Se connecter / S'enregistrer
Votre question

Problème analyse Hijackthis !! Help !!

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Octobre 2008 12:30:35

Bonjour à tous,

Au démarrage de mon pc j'obtient deux messages d'erreurs !

- Erreur de chargement de winwrb32.rom : Module spécifié introuvable

- Erreur de chargement de C:\users\JB\AppData\local\Temp\xxywUkJA.dll : module spécifié introuvable

J'ai donc décidé de m'aider d'HiJackThis pour y remédier mais pdt l'analyse j'obtiens un premier message d'erreur me disant qu'il est impossible au programme d'écrire ds le fichier Hosts. Je suis la procédure dictée ds le message : Je vais de le fichier hosts et supprime ces deux lignes :

127.0.0.1 www.hijack-this.net
127.0.0.1 hijack-this.net

Une fois supprimées, il m'est impossible d'enregistrer le fichier car même en cliquant sur l'ancien fichier et que j'accepte de le remplacer une boîte de dialogue me dit que le nom et le chemin d'accès sont incorrects.

Je ne peux donc pas faire cette modif. En continuant tout de même l'analyse de HiJackThis une 2eme message d'erreur apparait en me disant :

-An unexpected error has occured at procedure
modMain_Checkotheritem()
Error#75 - Path/File access error

et qu'il faut que je contact qql.

En continuant tout de même le test j'obtient ce rapport :

Logfile of HijackThis v1.99.1
Scan saved at 11:19:35, on 05/10/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\hijackthis\HijackThis.exe
C:\Windows\System32\mspaint.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [AveoKeySti] "C:\Program Files\\AVEO\AVEO_UVC_FILTER_DRIVER_KIT\AveoSTI.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winwrb32.rom,busRun
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\JB\AppData\Local\Temp\xxywUkJA.dll,#1
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: aveosti.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstal...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Je ne sais pas quoi faire, je m'en remets donc à vous

Merci de votre aide


Autres pages sur : probleme analyse hijackthis help

5 Octobre 2008 14:04:01

:hello:  Bonjour,

Tu as quoi comme windows ?

Tu as utilisé une mauvaise version d'hijackthis. Désinstalle-la.

Télécharge et installe la celle que je t'ai donnée dans mon lien ( à lire ! ).

Une fois cela fait, poste-moi un nouveau rapport fait avec la version que je t'ai donnée.

;) 
5 Octobre 2008 14:11:24

Salut,

Tout d'abord je tiens à te remercie de m'aider.

J'ai windows Vista.
Excuse moi mais je ne vois de quel lien tu parles où je pourrais télécharger une autre version de hijackthis
Contenus similaires
5 Octobre 2008 14:17:22

Re,

Bizarre, mon message est mal passé, voilà le lien :

Télécharge et installe celle du lien ci-dessous :
Hijackthis << clique dessus ;) 
Une fois cela fait, poste-moi un nouveau rapport fait avec la version que je t'ai donnée.

;) 
5 Octobre 2008 14:20:11

J'ai installé la nouvelle version et voila le rapport que j'obtiens :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:18:59, on 05/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [AveoKeySti] "C:\Program Files\\AVEO\AVEO_UVC_FILTER_DRIVER_KIT\AveoSTI.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winwrb32.rom,busRun
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\JB\AppData\Local\Temp\xxywUkJA.dll,#1
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: aveosti.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstal...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 7172 bytes
5 Octobre 2008 14:24:22

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    2) Télécharge [#f0000e]random's system information tool (RSIT)
    par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

    ;) 
    5 Octobre 2008 17:01:42

    Salut,
    J'ai fais la premiere manip que tu m'as dite avec Malwarebytes' Anti-Malware.

    Après avoir supprimé les éléments mon problème de messages d'erreurs au démarrage est parti. Merci de ton aide. je te transmet le rapport pour que tu vérifies si tout est bien parti :

    Malwarebytes' Anti-Malware 1.28
    Version de la base de données: 1229
    Windows 6.0.6001 Service Pack 1

    05/10/2008 16:43:50
    mbam-log-2008-10-05 (16-43-50).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 106352
    Temps écoulé: 14 minute(s), 46 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 4

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{a982037a-5fa0-44bd-8bb8-bce93ebbdfe8} (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSSMSGS (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Program Files\InstallShield Installation Information\{23F76BD5-9DD6-4121-900B-FBBDF81DC74A}\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\Users\JB\eMule\emule.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
    C:\Users\JB\eMule\LinkCreator.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
    5 Octobre 2008 17:06:52

    est-ce nécessaire que je télécharge random's system information tool (RSIT) ?
    5 Octobre 2008 18:30:46

    Re,

    Citation :
    est-ce nécessaire que je télécharge random's system information tool (RSIT) ?


    Ben tu veux nettoyer ton PC ? :sarcastic: 
    5 Octobre 2008 18:43:27

    Voici le 1er rapport :
    info.txt logfile of random's system information tool 1.04 2008-10-05 18:42:11

    ======Uninstall list======

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x40c -removeonly
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AveoCap-->C:\Program Files\InstallShield Installation Information\{23F76BD5-9DD6-4121-900B-FBBDF81DC74A}\setup.exe -runfromtemp -l0x0009 -removeonly
    Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
    Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10
    Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30
    eMule-->"C:\Users\JB\eMule\Uninstall.exe"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    K-Lite Codec Pack 4.1.4 (Full)-->"D:\K-Lite Codec Pack\unins000.exe"
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    Power2Go 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
    Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
    Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    System Control Manager-->C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
    Unreal Tournament G.O.T.Y. Edition-->C:\UnrealTournament\System\Setup.exe uninstall "UnrealTournament"
    Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: avast! antivirus 4.8.1229 [VPS 081004-0]
    AS: Windows Defender (disabled) (outdated)
    AS: avast! antivirus 4.8.1229 [VPS 081004-0]

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
    "PROCESSOR_REVISION"=0f0b
    "NUMBER_OF_PROCESSORS"=2
    "configsetroot"=%SystemRoot%\ConfigSetRoot

    -----------------EOF-----------------
    5 Octobre 2008 18:44:03

    Et le 2eme :

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by JB at 2008-10-05 18:42:04
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 11 GB (31%) free of 35 GB
    Total RAM: 3069 MB (54% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:42:09, on 05/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\System Control Manager\MGSysCtrl.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\JB\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\JB.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
    O4 - HKLM\..\Run: [AveoKeySti] "C:\Program Files\\AVEO\AVEO_UVC_FILTER_DRIVER_KIT\AveoSTI.exe"
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: aveosti.exe.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstal...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

    --
    End of file - 6985 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-09 4702208]
    "MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2007-09-07 561152]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "WinampAgent"=C:\Program Files\Winamp3\winampa.exe []
    "AveoKeySti"=C:\Program Files\\AVEO\AVEO_UVC_FILTER_DRIVER_KIT\AveoSTI.exe []
    "Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-09 13535776]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-09 92704]
    "nwiz"=nwiz.exe /install []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
    "WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-19 2153472]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "Steam"=C:\Program Files\Steam\Steam.exe [2008-07-31 1271032]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    aveosti.exe.lnk - C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10eed37f-76a6-11dd-96ee-001d92504c60}]
    shell\AutoRun\command - G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\explore\command - G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\Open\command - G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23eb2087-59c0-11dd-9111-001d92504c60}]
    shell\AutoRun\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\explore\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\Open\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{637d96fb-5e1e-11dd-949d-001d92504c60}]
    shell\AutoRun\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\explore\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\Open\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e83762a9-598d-11dd-b6b3-001d92504c60}]
    shell\AutoRun\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\explore\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    shell\Open\command - F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8376580-598d-11dd-b6b3-001d92504c60}]
    shell\AutoRun\command - F:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2008-10-05 18:42:04 ----D---- C:\rsit
    2008-10-05 14:34:23 ----A---- C:\Windows\ntbtlog.txt
    2008-10-05 14:30:33 ----D---- C:\Users\JB\AppData\Roaming\Malwarebytes
    2008-10-05 14:30:31 ----D---- C:\ProgramData\Malwarebytes
    2008-10-05 14:30:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-05 14:18:45 ----D---- C:\Program Files\Trend Micro
    2008-10-03 13:44:39 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2008-10-03 13:44:39 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-03 11:32:29 ----D---- C:\Program Files\Panda Security
    2008-09-30 20:45:50 ----A---- C:\ProgramData\BMff76aea1.txt
    2008-09-30 17:42:25 ----D---- C:\ProgramData\mnixivot
    2008-09-30 17:42:21 ----D---- C:\ProgramData\hopknkbc
    2008-09-30 17:42:18 ----D---- C:\ProgramData\ProcSet
    2008-09-20 18:27:34 ----D---- C:\Users\JB\AppData\Roaming\skypePM
    2008-09-20 18:23:48 ----D---- C:\Users\JB\AppData\Roaming\Skype
    2008-09-20 18:23:34 ----D---- C:\Program Files\Skype
    2008-09-20 18:23:34 ----D---- C:\Program Files\Common Files\Skype
    2008-09-20 18:23:30 ----D---- C:\ProgramData\Skype
    2008-09-10 20:09:51 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-09-10 20:09:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-09-10 11:47:44 ----A---- C:\Windows\system32\emdmgmt.dll
    2008-09-10 11:47:43 ----A---- C:\Windows\system32\dataclen.dll
    2008-09-10 11:47:43 ----A---- C:\Windows\system32\cdd.dll
    2008-09-10 11:27:02 ----A---- C:\Windows\system32\wmpeffects.dll

    ======List of files/folders modified in the last 1 months======

    2008-10-05 18:42:09 ----D---- C:\Windows\Prefetch
    2008-10-05 18:42:07 ----D---- C:\Windows\Temp
    2008-10-05 16:51:42 ----D---- C:\Windows\System32
    2008-10-05 16:51:42 ----D---- C:\Windows\inf
    2008-10-05 16:51:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-10-05 16:45:28 ----D---- C:\Program Files\Common Files\Steam
    2008-10-05 16:45:18 ----D---- C:\Program Files\Steam
    2008-10-05 14:34:23 ----D---- C:\Windows
    2008-10-05 14:30:32 ----D---- C:\Windows\system32\drivers
    2008-10-05 14:30:31 ----HD---- C:\ProgramData
    2008-10-05 14:30:30 ----RD---- C:\Program Files
    2008-10-05 11:57:04 ----SHD---- C:\System Volume Information
    2008-10-03 11:39:29 ----D---- C:\Windows\system32\Msdtc
    2008-10-03 11:39:26 ----D---- C:\Windows\system32\wbem
    2008-10-03 11:38:39 ----D---- C:\Windows\system32\config
    2008-10-03 11:38:29 ----D---- C:\Windows\Tasks
    2008-10-03 11:38:29 ----D---- C:\Windows\system32\spool
    2008-10-03 11:38:29 ----D---- C:\Windows\system32\CodeIntegrity
    2008-10-03 11:38:29 ----D---- C:\Windows\system32\catroot2
    2008-10-03 11:38:28 ----D---- C:\Windows\registration
    2008-10-03 11:32:14 ----SD---- C:\Windows\Downloaded Program Files
    2008-10-03 11:11:16 ----A---- C:\deviceInfo.txt
    2008-09-20 18:23:42 ----SHD---- C:\Windows\Installer
    2008-09-20 18:23:34 ----D---- C:\Program Files\Common Files
    2008-09-11 08:06:56 ----D---- C:\Windows\winsxs
    2008-09-11 07:55:24 ----D---- C:\Windows\AppPatch
    2008-09-11 07:38:46 ----D---- C:\ProgramData\Microsoft Help
    2008-09-11 07:38:00 ----D---- C:\Windows\system32\catroot

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
    R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
    R3 AgereSoftModem;Modem Soft Agere Systems; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
    R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-10 1941848]
    R3 MGHwCtrl;MGHwCtrl; \??\C:\Windows\system32\drivers\MGHwCtrl.sys [2006-12-22 19456]
    R3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-09 6942944]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-06-25 84480]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
    R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
    S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
    S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
    S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
    S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
    S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
    R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2007-08-23 61440]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-09 122880]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-10-05 87288]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    5 Octobre 2008 19:17:27

    Re,

    Assure-toi d'avoir bien branché tes supports amovibles avant de faire la manip' ci-dessous, notamment G:\ et F:\ !

    1) Désactive les protections résidentes d'Avast! et de Windows Defender.

    2) Désinstalle via Ajout/Suppression de Programmes (si présents) :

  • eMule

    Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.
    Plus d'informations disponibles en cliquant sur le lien suivant : Cracks / P2P

    3) On va maintenant devoir modifier le registre. Modifier le registre peut se révéler être très dangereux, c'est pourquoi nous allons créer une sauvegarde du registre avant d'effectuer nos modifications. Ainsi, en cas de souci, il n'y aura qu'à restaurer.

    Merci de procéder EXACTEMENT comme décrit ci-dessous :

    Télécharge ERUNT
    ( ERUNT = Emergency Recovery Utility NT, c'est un programme gratuit qui te permet de conserver une sauvegarde complète de ta base de registre et de la restaurer quand cela s'avère nécessaire )

  • Installe ERUNT en suivant les instructions suivantes
    ( suis les directives d'installation par défaut, mais dis non quand on te demande d'ajouter ERUNT au startup folder ( dossier start up ), d'autant plus que si tu le souhaites tu pourras ajouter cette option ultérieurement )
  • Lance ERUNT ( soit en double-cliquant sur l'icône présente sur ton bureau soit en choisissant de lancer le programme en fin d'installation )
  • Choisis un emplacement pour la sauvegarde ( l'emplacement par défaut est : C:\WINDOWS\ERDNT ce qui est acceptable ).
  • Assure-toi que les deux premières cases suivantes soient bien cochées !!!
  • Clique sur OK
  • Clique sur YES pour créer le dossier de sauvegarde.


    4) Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10eed37f-76a6-11dd-96ee-001d92504c60}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23eb2087-59c0-11dd-9111-001d92504c60}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{637d96fb-5e1e-11dd-949d-001d92504c60}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e83762a9-598d-11dd-b6b3-001d92504c60}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8376580-598d-11dd-b6b3-001d92504c60}]

    :files
    G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
    C:\ProgramData\BMff76aea1.txt
    C:\ProgramData\mnixivot
    C:\ProgramData\hopknkbc
    C:\ProgramData\ProcSet

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    Et poste-moi [#e2001c]un nouveau rapport RSIT
    dans ta prochaine réponse.

    ;) 
    5 Octobre 2008 19:47:34

    Voila le rapport OTMoveit3


    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== REGISTRY ==========
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10eed37f-76a6-11dd-96ee-001d92504c60}\\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23eb2087-59c0-11dd-9111-001d92504c60}\\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{637d96fb-5e1e-11dd-949d-001d92504c60}\\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e83762a9-598d-11dd-b6b3-001d92504c60}\\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8376580-598d-11dd-b6b3-001d92504c60}\\ deleted successfully.
    ========== FILES ==========
    File/Folder G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp not found.
    File/Folder F:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp not found.
    C:\ProgramData\BMff76aea1.txt moved successfully.
    C:\ProgramData\mnixivot moved successfully.
    C:\ProgramData\hopknkbc moved successfully.
    C:\ProgramData\ProcSet moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\Users\JB\AppData\Local\Temp\~DF4311.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.3.1 log created on 10052008_194301
    5 Octobre 2008 19:49:23

    Voila le rapport RSIT

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by JB at 2008-10-05 19:48:06
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 11 GB (33%) free of 35 GB
    Total RAM: 3069 MB (66% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:48:12, on 05/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\System Control Manager\MGSysCtrl.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\JB\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\JB.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
    O4 - HKLM\..\Run: [AveoKeySti] "C:\Program Files\\AVEO\AVEO_UVC_FILTER_DRIVER_KIT\AveoSTI.exe"
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: aveosti.exe.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstal...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

    --
    End of file - 6996 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-09 4702208]
    "MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2007-09-07 561152]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "WinampAgent"=C:\Program Files\Winamp3\winampa.exe []
    "AveoKeySti"=C:\Program Files\\AVEO\AVEO_UVC_FILTER_DRIVER_KIT\AveoSTI.exe []
    "Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-09 13535776]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-09 92704]
    "nwiz"=nwiz.exe /install []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
    "WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-19 2153472]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "Steam"=C:\Program Files\Steam\Steam.exe [2008-07-31 1271032]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    aveosti.exe.lnk - C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2008-10-05 19:43:01 ----D---- C:\_OTMoveIt
    2008-10-05 19:41:01 ----D---- C:\Windows\ERDNT
    2008-10-05 19:40:55 ----D---- C:\Program Files\ERUNT
    2008-10-05 18:42:04 ----D---- C:\rsit
    2008-10-05 14:34:23 ----A---- C:\Windows\ntbtlog.txt
    2008-10-05 14:30:33 ----D---- C:\Users\JB\AppData\Roaming\Malwarebytes
    2008-10-05 14:30:31 ----D---- C:\ProgramData\Malwarebytes
    2008-10-05 14:30:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-05 14:18:45 ----D---- C:\Program Files\Trend Micro
    2008-10-03 13:44:39 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2008-10-03 13:44:39 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-03 11:32:29 ----D---- C:\Program Files\Panda Security
    2008-09-20 18:27:34 ----D---- C:\Users\JB\AppData\Roaming\skypePM
    2008-09-20 18:23:48 ----D---- C:\Users\JB\AppData\Roaming\Skype
    2008-09-20 18:23:34 ----D---- C:\Program Files\Skype
    2008-09-20 18:23:34 ----D---- C:\Program Files\Common Files\Skype
    2008-09-20 18:23:30 ----D---- C:\ProgramData\Skype
    2008-09-10 20:09:51 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-09-10 20:09:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-09-10 11:47:44 ----A---- C:\Windows\system32\emdmgmt.dll
    2008-09-10 11:47:43 ----A---- C:\Windows\system32\dataclen.dll
    2008-09-10 11:47:43 ----A---- C:\Windows\system32\cdd.dll
    2008-09-10 11:27:02 ----A---- C:\Windows\system32\wmpeffects.dll

    ======List of files/folders modified in the last 1 months======

    2008-10-05 19:48:11 ----D---- C:\Windows\Temp
    2008-10-05 19:44:28 ----D---- C:\Program Files\Steam
    2008-10-05 19:43:02 ----HD---- C:\ProgramData
    2008-10-05 19:41:01 ----D---- C:\Windows
    2008-10-05 19:40:55 ----RD---- C:\Program Files
    2008-10-05 19:26:13 ----D---- C:\UnrealTournament
    2008-10-05 19:25:57 ----D---- C:\Windows\Prefetch
    2008-10-05 19:25:55 ----D---- C:\ProgramData\eMule
    2008-10-05 16:51:42 ----D---- C:\Windows\System32
    2008-10-05 16:51:42 ----D---- C:\Windows\inf
    2008-10-05 16:51:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-10-05 16:45:28 ----D---- C:\Program Files\Common Files\Steam
    2008-10-05 14:30:32 ----D---- C:\Windows\system32\drivers
    2008-10-05 11:57:04 ----SHD---- C:\System Volume Information
    2008-10-03 11:39:29 ----D---- C:\Windows\system32\Msdtc
    2008-10-03 11:39:26 ----D---- C:\Windows\system32\wbem
    2008-10-03 11:38:39 ----D---- C:\Windows\system32\config
    2008-10-03 11:38:29 ----D---- C:\Windows\Tasks
    2008-10-03 11:38:29 ----D---- C:\Windows\system32\spool
    2008-10-03 11:38:29 ----D---- C:\Windows\system32\CodeIntegrity
    2008-10-03 11:38:29 ----D---- C:\Windows\system32\catroot2
    2008-10-03 11:38:28 ----D---- C:\Windows\registration
    2008-10-03 11:32:14 ----SD---- C:\Windows\Downloaded Program Files
    2008-10-03 11:11:16 ----A---- C:\deviceInfo.txt
    2008-09-20 18:23:42 ----SHD---- C:\Windows\Installer
    2008-09-20 18:23:34 ----D---- C:\Program Files\Common Files
    2008-09-11 08:06:56 ----D---- C:\Windows\winsxs
    2008-09-11 07:55:24 ----D---- C:\Windows\AppPatch
    2008-09-11 07:38:46 ----D---- C:\ProgramData\Microsoft Help
    2008-09-11 07:38:00 ----D---- C:\Windows\system32\catroot

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
    R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
    R3 AgereSoftModem;Modem Soft Agere Systems; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
    R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-10 1941848]
    R3 MGHwCtrl;MGHwCtrl; \??\C:\Windows\system32\drivers\MGHwCtrl.sys [2006-12-22 19456]
    R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-09 6942944]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-06-25 84480]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
    R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
    S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
    S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
    S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
    S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
    S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
    R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2007-08-23 61440]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-09 122880]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
    S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
    S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-10-05 87288]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    5 Octobre 2008 21:10:23

    Re,

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.

    Comment va le PC ? Toujours des problèmes ?

    ;) 
    5 Octobre 2008 22:46:05

    Re,

    Je suis en train de faire l'analyse anti-virus mais en tout cas le pc va super bien, plus de pbs. Je tiens à te remercier du tps que tu m'as consacré. Par ailleurs, est-ce que ca seré possible que tu m'indiques des sites pour comprendre comment interpréter les différents rapports obtenus pour que la prochaine fois je sois autonome ?

    Merci encore

    6 Octobre 2008 15:34:41

    Bonjour,

    J'attends le rapport de Kaspersky Online et je répondrai à toutes tes questions après.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS