Se connecter / S'enregistrer
Votre question

virus besion d'aide svp

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Novembre 2008 03:33:17

svp jai un virus mais je ne sais pas c quoi
jai telecharger un crack et boum
pus dinternet plus de avg anti virus ni limewire ni plusieur autre aider moi svp
pour pouvoir r'avoir internet jai du desactiver agshearhhook class (agcutils.dll)
mais cela ne ma redonner que internet et rien d'autre

voici mon log hithisjack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:32:43, on 2008-11-03
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\cynthia leclercs\Mes documents\bryan jeux\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {12345678-1234-1234-1234-1234567890AB} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\cynthia leclercs\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\cynthia leclercs\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com/pirates/online/testActiveX/built/s...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jdk/6u10/jinstal...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin2.valueactive.com/Register/Branding/olr33...
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
O20 - AppInit_DLLs: C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program Files\PremierOpinion\pmai.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 9530 bytes

Autres pages sur : virus besion aide svp

a b 8 Sécurité
4 Novembre 2008 13:12:41

Un bonjour ? Une écriture correcte ? Une explication correcte ?
7 Novembre 2008 00:05:12

bonjour
jai un probleme

je ne peu plus lancer limewire ni avg antivirus ni microsoft office

donc jai un gros probleme et je te supli de maider svp

si tu connais un logiciel pour que je puis transferer mais doccument sur un cd

et gratuis svp

je pourais formater mon pc
mais si cela peut se reparer

jaimerai mieu
merci
Contenus similaires
a b 8 Sécurité
7 Novembre 2008 18:47:47

Bah les transférer sur une clé USB, mettre sur CD, etc.
8 Novembre 2008 04:15:18

ok merci

la jai un autre probleme jai formater et a chaque
fois que j'ouvre mon pc windows installer essais de s'installer mais sais impossible

voici mon log peux-tu y jeter un tit coup d'oeil svp

ce serais gentil

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:15:07, on 2008-11-07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\regsvr32.exe
C:\Program Files\PremierOpinion\pmropn.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\PremierOpinion\pmropn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\cynthia\Local Settings\Temporary Internet Files\Content.IE5\NZUO2LTW\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: cpmsky browser enhancer - {4FE766C3-4368-B970-5A86-66F80EB57110} - C:\WINDOWS\system32\rogqdgrthkpstoqw.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: mysidesearch search enhancer - {A005C05F-DD18-DD9D-5FCC-391EECF210D2} - C:\WINDOWS\system32\vvqujnsfbvaozrl.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [diqzyercvahvtoc] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\rogqdgrthkpstoqw.dll"
O4 - HKLM\..\Run: [PremierOpinion] C:\Program Files\PremierOpinion\pmropn.exe -boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O20 - AppInit_DLLs: C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program,Files\PremierOpinion\pmai.dll,C:\Program Files\PremierOpinion\pmai.dll
O20 - Winlogon Notify: PremierOpinion - C:\Program Files\PremierOpinion\pmls.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 11214 bytes
a b 8 Sécurité
8 Novembre 2008 13:56:59

Formater c'est pire...

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    8 Novembre 2008 17:13:38

    re bonjour

    voici le log et merci encore de m'aider

    ComboFix 08-11-07.01 - cynthia 2008-11-08 11:01:51.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.657 [GMT -5:00]
    Lancé depuis: c:\documents and settings\cynthia\Bureau\ComboFix.exe
    * Un nouveau point de restauration a été créé

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\docume~1\cynthia\LOCALS~1\Temp\gewhk1
    c:\windows\system32\_000006_.tmp.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-08 au 2008-11-08 ))))))))))))))))))))))))))))))))))))
    .

    2008-11-07 23:54 . 2008-11-07 23:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
    2008-11-07 23:52 . 2008-11-07 23:52 <REP> d-------- c:\program files\Yahoo!
    2008-11-07 23:52 . 2008-11-07 23:52 <REP> d-------- c:\program files\CCleaner
    2008-11-07 23:52 . 2008-11-07 23:52 <REP> d-------- c:\documents and settings\cynthia\Application Data\GlarySoft
    2008-11-07 23:51 . 2008-11-07 23:51 <REP> d-------- c:\program files\Glary Utilities
    2008-11-07 23:51 . 2008-11-07 23:51 <REP> d-------- c:\program files\AskSearch
    2008-11-07 23:51 . 2008-11-07 23:51 <REP> d-------- c:\program files\AskBarDis
    2008-11-07 21:59 . 2005-10-31 10:17 135,168 --a------ c:\windows\system32\RtlCPAPI.dll
    2008-11-07 21:59 . 2008-11-07 21:59 236 --a------ C:\sqmdata06.sqm
    2008-11-07 21:59 . 2008-11-07 21:59 200 --a------ C:\sqmnoopt06.sqm
    2008-11-07 21:58 . 2005-05-03 10:43 69,632 --a------ c:\windows\Alcmtr.exe
    2008-11-07 19:55 . 2008-11-07 19:55 <REP> d-------- c:\documents and settings\bryan\Application Data\Windows Search
    2008-11-07 19:55 . 2008-11-07 19:55 <REP> d-------- c:\documents and settings\bryan\Application Data\Windows Desktop Search
    2008-11-07 19:50 . 2008-11-07 21:04 <REP> d-------- c:\program files\PremierOpinion
    2008-11-07 19:49 . 2008-11-07 19:49 <REP> d-------- c:\documents and settings\cynthia\Application Data\Windows Search
    2008-11-07 19:49 . 2008-11-07 19:49 102,190 --a------ c:\windows\system32\cont_adzgalore-remove.exe
    2008-11-07 19:49 . 2008-11-07 22:35 96,093 --a------ c:\windows\system32\vvqujnsfbvaozrl.dll-uninst.exe
    2008-11-07 19:49 . 2008-11-07 22:35 77,913 --a------ c:\windows\system32\mlxwgilyvnxcpy.exe
    2008-11-07 19:44 . 2008-11-07 19:44 <REP> d-------- c:\windows\system32\GroupPolicy
    2008-11-07 19:44 . 2008-11-08 10:37 <REP> d-------- c:\program files\Windows Desktop Search
    2008-11-07 19:44 . 2008-03-07 12:02 192,000 -----c--- c:\windows\system32\dllcache\offfilt.dll
    2008-11-07 19:44 . 2008-03-07 12:02 98,304 -----c--- c:\windows\system32\dllcache\nlhtml.dll
    2008-11-07 19:44 . 2008-03-07 12:02 29,696 -----c--- c:\windows\system32\dllcache\mimefilt.dll
    2008-11-07 19:43 . 2008-11-07 19:43 <REP> d-------- c:\program files\Windows Media Connect 2
    2008-11-07 19:42 . 2008-11-07 19:42 <REP> d-------- c:\windows\system32\LogFiles
    2008-11-07 19:42 . 2008-11-07 19:43 <REP> d-------- c:\windows\system32\drivers\UMDF
    2008-11-07 16:45 . 2008-11-07 16:45 236 --a------ C:\sqmdata05.sqm
    2008-11-07 16:45 . 2008-11-07 16:45 200 --a------ C:\sqmnoopt05.sqm
    2008-11-07 15:51 . 2008-11-07 15:51 <REP> d-------- c:\documents and settings\bryan\Application Data\Symantec
    2008-11-07 15:49 . 2006-08-23 09:52 <REP> d--h----- c:\documents and settings\bryan\Voisinage réseau
    2008-11-07 15:49 . 2006-08-23 09:52 <REP> d--h----- c:\documents and settings\bryan\Voisinage d'impression
    2008-11-07 15:49 . 2008-11-06 21:53 <REP> d--h----- c:\documents and settings\bryan\Modèles
    2008-11-07 15:49 . 2008-11-07 15:50 <REP> dr------- c:\documents and settings\bryan\Mes documents
    2008-11-07 15:49 . 2008-11-06 21:53 <REP> dr------- c:\documents and settings\bryan\Menu Démarrer
    2008-11-07 15:49 . 2008-11-07 15:50 <REP> dr------- c:\documents and settings\bryan\Favoris
    2008-11-07 15:49 . 2008-11-07 21:02 <REP> d-------- c:\documents and settings\bryan\Bureau
    2008-11-07 15:49 . 2008-11-07 15:49 <REP> d-------- c:\documents and settings\bryan
    2008-11-06 23:01 . 2008-11-06 23:01 <REP> d-------- c:\documents and settings\All Users\Application Data\Kodak
    2008-11-06 22:56 . 2008-11-06 22:56 236 --a------ C:\sqmdata04.sqm
    2008-11-06 22:56 . 2008-11-06 22:56 200 --a------ C:\sqmnoopt04.sqm
    2008-11-06 22:49 . 2008-11-06 22:49 <REP> d-------- c:\windows\system32\fr
    2008-11-06 22:49 . 2008-11-06 22:49 <REP> d-------- c:\windows\system32\bits
    2008-11-06 22:49 . 2008-11-06 22:49 <REP> d-------- c:\windows\l2schemas
    2008-11-06 22:46 . 2008-11-06 22:46 <REP> d-------- c:\windows\ServicePackFiles
    2008-11-06 22:35 . 2008-11-06 22:35 <REP> d-------- c:\program files\LimeWire
    2008-11-06 22:35 . 2008-11-07 19:52 <REP> d-------- c:\documents and settings\cynthia\Application Data\LimeWire
    2008-11-06 22:27 . 2008-11-06 22:27 0 --a------ c:\windows\nsreg.dat
    2008-11-06 22:25 . 2008-11-06 22:26 <REP> d-------- c:\temp\google
    2008-11-06 22:25 . 2008-11-06 22:25 <REP> d-------- C:\temp
    2008-11-06 21:18 . 2008-11-06 21:19 <REP> d-------- c:\program files\Windows Live Safety Center
    2008-11-06 21:14 . 2008-11-06 21:14 236 --a------ C:\sqmdata03.sqm
    2008-11-06 21:14 . 2008-11-06 21:14 200 --a------ C:\sqmnoopt03.sqm
    2008-11-06 21:11 . 2008-11-07 22:41 <REP> d-------- c:\program files\Google
    2008-11-06 21:00 . 2008-11-06 21:00 236 --a------ C:\sqmdata02.sqm
    2008-11-06 21:00 . 2008-11-06 21:00 200 --a------ C:\sqmnoopt02.sqm
    2008-11-06 20:58 . 2008-11-06 20:58 <REP> d-------- c:\program files\FrostWire
    2008-11-06 20:58 . 2008-11-06 22:52 <REP> d-------- c:\documents and settings\cynthia\Application Data\FrostWire
    2008-11-06 20:51 . 2008-11-06 20:51 236 --a------ C:\sqmdata01.sqm
    2008-11-06 20:51 . 2008-11-06 20:51 200 --a------ C:\sqmnoopt01.sqm
    2008-11-06 20:49 . 2008-11-06 20:49 <REP> d-------- C:\Programme d'installation d'Adobe Reader 9
    2008-11-06 20:48 . 2008-11-06 20:48 <REP> d-------- c:\program files\Fichiers communs\Adobe
    2008-11-06 20:42 . 2005-06-28 20:49 74,240 --a------ c:\windows\system32\SET3B4.tmp
    2008-11-06 20:41 . 2005-05-26 21:08 546,304 --a------ c:\windows\system32\SET3A1.tmp
    2008-11-06 20:38 . 2008-11-06 20:38 <REP> d-------- c:\program files\Fichiers communs\Adobe AIR
    2008-11-06 20:38 . 2006-10-09 23:12 230,400 --------- c:\windows\system32\SET23D.tmp
    2008-11-06 20:38 . 2006-03-23 23:37 49,152 --------- c:\windows\system32\SET233.tmp
    2008-11-06 20:38 . 2006-06-02 14:32 33,792 -----c--- c:\windows\system32\dllcache\SET23E.tmp
    2008-11-06 20:36 . 2008-11-06 20:36 <REP> d-------- c:\program files\Sun
    2008-11-06 20:36 . 2005-08-29 23:16 1,293,824 --a------ c:\windows\system32\SET214.tmp
    2008-11-06 20:36 . 2005-07-25 23:39 243,200 --a------ c:\windows\system32\SET21E.tmp
    2008-11-06 20:36 . 2008-06-10 02:32 73,728 --a------ c:\windows\system32\javacpl.cpl
    2008-11-06 20:35 . 2008-11-06 20:46 <REP> d-------- c:\program files\NOS
    2008-11-06 20:35 . 2008-11-06 20:46 <REP> d-------- c:\documents and settings\All Users\Application Data\NOS
    2008-11-06 20:32 . 2008-04-13 21:33 1,888,992 --------- c:\windows\system32\ati3duag.dll
    2008-11-06 20:31 . 2008-11-06 20:31 <REP> d-------- c:\documents and settings\cynthia\Application Data\AdobeUM
    2008-11-06 20:31 . 2004-08-10 15:00 332,288 --a------ c:\windows\system32\SET11D.tmp
    2008-11-06 20:26 . 2008-11-08 10:46 <REP> d-------- c:\documents and settings\cynthia\Tracing
    2008-11-06 20:20 . 2008-11-07 22:38 <REP> d-------- c:\windows\system32\fr-fr
    2008-11-06 20:19 . 2008-11-06 20:19 236 --a------ C:\sqmdata00.sqm
    2008-11-06 20:19 . 2008-11-06 20:19 200 --a------ C:\sqmnoopt00.sqm
    2008-11-06 20:15 . 2004-08-10 15:00 49,152 --a------ c:\windows\system32\SETFF.tmp
    2008-11-06 20:15 . 2004-08-10 15:00 28,672 --a--c--- c:\windows\system32\dllcache\SET109.tmp
    2008-11-06 20:15 . 2006-03-29 16:52 25,088 --a------ c:\windows\system32\SET108.tmp
    2008-11-06 20:14 . 2008-11-06 21:12 <REP> d--h----- c:\windows\msdownld.tmp
    2008-11-06 20:14 . 2008-11-06 20:14 <REP> d-------- c:\windows\Logs
    2008-11-06 20:13 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
    2008-11-06 20:13 . 2006-06-02 14:32 33,792 --a--c--- c:\windows\system32\dllcache\SET106.tmp
    2008-11-06 20:12 . 2008-11-06 20:12 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
    2008-11-06 20:11 . 2008-11-06 20:11 <REP> d-------- C:\2fcd2264ba65682e372de6ed0e6dce1c
    2008-11-06 20:10 . 2008-11-06 20:18 <REP> d-------- c:\program files\Windows Live
    2008-11-06 20:10 . 2008-11-06 20:10 <REP> d-------- c:\program files\Microsoft
    2008-11-06 20:05 . 2008-11-06 20:05 <REP> d-------- c:\program files\Fichiers communs\Windows Live
    2008-11-06 20:04 . 2008-08-14 08:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
    2008-11-06 20:04 . 2008-08-14 08:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
    2008-11-06 20:04 . 2008-08-14 08:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
    2008-11-06 20:04 . 2008-08-14 08:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
    2008-11-06 20:04 . 2008-09-15 10:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
    2008-11-06 20:04 . 2007-04-02 00:59 546,304 --a------ c:\windows\system32\SET39E.tmp
    2008-11-06 20:04 . 2008-06-14 12:33 272,768 --------- c:\windows\system32\drivers\bthport.sys
    2008-11-06 20:04 . 2008-06-14 12:33 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
    2008-11-06 20:04 . 2008-08-14 05:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys
    2008-11-06 20:04 . 2006-03-20 22:23 23,040 --------- c:\windows\kb913800.exe
    2008-11-06 20:02 . 2007-12-18 09:41 450,560 --------- c:\windows\system32\SETA7.tmp
    2008-11-06 20:02 . 2007-12-18 09:41 417,792 --------- c:\windows\system32\SETA6.tmp
    2008-11-06 19:59 . 2008-04-11 14:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
    2008-11-06 19:59 . 2008-10-15 11:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
    2008-11-06 19:59 . 2008-09-08 05:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
    2008-11-06 19:59 . 2008-10-15 11:59 332,800 --a------ c:\windows\system32\SET118.tmp
    2008-11-06 19:55 . 2008-10-07 13:33 201,157 --a------ c:\windows\system32\nvapps.nvb
    2008-11-06 19:53 . 2008-11-06 19:53 <REP> d---s---- c:\documents and settings\cynthia\UserData
    2008-11-06 19:46 . 2008-11-06 19:46 <REP> d-------- c:\documents and settings\cynthia\Application Data\Symantec
    2008-11-06 19:27 . 2006-06-01 20:47 1,168,896 --a------ c:\windows\system32\ERUpdateHidden.EXE
    2008-11-06 19:27 . 2006-03-23 12:02 258,048 --a------ c:\windows\system32\Uninstall_eRecovery.exe
    2008-11-06 19:27 . 2006-03-30 13:06 258,048 --a------ c:\windows\system32\CheckD2DSystem.exe
    2008-11-06 19:27 . 2004-11-03 09:06 159,744 --a------ c:\windows\system32\CloseProcessWindow.dll
    2008-11-06 19:27 . 2004-06-01 14:24 114,688 --a------ c:\windows\PowerOption.exe
    2008-11-06 19:27 . 2005-12-09 09:12 16,384 --a------ c:\windows\system32\ClearEvent.exe
    2008-11-06 19:27 . 2006-02-24 11:28 552 --a------ c:\windows\system32\setup.iss
    2008-11-06 19:27 . 2005-01-26 18:14 294 --a------ c:\windows\PowerOption.ini
    2008-11-06 19:26 . 2008-11-06 19:26 <REP> d-------- c:\windows\Downloaded Installations
    2008-11-06 19:25 . 2008-11-06 19:25 <REP> d-------- C:\Acer
    2008-11-06 19:25 . 2006-05-30 13:38 602,112 --a------ c:\windows\system32\Acer.Empowering.Windows.Forms.dll
    2008-11-06 19:25 . 2006-05-25 18:18 331,776 --a------ c:\windows\system32\ScrollBarLib.dll
    2008-11-06 19:25 . 2006-02-22 11:19 69,632 --a------ c:\windows\system32\eRecUtil.dll
    2008-11-06 19:25 . 2006-05-25 18:18 53,248 --a------ c:\windows\system32\Interop.Shell32.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-11-08 02:58 --------- d-----w c:\program files\Realtek
    2008-11-07 03:00 --------- d-----w c:\program files\Windows Plus
    2008-11-07 03:00 --------- d-----w c:\program files\Services en ligne
    2008-11-07 03:00 --------- d-----w c:\program files\Oca History Tool
    2008-11-07 02:59 --------- d-----w c:\program files\NewTech Infosystems
    2008-11-07 02:59 --------- d-----w c:\program files\microsoft frontpage
    2008-11-07 02:59 --------- d-----w c:\program files\GemMasterFrench
    2008-11-07 02:59 --------- d-----w c:\program files\FrenchOtto
    2008-11-07 02:59 --------- d-----w c:\program files\Fichiers communs\NewTech Infosystems
    2008-11-07 02:59 --------- d-----w c:\program files\Fichiers communs\muvee Technologies
    2008-11-07 02:59 --------- d-----w c:\program files\Fichiers communs\LightScribe
    2008-11-07 02:59 --------- d-----w c:\program files\Fichiers communs\InstallShield
    2008-11-07 02:58 --------- d-----w c:\program files\DIFX
    2008-11-07 02:58 --------- d-----w c:\program files\CyberLink
    2008-11-07 02:58 --------- d-----w c:\program files\commercial
    2008-11-07 02:58 --------- d-----w c:\program files\Acer WLAN 11g USB Dongle
    2008-11-07 00:26 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-10-07 18:33 6,133,856 ----a-w c:\windows\system32\drivers\nv4_mini.sys
    2008-09-08 10:41 333,824 ----a-w c:\windows\system32\drivers\srv.sys
    2008-09-05 21:04 288,768 ----a-w c:\windows\WLXPGSS.SCR
    2007-09-26 23:31 2,532,922 ----a-w c:\windows\inf\SET1D2.tmp
    2007-09-26 23:31 2,532,922 ------w c:\windows\inf\SET2CF.tmp
    2004-08-10 20:00 1,568,358 ----a-w c:\windows\inf\SET342.tmp
    2004-08-10 20:00 1,568,358 ----a-w c:\windows\inf\SET246.tmp
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    2008-07-17 17:20 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4FE766C3-4368-B970-5A86-66F80EB57110}]
    2008-11-01 03:22 178176 --a------ c:\windows\system32\rogqdgrthkpstoqw.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A005C05F-DD18-DD9D-5FCC-391EECF210D2}]
    2008-11-03 08:07 600576 --a------ c:\windows\system32\vvqujnsfbvaozrl.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-09-09 3513344]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-06 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" [X]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
    "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
    "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 44032]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-09-16 52848]
    "Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-04-18 49152]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "PremierOpinion"="c:\program files\PremierOpinion\pmropn.exe" [2008-11-07 1664000]
    "diqzyercvahvtoc"="c:\windows\system32\rogqdgrthkpstoqw.dll" [2008-11-01 178176]
    "nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
    "RTHDCPL"="RTHDCPL.EXE" [2006-06-01 c:\windows\RTHDCPL.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2008-11-06 45056]
    Acer WLAN 11g USB Dongle.lnk - c:\program files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= c:\windows\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= c:\windows\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PremierOpinion]
    2008-11-07 19:56 348160 c:\program files\PremierOpinion\pmls.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\program files\\premieropinion\\pmropn.exe"=

    R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-09-04 56344]
    S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-09-04 512536]
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);c:\windows\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
    .
    Contenu du dossier 'Tâches planifiées'

    2008-11-08 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files\Glary Utilities\initialize.exe [2008-10-29 17:58]

    2008-11-08 c:\windows\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - cynthia.job
    - c:\progra~1\NORTON~1\Navw32.exe [2007-05-28 12:00]
    .
    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - c:\documents and settings\cynthia\Application Data\Mozilla\Firefox\Profiles\9cu9gufx.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF -: plugin - c:\program files\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-08 11:06:20
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\program files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    c:\program files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\program files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\program files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    c:\acer\Empowering Technology\ePerformance\MemCheck.exe
    c:\windows\ehome\ehrecvr.exe
    c:\windows\ehome\ehSched.exe
    c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
    c:\program files\Norton AntiVirus\IWP\NPFMNTOR.EXE
    c:\windows\system32\nvsvc32.exe
    c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    c:\windows\ehome\mcrdsvc.exe
    c:\windows\system32\dllhost.exe
    c:\windows\ehome\ehmsas.exe
    c:\windows\system32\rundll32.exe
    c:\windows\system32\regsvr32.exe
    c:\program files\Internet Explorer\iexplore.exe
    c:\program files\Messenger\msmsgs.exe
    c:\program files\Windows Live\Toolbar\wltuser.exe
    c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    c:\program files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    .
    **************************************************************************
    .
    Heure de fin: 2008-11-08 11:08:40 - La machine a redémarré
    ComboFix-quarantined-files.txt 2008-11-08 16:08:35

    Avant-CF: 225 229 402 112 octets libres
    Après-CF: 225,222,565,888 octets libres

    287 --- E O F --- 2008-11-08 15:41:02
    a b 8 Sécurité
    8 Novembre 2008 18:12:24

    Re,

    Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    8 Novembre 2008 22:01:04

    voici le rapport et encore merci



    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : cynthia ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton AntiVirus 2006 2005 (Activated)
    Firewall : Norton Internet Worm Protection 2006 (Activated)
    C:\ (Local Disk) - NTFS - Total:223 Go (Free:209 Go)
    D:\ (Local Disk) - NTFS - Total:9 Go (Free:8 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [1] ( 2008-11-08|15:59 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\AskBarDis
    C:\Program Files\AskBarDis\bar
    C:\Program Files\AskBarDis\unins000.dat
    C:\Program Files\AskBarDis\unins000.exe

    -----------\\ Extensions

    (All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (cynthia) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://google.ca/"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - 2008-11-08|16:00 - Option : [1]

    -----------\\ Fin du rapport a 16:00:27,90

    a b 8 Sécurité
    9 Novembre 2008 14:40:50

    Re,

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    10 Novembre 2008 03:14:35


    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : cynthia leclerc ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton AntiVirus 2006 2005 (Activated)
    Firewall : Norton Internet Worm Protection 2006 (Activated)
    C:\ (Local Disk) - NTFS - Total:223 Go (Free:211 Go)
    D:\ (Local Disk) - NTFS - Total:9 Go (Free:8 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [2] ( 2008-11-09|21:12 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\AskBarDis\bar
    Supprime! - C:\Program Files\AskBarDis\unins000.dat
    Supprime! - C:\Program Files\AskBarDis\unins000.exe
    Supprime! - C:\Program Files\AskBarDis

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (cynthia leclerc) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://google.ca/"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - 2008-11-09|21:11 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 2008-11-09|21:13 - Option : [2]

    -----------\\ Fin du rapport a 21:13:11,93

    a b 8 Sécurité
    10 Novembre 2008 17:21:26

    Reposte un rapport Hijackthis.
    11 Novembre 2008 01:03:45

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:03:35, on 2008-11-10
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\cynthia leclerc\Local Settings\Temporary Internet Files\Content.IE5\T2LVCEJW\HiJackThis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
    O4 - HKLM\..\Run: [ZNsoft Optimizer Xp] C:\Program Files\ZNsoft Corporation\ZNsoft Optimizer Xp\ZNsoft Xp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

    --
    End of file - 9263 bytes
    a b 8 Sécurité
    11 Novembre 2008 13:39:05

    C'est mieux ?
    13 Novembre 2008 04:28:11

    oui pas mal mieu merci

    t le meillieur

    compt sur moi pour une donnation

    ce site est super
    a b 8 Sécurité
    13 Novembre 2008 19:07:59

    Bon surf ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS