsiproxy;NSI proxy service;C:\Windows\system32\drivers\nsiproxy.sys [2008-01-19 16384]
    R1 RDPENCDD;RDP Encoder Mirror Driver;C:\Windows\system32\drivers\rdpencdd.sys [2008-01-19 6144]
    R1 Smb;Protocoles TCP/IP et TCP/IPv6 orienté messages (session SMB);C:\Windows\system32\DRIVERS\smb.sys [2008-01-19 66560]
    R1 tdx;Pilote de prise en charge TDI héritée NetIO;C:\Windows\system32\DRIVERS\tdx.sys [2008-01-19 71680]
    R1 Wanarpv6;Remote Access IPv6 ARP Driver;C:\Windows\system32\DRIVERS\wanarp.sys [2008-01-19 62464]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
    R2 AudioEndpointBuilder;Générateur de points de terminaison du service Audio Windows;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 BFE;Moteur de filtrage de base;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 DPS;Service de stratégie de diagnostic;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 FDResPub;Publication des ressources de découverte de fonctions;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 gpsvc;Client de stratégie de groupe;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 IKEEXT;Modules de génération de clés IKE et AuthIP;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 iphlpsvc;Assistance IP;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 KtmRm;Service KtmRm pour Distributed Transaction Coordinator;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 lltdio;Pilote d’E/S du mappage de découverte de topologie de la couche de liaison;C:\Windows\system32\DRIVERS\lltdio.sys [2008-01-19 47104]
    R2 luafv;UAC File Virtualization;C:\Windows\system32\drivers\luafv.sys [2008-01-19 84480]
    R2 MMCSS;Planificateur de classes multimédias;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 MpsSvc;Pare-feu Windows;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 netprofm;Service Liste des réseaux;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 NlaSvc;Connaissance des emplacements réseau;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nsi;Service Interface du magasin réseau;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 PcaSvc;Service de l’Assistant Compatibilité des programmes;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 PEAUTH;PEAUTH;C:\Windows\system32\drivers\peauth.sys [2006-11-02 878080]
    R2 ProfSvc;Service de profil utilisateur;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 slsvc;Licence du logiciel;C:\Windows\system32\SLsvc.exe [2008-01-19 2623488]
    R2 SysMain;Superfetch;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 TabletInputService;Service Panneau de saisie Tablet PC;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 tcpipreg;TCP/IP Registry Compatibility;C:\Windows\system32\drivers\tcpipreg.sys [2008-01-19 30208]
    R2 UxSms;Gestionnaire de sessions du Gestionnaire de fenêtrage;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 WerSvc;Service de rapport d'erreurs Windows;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 WPDBusEnum;Service Énumérateur d’appareil mobile;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 Appinfo;Informations d'application;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 bowser;Bowser;C:\Windows\system32\DRIVERS\bowser.sys [2008-01-19 69632]
    R3 DXGKrnl;LDDM Graphics Subsystem;C:\Windows\system32\drivers\dxgkrnl.sys [2008-08-02 625152]
    R3 fdPHost;Hôte du fournisseur de découverte de fonctions;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 iScsiPrt;Pilote iScsiPort;C:\Windows\system32\DRIVERS\msiscsi.sys [2008-01-19 181304]
    R3 monitor;Service Pilote de fonction de classe Moniteur Microsoft;C:\Windows\system32\DRIVERS\monitor.sys [2008-01-19 41984]
    R3 mpsdrv;Pilote d’autorisation du Pare-feu Windows;C:\Windows\system32\drivers\mpsdrv.sys [2008-01-19 64000]
    R3 mrxsmb10;SMB 1.x MiniRedirector;C:\Windows\system32\DRIVERS\mrxsmb10.sys [2008-05-08 211968]
    R3 mrxsmb20;SMB 2.0 MiniRedirector;C:\Windows\system32\DRIVERS\mrxsmb20.sys [2008-01-19 78848]
    R3 srv2;srv2;C:\Windows\system32\DRIVERS\srv2.sys [2008-01-19 144384]
    R3 srvnet;srvnet;C:\Windows\system32\DRIVERS\srvnet.sys [2008-01-19 98304]
    R3 tunnel;Pilote de carte miniport Microsoft IPv6 Tunnel;C:\Windows\system32\DRIVERS\tunnel.sys [2008-01-19 23040]
    R3 umbus;Pilote d’énumérateur UMBus;C:\Windows\system32\DRIVERS\umbus.sys [2008-01-19 34816]
    R3 USBSTOR;Pilote de stockage de masse USB;C:\Windows\system32\DRIVERS\USBSTOR.SYS [2008-01-19 55296]
    R3 WdiSystemHost;Hôte système de diagnostics;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S2 EMDMgmt;Service ReadyBoost;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S2 TBS;Services de base de module de plateforme sécurisée;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;C:\Windows\system32\drivers\brfiltlo.sys [2006-11-02 13568]
    S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;C:\Windows\system32\drivers\brfiltup.sys [2006-11-02 5248]
    S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\Windows\system32\drivers\brusbser.sys [2006-11-02 11904]
    S3 CertPropSvc;Propagation du certificat;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 DFSR;Réplication DFS;C:\Windows\system32\DFSR.exe [2008-01-19 2091520]
    S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver;C:\Windows\system32\DRIVERS\E1G60I32.sys [2006-11-02 117760]
    S3 Filetrace;FileTrace;C:\Windows\system32\drivers\filetrace.sys [2008-01-19 27648]
    S3 IPBusEnum;Énumérateur de bus IP PnP-X;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 KeyIso;Isolation de clé CNG;C:\Windows\system32\lsass.exe [2008-01-19 9728]
    S3 lltdsvc;Mappage de découverte de topologie de la couche de liaison;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 LVBulk;LVBulk Service;C:\Windows\system32\DRIVERS\LVBulk.sys [2002-06-10 10254]
    S3 MSiSCSI;Service Initiateur iSCSI de Microsoft;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 MsRPC;MsRPC;C:\Windows\system32\drivers\MsRPC.sys [2008-01-19 163384]
    S3 NativeWifiP;Filtre NativeWiFi;C:\Windows\system32\DRIVERS\nwifi.sys [2008-05-20 148480]
    S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 p2psvc;Groupement de mise en réseau de pairs;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\Windows\system32\DRIVERS\LV551AV.sys [2002-06-10 220079]
    S3 pla;Journaux & alertes de performance;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 PNRPAutoReg;Service de publication des noms d’ordinateurs PNRP;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 PNRPsvc;Protocole de résolution de noms d'homologues;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 QWAVE;Expérience audio-vidéo haute qualité Windows;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 QWAVEdrv;Pilote QWAVE;C:\Windows\system32\drivers\qwavedrv.sys [2008-01-19 31232]
    S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
    S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
    S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
    S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
    S3 SCPolicySvc;Stratégie de retrait de la carte à puce;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 SDRSVC;Sauvegarde Windows;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 SessionEnv;Configuration des services Terminal Server;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 sffp_mmc;SFF Storage Protocol Driver for MMC;C:\Windows\system32\drivers\sffp_mmc.sys [2007-09-11 12800]
    S3 SLUINotify;Service de notification de l’interface utilisateur SL;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 THREADORDER;Serveur de priorités des threads;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 TrustedInstaller;Programme d’installation de modules Windows;C:\Windows\servicing\TrustedInstaller.exe [2008-01-19 39424]
    S3 tssecsrv;Terminal Services Security Filter Driver;C:\Windows\system32\DRIVERS\tssecsrv.sys [2008-01-19 23552]
    S3 UI0Detect;Détection de services interactifs;C:\Windows\system32\UI0Detect.exe [2008-01-19 35840]
    S3 uliagpkx;Uli AGP Bus Filter;C:\Windows\system32\drivers\uliagpkx.sys [2006-11-02 58472]
    S3 wcncsvc;Windows Connect Now - Registre de configuration;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 WcsPlugInService;Système de couleurs Windows;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 WdiServiceHost;Service hôte WDIServiceHost;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 Wecsvc;Collecteur d'événements de Windows;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 wercplsupport;Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration;C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 WinRM;Gestion à distance de Windows (Gestion WSM);C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 Wlansvc;Service de configuration automatique WLAN;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 WPCSvc;Contrôle parental;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S4 adp94xx;adp94xx;C:\Windows\system32\drivers\adp94xx.sys [2006-11-02 420968]
    S4 adpahci;adpahci;C:\Windows\system32\drivers\adpahci.sys [2006-11-02 297576]
    S4 arcsas;arcsas;C:\Windows\system32\drivers\arcsas.sys [2006-11-02 67688]
    S4 Brserid;Brother MFC Serial Port Interface Driver (WDM);C:\Windows\system32\drivers\brserid.sys [2006-11-02 71808]
    S4 BrSerWdm;Brother WDM Serial driver;C:\Windows\system32\drivers\brserwdm.sys [2006-11-02 62336]
    S4 BrUsbMdm;Brother MFC USB Fax Only Modem;C:\Windows\system32\drivers\brusbmdm.sys [2006-11-02 12160]
    S4 circlass;Consumer IR Devices;C:\Windows\system32\drivers\circlass.sys [2006-11-02 35328]
    S4 Crusoe;Transmeta Crusoe Processor Driver;C:\Windows\system32\drivers\crusoe.sys [2006-11-02 38912]
    S4 elxstor;elxstor;C:\Windows\system32\drivers\elxstor.sys [2006-11-02 316520]
    S4 HpCISSs;HpCISSs;C:\Windows\system32\drivers\hpcisss.sys [2006-11-02 37480]
    S4 iaStorV;Intel RAID Controller Vista;C:\Windows\system32\drivers\iastorv.sys [2006-11-02 232040]
    S4 IPMIDRV;IPMIDRV;C:\Windows\system32\drivers\ipmidrv.sys [2006-11-02 65536]
    S4 iteraid;ITERAID_Service_Install;C:\Windows\system32\drivers\iteraid.sys [2006-11-02 35944]
    S4 LSI_FC;LSI_FC;C:\Windows\system32\drivers\lsi_fc.sys [2006-11-02 65640]
    S4 LSI_SAS;LSI_SAS;C:\Windows\system32\drivers\lsi_sas.sys [2006-11-02 65640]
    S4 LSI_SCSI;LSI_SCSI;C:\Windows\system32\drivers\lsi_scsi.sys [2006-11-02 65640]
    S4 Mcx2Svc;Service Windows Media Center Extender;C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S4 megasas;megasas;C:\Windows\system32\drivers\megasas.sys [2006-11-02 28776]
    S4 mpio;Microsoft Multi-Path Bus Driver;C:\Windows\system32\drivers\mpio.sys [2006-11-02 78952]
    S4 msahci;msahci;C:\Windows\system32\drivers\msahci.sys [2006-11-02 23144]
    S4 msdsm;Microsoft Multi-Path Device Specific Module;C:\Windows\system32\drivers\msdsm.sys [2006-11-02 80488]
    S4 nfrd960;nfrd960;C:\Windows\system32\drivers\nfrd960.sys [2006-11-02 45160]
    S4 ntrigdigi;N-trig HID Tablet Driver;C:\Windows\system32\drivers\ntrigdigi.sys [2006-11-02 20608]
    S4 nvrd32;NVIDIA nForce RAID Driver ;C:\Windows\system32\drivers\nvrd32.sys [2006-12-22 122880]
    S4 nvstor;nvstor;C:\Windows\system32\drivers\nvstor.sys [2006-11-02 40040]
    S4 ql2300;QLogic Fibre Channel Miniport Driver;C:\Windows\system32\drivers\ql2300.sys [2006-11-02 900712]
    S4 ql40xx;QLogic iSCSI Miniport Driver;C:\Windows\system32\drivers\ql40xx.sys [2006-11-02 106088]
    S4 SiSRaid4;SiSRaid4;C:\Windows\system32\drivers\sisraid4.sys [2006-11-02 71784]
    S4 uliahci;uliahci;C:\Windows\system32\drivers\uliahci.sys [2006-11-02 235112]
    S4 ulsata2;ulsata2;C:\Windows\system32\drivers\ulsata2.sys [2006-11-02 115816]
    S4 usbcir;eHome Infrared Receiver (USBCIR);C:\Windows\system32\drivers\usbcir.sys [2006-11-02 68608]
    S4 ViaC7;VIA C7 Processor Driver;C:\Windows\system32\drivers\viac7.sys [2006-11-02 39424]
    S4 vsmraid;vsmraid;C:\Windows\system32\drivers\vsmraid.sys [2006-11-02 112232]
    S4 WacomPen;Wacom Serial Pen HID Driver;C:\Windows\system32\drivers\wacompen.sys [2006-11-02 20608]
    S4 Wd;Microsoft Watchdog Timer Driver;C:\Windows\system32\drivers\wd.sys [2006-11-02 19560]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc ehstart
    WerSvcGroup REG_MULTI_SZ wersvc
    swprv REG_MULTI_SZ swprv
    regsvc REG_MULTI_SZ RemoteRegistry
    wcssvc REG_MULTI_SZ WcsPlugInService
    DcomLaunch REG_MULTI_SZ PlugPlay DcomLaunch
    wdisvc REG_MULTI_SZ WdiServiceHost
    sdrsvc REG_MULTI_SZ sdrsvc
    secsvcs REG_MULTI_SZ WinDefend

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    AeLookupSvc
    wercplsupport
    Themes
    CertPropSvc
    SCPolicySvc
    lanmanserver
    gpsvc
    IKEEXT
    AudioSrv
    FastUserSwitchingCompatibility
    Nla
    NWCWorkstation
    SRService
    Wmi
    WmdmPmSp
    TermService
    wuauserv
    BITS
    ShellHWDetection
    LogonHours
    PCAudit
    helpsvc
    uploadmgr
    iphlpsvc
    seclogon
    AppInfo
    msiscsi
    MMCSS
    ProfSvc
    EapHost
    winmgmt
    schedule
    SessionEnv
    browser
    hkmsvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    C:\Windows\system32\unregmp2.exe /ShowWMP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
    .
    Contenu du dossier 'Tâches planifiées'

    2008-10-04 C:\Windows\Tasks\Extension de garantie.job
    - C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2006-11-21 18:38]

    2008-10-01 C:\Windows\Tasks\GoogleUpdateTaskUser.job
    - C:\Users\jmk\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 19:18]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Run-au - C:\Program Files\Dealio\DealioAU.exe


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Users\jmk\AppData\Roaming\Mozilla\Firefox\Profiles\uxl9d45x.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/
    FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
    FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin2.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin3.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin4.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin5.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin6.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\QT\Plugins\npqtplugin7.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
    FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
    FF -: plugin - C:\Users\jmk\AppData\Local\Google\Update\1.2.131.11\npGoogleOneClick5.dll
    FF -: plugin - C:\Users\jmk\AppData\Roaming\Mozilla\Firefox\Profiles\uxl9d45x.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    FF -: plugin - C:\Users\jmk\Program Files\DNA\plugins\npbtdna.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-04 13:24:07
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-04 13:25:38
    ComboFix-quarantined-files.txt 2008-10-04 11:25:26
    ComboFix2.txt 2008-09-30 18:14:47

    Avant-CF: 382 219 214 848 octets libres
    Après-CF: 382,193,889,280 octets libres

    430 --- E O F --- 2008-10-03 18:33:42


    merci
    a b 8 Sécurité
    4 Octobre 2008 15:13:01

    Il me faut un nouveau rapport Hijackthis. Pour lancer Hijackthis, il faut faire clic droit dessus / exécuter en tant qu'admin

    4 Octobre 2008 15:33:27

    Voila ce qui est dit...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:32:58, on 04/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Users\jmk\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Users\jmk\Program Files\DNA\btdna.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [QCDriverInstaller] C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1033 /LaunchAtStart
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Users\jmk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\jmk\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\jmk\AppData\LocalLow\Dealio\kb126\res\DealioSearch.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 8814 bytes


    ..............est fait.
    a b 8 Sécurité
    4 Octobre 2008 15:38:10

    Re,

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    4 Octobre 2008 15:44:57

    Merci,

    C'est fait...
    a b 8 Sécurité
    5 Octobre 2008 15:44:38

    Reposte un rapport Hijackthis.
    5 Octobre 2008 18:56:05

    Hello,

    Voila
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:55:47, on 05/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Windows\System32\rundll32.exe
    C:\Users\jmk\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Users\jmk\Program Files\DNA\btdna.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Windows\system32\conime.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\SopCast\adv\SopAdver.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [QCDriverInstaller] C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1033 /LaunchAtStart
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Users\jmk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\jmk\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\jmk\AppData\LocalLow\Dealio\kb126\res\DealioSearch.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 8650 bytes


    Excellent fin de week end !
    a b 8 Sécurité
    5 Octobre 2008 19:35:02

    D'autres soucis ?
    5 Octobre 2008 19:53:18

    Bonsoir,

    La machine tourne bien , plus d'apparence inopinée de ce Log.

    Un grand merci à vous pour votre aide.



    a b 8 Sécurité
    5 Octobre 2008 20:27:14

    Bon surf ;) 
    5 Octobre 2008 22:19:18

    Merci.

    C'est la deuxième fois que vous me sortez d'affaire , avec grande efficacité.
    A la Prochaine !



    a b 8 Sécurité
    6 Octobre 2008 17:15:16

    Ne reviens pas trop tôt quand même :p 
    3 Janvier 2010 19:54:31

    Bonne Année 2010

    Pour désistaler un logiciels , le plus facile et efficace c REVO UNINSTALLER

    et anti-virus spécial TROJAN ou autres :bounce:  -((((((((((( RISING version 21.71.60 )))))))))-

    :sol: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS