Votre question

Mon PC est tres lent ! A l'aide !

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Août 2008 14:55:21

Bonjour,
mon PC est tres tres lent et l'ouverture d'internet encore pire !!
Voici mon rapport hijackthis (Merci de votre aide) :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:43:15, on 08/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Messenger\msmsgs.exe

O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

--
End of file - 3906 bytes

Autres pages sur : tres lent aide

8 Août 2008 15:54:03

Voici un rapport plus complet de HijackThis !
Milles excuses
Merci d'avance de votre aide :

Logfile of HijackThis v1.99.1
Scan saved at 15:47:52, on 08/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ARNAUD\LOCALS~1\Temp\Rar$EX01.672\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/Fnacmu...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-downloa...
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://orange.securitoo.com/pchc/fscax.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

8 Août 2008 20:53:21

Voici le résutat du scan nanoscan panda :
Merci de m'aider !!!! :hello: 
Contenus similaires
9 Août 2008 07:42:59

voici le scan .En plus je n'arrive pas à désinstaller norton 2005 qui apparait tjs à l'ouverture de ma session et je suis infecté de page de pub + d'alerte securité et de'attaque spyware

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-08-08 18:51:21
PROTECTIONS: 3
MALWARE: 5
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Norton Antivirus 2005 11.0.8 No Yes
F-Secure Antivirus 6.11 No No
F-Secure Internet Security 5.91 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\ROXANE\Cookies\roxane@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\ARNAUD\Cookies\arnaud@xiti[1].txt
00199231 HackTool/EvID HackTools No 0 Yes No C:\Program Files\eChanblard\EvID4226Patch.exe
00199231 HackTool/EvID HackTools No 0 Yes No C:\Program Files\eChanblard\config\last.zip[EvID4226Patch.exe]
00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\ROXANE\Cookies\roxane@www.errorsafe[1].txt
00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\ROXANE\Cookies\roxane@errorsafe[2].txt
00320978 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\ROXANE\Cookies\roxane@winantivirus[1].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location )
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description )
;===================================================================================================================================================================================
;===================================================================================================================================================================================
9 Août 2008 10:33:39

:hello:  Bonjour,

Je vais m'occuper de toi. Merci de prendre en compte que je suis bénévole, que j'ai une vie privée et que j'aide plusieurs internautes à la fois, donc merci d'être patient. Cependant, je ne lâche jamais un internaute tant que son PC n'est pas propre ;) 

Cette procédure doit être imprimée pour que tu puisses l’avoir sous les yeux quand tu seras en mode sans échec.

Télécharge SDFix (d’Andy Manchesta)

  • Enregistre le sur ton le bureau.
  • Lance le.
  • Fais install afin qu’il puisse s’extraire.
    Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.
  • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\
  • Double clique sur RunThis.bat (L’extension bat peut ne pas apparaître)
  • Appuie sur Y pour le lancer.
  • Il te sera demandé d'appuyer sur une touche pour redemarrer , fais le
  • Il est probable que le redémarrage soit un peu plus long que d’habitude.
  • Une fois l’apparition de ton Bureau, il affichera Finished
  • Appuie sur une touche.
  • Un rapport est généré , poste le dans ta réponse.

    Il se trouve également. dans le dossier SDFix >Report.txt<

    Note : Si SDFix ne se lance pas (ça arrive!)

    * Démarrer->Exécuter
    * Copie/colle ceci:
    Citation :
    %systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe

    * Clique sur ok, et valide.
    * Redémarre et essaye de nouveau de lancer SDFix.

    Aide : Comment faire démarrer son ordinateur en mode sans échec.

    ;) 
    10 Août 2008 08:33:09

    Tout d'abord, MERCI de prendre de ton tps pour m'aider :) 
    Voici le rapport SDFix comme tu me l'a demandé :


    SDFix: Version 1.214
    Run by ARNAUD on 10/08/2008 at 07:43

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    Checking Services :


    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting


    Checking Files :

    No Trojan Files Found






    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-10 07:56:54
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    Remaining Services :




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
    "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:p ANDORA"
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\APPS\\Inventime\\my.exe"="C:\\APPS\\Inventime\\my.exe:*:Enabled:INVENTIME"
    "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
    "C:\\APPS\\skype\\phone\\Skype.exe"="C:\\APPS\\skype\\phone\\Skype.exe:*:Enabled:Skype"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe:*:Enabled:Antivirus Firewall"
    "C:\\Program Files\\adslTV\\adsltv.exe"="C:\\Program Files\\adslTV\\adsltv.exe:*:Enabled:adsltv"
    "C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eChanblard"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
    "C:\\Program Files\\AOL 9.0\\aol.exe"="C:\\Program Files\\AOL 9.0\\aol.exe:*:D isabled:AOL"
    "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe:*:Enabled:Antivirus Firewall"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    Remaining Files :



    Files with Hidden Attributes :

    Tue 27 Jun 2006 215 A.SHR --- "C:\BOOT.BAK"
    Tue 31 May 2005 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
    Tue 31 May 2005 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
    Tue 31 May 2005 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
    Wed 8 Sep 2004 246,912 A..H. --- "C:\Program Files\Norton Internet Security\ACDisp.dll"
    Wed 25 Aug 2004 140,384 A..H. --- "C:\Program Files\Norton Internet Security\ALECmpBR.dll"
    Wed 17 Nov 2004 263,296 A..H. --- "C:\Program Files\Norton Internet Security\AlertAst.exe"
    Wed 17 Nov 2004 66,688 A..H. --- "C:\Program Files\Norton Internet Security\ALEScan.exe"
    Wed 25 Aug 2004 19,040 A..H. --- "C:\Program Files\Norton Internet Security\ALEUpdat.exe"
    Fri 27 Aug 2004 148,600 A..H. --- "C:\Program Files\Norton Internet Security\ccALE.dll"
    Fri 27 Aug 2004 99,448 A..H. --- "C:\Program Files\Norton Internet Security\ccEmFlSv.exe"
    Tue 7 Sep 2004 132,216 A..H. --- "C:\Program Files\Norton Internet Security\ccEmlflt.dll"
    Fri 27 Aug 2004 300,152 A..H. --- "C:\Program Files\Norton Internet Security\ccFWSetg.dll"
    Fri 27 Aug 2004 177,272 A..H. --- "C:\Program Files\Norton Internet Security\ccRuleIO.dll"
    Tue 21 Sep 2004 132,248 A..H. --- "C:\Program Files\Norton Internet Security\CfgWiz.exe"
    Wed 17 Nov 2004 451,712 A..H. --- "C:\Program Files\Norton Internet Security\CfgWzRes.dll"
    Tue 21 Sep 2004 169,112 A..H. --- "C:\Program Files\Norton Internet Security\DJSAlert.dll"
    Wed 8 Sep 2004 107,648 A..H. --- "C:\Program Files\Norton Internet Security\FREAles.dll"
    Wed 8 Sep 2004 328,832 A..H. --- "C:\Program Files\Norton Internet Security\FREInteg.dll"
    Thu 28 Oct 2004 124,048 A..H. --- "C:\Program Files\Norton Internet Security\FREPCtrl.dll"
    Thu 28 Oct 2004 119,952 A..H. --- "C:\Program Files\Norton Internet Security\FREPrvcy.dll"
    Wed 8 Sep 2004 87,168 A..H. --- "C:\Program Files\Norton Internet Security\FRERules.dll"
    Thu 28 Oct 2004 218,256 A..H. --- "C:\Program Files\Norton Internet Security\FRESettg.dll"
    Wed 8 Sep 2004 926,848 A..H. --- "C:\Program Files\Norton Internet Security\fwUI.dll"
    Wed 8 Sep 2004 74,880 A..H. --- "C:\Program Files\Norton Internet Security\HNetCore.dll"
    Wed 17 Nov 2004 78,976 A..H. --- "C:\Program Files\Norton Internet Security\HNetWiz.exe"
    Wed 17 Nov 2004 144,512 A..H. --- "C:\Program Files\Norton Internet Security\iamstats.exe"
    Wed 25 Aug 2004 46,176 A..H. --- "C:\Program Files\Norton Internet Security\ICFMgr.dll"
    Wed 17 Nov 2004 291,968 A..H. --- "C:\Program Files\Norton Internet Security\ISLAlert.dll"
    Wed 8 Sep 2004 201,856 A..H. --- "C:\Program Files\Norton Internet Security\ISLuCbk.dll"
    Thu 28 Oct 2004 136,336 A..H. --- "C:\Program Files\Norton Internet Security\ISSTE.dll"
    Thu 28 Oct 2004 83,088 A..H. --- "C:\Program Files\Norton Internet Security\ISSVC.exe"
    Wed 25 Aug 2004 205,920 A..H. --- "C:\Program Files\Norton Internet Security\ISWrap.dll"
    Wed 17 Nov 2004 136,320 A..H. --- "C:\Program Files\Norton Internet Security\LocWiz.dll"
    Wed 17 Nov 2004 222,336 A..H. --- "C:\Program Files\Norton Internet Security\NISABOUT.DLL"
    Wed 17 Nov 2004 394,368 A..H. --- "C:\Program Files\Norton Internet Security\NISAlert.dll"
    Wed 17 Nov 2004 218,240 A..H. --- "C:\Program Files\Norton Internet Security\NisCfgWz.dll"
    Wed 8 Sep 2004 308,352 A..H. --- "C:\Program Files\Norton Internet Security\niscmnht.dll"
    Wed 17 Nov 2004 398,464 A..H. --- "C:\Program Files\Norton Internet Security\nislcom.dll"
    Wed 17 Nov 2004 189,568 A..H. --- "C:\Program Files\Norton Internet Security\NISLUCBK.DLL"
    Thu 28 Oct 2004 95,376 A..H. --- "C:\Program Files\Norton Internet Security\NisLVPlg.dll"
    Wed 17 Nov 2004 930,944 A..H. --- "C:\Program Files\Norton Internet Security\nisopts.dll"
    Wed 17 Nov 2004 1,447,040 A..H. --- "C:\Program Files\Norton Internet Security\NISPLUG.DLL"
    Wed 17 Nov 2004 443,528 A..H. --- "C:\Program Files\Norton Internet Security\NISProd.dll"
    Wed 17 Nov 2004 799,864 A..H. --- "C:\Program Files\Norton Internet Security\nisres.dll"
    Wed 17 Nov 2004 230,528 A..H. --- "C:\Program Files\Norton Internet Security\NisTray.dll"
    Thu 28 Oct 2004 62,608 A..H. --- "C:\Program Files\Norton Internet Security\ObrkAV.dll"
    Thu 28 Oct 2004 279,696 A..H. --- "C:\Program Files\Norton Internet Security\ObrkData.dll"
    Thu 28 Oct 2004 91,280 A..H. --- "C:\Program Files\Norton Internet Security\ObrkIDS.dll"
    Wed 17 Nov 2004 210,048 A..H. --- "C:\Program Files\Norton Internet Security\pcwiz.dll"
    Wed 17 Nov 2004 41,088 A..H. --- "C:\Program Files\Norton Internet Security\PCWiz.exe"
    Thu 28 Oct 2004 42,128 A..H. --- "C:\Program Files\Norton Internet Security\PtchInst.dll"
    Wed 17 Nov 2004 287,872 A..H. --- "C:\Program Files\Norton Internet Security\RLevel.dll"
    Wed 17 Nov 2004 271,488 A..H. --- "C:\Program Files\Norton Internet Security\SFwAlert.dll"
    Wed 17 Nov 2004 304,256 A..H. --- "C:\Program Files\Norton Internet Security\SNLog.dll"
    Tue 7 Sep 2004 144,504 A..H. --- "C:\Program Files\Norton Internet Security\SymFwAgt.DLL"
    Wed 17 Nov 2004 124,032 A..H. --- "C:\Program Files\Norton Internet Security\SYMURL.DLL"
    Fri 27 Aug 2004 136,312 A..H. --- "C:\Program Files\Norton Internet Security\TLevel.dll"
    Thu 28 Oct 2004 33,936 A..H. --- "C:\Program Files\Norton Internet Security\UrlLstCk.exe"
    Wed 17 Nov 2004 54,400 A..H. --- "C:\Program Files\Norton Internet Security\Urlupdat.exe"
    Wed 17 Nov 2004 160,896 A..H. --- "C:\Program Files\Norton Internet Security\WrapUM.dll"
    Thu 16 Aug 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Tue 24 Aug 2004 261,912 A..H. --- "C:\Program Files\Norton Internet Security\IDSDefs\SymIDSCo.sys"
    Tue 24 Aug 2004 156,888 A..H. --- "C:\Program Files\Norton Internet Security\IDSDefs\SymIDSI.dll"
    Mon 15 Nov 2004 275,584 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\AboutPlg.dll"
    Mon 15 Nov 2004 349,312 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\apwcmdNT.dll"
    Mon 15 Nov 2004 160,896 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\apwutil.dll"
    Thu 28 Oct 2004 148,608 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\avcompbr.dll"
    Mon 15 Nov 2004 586,904 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\AVRES.dll"
    Mon 15 Nov 2004 148,608 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\BootWarn.exe"
    Tue 24 Aug 2004 54,392 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\ccAVMail.dll"
    Tue 24 Aug 2004 95,352 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\ccIMScan.dll"
    Tue 24 Aug 2004 62,584 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\ccIMScn.exe"
    Tue 21 Sep 2004 132,248 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\CfgWiz.exe"
    Mon 15 Nov 2004 410,752 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\CfgWzRes.dll"
    Mon 15 Nov 2004 353,408 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\DefAlert.dll"
    Tue 21 Sep 2004 169,112 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\DJSAlert.dll"
    Tue 21 Sep 2004 74,904 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\LtChkRes.dll"
    Mon 15 Nov 2004 62,584 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\N32call.dll"
    Thu 28 Oct 2004 37,504 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\N32Exclu.dll"
    Fri 23 Jul 2004 120,040 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Navap32.dll"
    Mon 15 Nov 2004 74,880 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSCR.dll"
    Mon 15 Nov 2004 176,768 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"
    Mon 15 Nov 2004 251,008 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapw32.dll"
    Sun 20 Apr 2003 0 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPW32.exe"
    Mon 15 Nov 2004 218,240 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVCfgWz.dll"
    Mon 15 Nov 2004 615,552 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVComUI.dll"
    Mon 15 Nov 2004 62,592 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVError.dll"
    Mon 15 Nov 2004 156,800 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVEvent.dll"
    Mon 15 Nov 2004 197,760 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Navlcom.dll"
    Mon 15 Nov 2004 107,648 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVLnch.dll"
    Mon 15 Nov 2004 226,432 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVLogV.dll"
    Mon 15 Nov 2004 255,104 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVLUCBK.dll"
    Thu 28 Oct 2004 50,304 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Navntutl.dll"
    Mon 15 Nov 2004 373,912 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOptRF.dll"
    Mon 15 Nov 2004 824,448 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOpts.dll"
    Mon 15 Nov 2004 87,168 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\navprod.dll"
    Mon 15 Nov 2004 218,240 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll"
    Mon 15 Nov 2004 238,720 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSTATS.dll"
    Mon 15 Nov 2004 54,400 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVStub.exe"
    Mon 15 Nov 2004 169,088 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVTasks.dll"
    Mon 15 Nov 2004 251,008 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVTskWz.dll"
    Mon 15 Nov 2004 308,352 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVUI.dll"
    Mon 15 Nov 2004 349,312 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVUIHTM.dll"
    Mon 15 Nov 2004 201,856 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe"
    Thu 28 Oct 2004 35,968 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Navwnt.exe"
    Mon 15 Nov 2004 51,832 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\NetBrExt.DLL"
    Fri 13 Aug 2004 33,912 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\OEHeur.dll"
    Tue 24 Aug 2004 58,488 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\OfficeAV.dll"
    Fri 13 Aug 2004 70,776 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\OPScan.exe"
    Fri 23 Jul 2004 26,208 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\patch25d.dll"
    Thu 28 Oct 2004 197,760 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\probeGSE.dll"
    Thu 28 Oct 2004 16,512 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\PtchInst.dll"
    Mon 15 Nov 2004 74,880 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\qconres.dll"
    Thu 28 Oct 2004 214,144 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\qconsole.exe"
    Thu 28 Oct 2004 26,752 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\qspak32.dll"
    Thu 28 Oct 2004 99,456 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\quar32.dll"
    Mon 15 Nov 2004 84,600 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\S32integ.dll"
    Mon 15 Nov 2004 475,768 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\S32NAVO.DLL"
    Fri 23 Jul 2004 335,504 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys"
    Fri 23 Jul 2004 222,440 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\SavRT32.dll"
    Fri 23 Jul 2004 49,808 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys"
    Fri 23 Jul 2004 197,864 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe"
    Thu 28 Oct 2004 119,936 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Scandlvr.dll"
    Mon 15 Nov 2004 341,120 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Scandres.dll"
    Mon 15 Nov 2004 189,568 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\ScanMgr.dll"
    Thu 28 Oct 2004 103,552 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\SDPCK32I.DLL"
    Mon 15 Nov 2004 13,952 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\SDSND32I.DLL"
    Thu 28 Oct 2004 13,440 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\SDSOK32I.DLL"
    Thu 28 Oct 2004 54,400 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\SDSTP32I.DLL"
    Thu 28 Oct 2004 152,704 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\Statushp.dll"
    Mon 15 Nov 2004 344,272 A..H. --- "C:\Program Files\Norton Internet Security\Norton AntiVirus\SYMNAVO.DLL"
    Fri 6 Jun 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
    Thu 17 Jul 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT22B.tmp"
    Tue 31 May 2005 106,496 A..H. --- "C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll"

    Finished!

    10 Août 2008 13:00:43

    :hello:  Bonjour,

    Tu as une infection RapidBlaster. On va utiliser un petit programme dédié à cette infection.

    1. Télécharge Download RBKiller.exe©

    2. Ferme TOUTES les fenêtres à l'exception de RBKiller.exe©

    3. Double-clique sur RBKiller.exe© pour lancer le scan

    4. Redémarre le PC pour finir le nettoyage.

    Ensuite poste-moi un nouveau rapport HijackThis.

    N.B : Le site pour télécharger l'outil peut être indisponible, il faut réessayer jusqu'à ce qu'il le soit ( des fois il marche, des fois non ).

    ;) 
    10 Août 2008 15:43:35

    J'ai réussi à avoir le programme en fichier winrar et lorsque je le décompresse afin de l'installer il me dit qu'il ne trouve pas l'emplacement car le programme utilisé est rataché à un programme conjuguaison ! Et lorsque je clique sur annuler il me stipule une erreur 1704 puis lorsque je ferme ce dernier message la fenêtre RBkiller apparait et je peux lancer le scan mais il me dit qu'il ne trouve rien !!(Du coup,je ne suis pas sur que c'est bon)
    J ai tt de même redémarré l'ordi et tjs une fenetre concernant l'attaque par des spyxares et autres ...apparait
    De plus je n'arrive tjs pas à désinstaller Norton qui me prend bp de tps au démarrage de ma session
    Voici le scan
    Encore MERCI d'avance

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:31:59, on 10/08/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
    C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
    C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
    C:\WINDOWS\system32\slmdmsr.exe
    C:\WINDOWS\system32\svchost.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
    C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\WINDOWS\system32\drivers\STDSB.exe
    C:\WINDOWS\system32\drivers\Icon.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
    C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
    C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
    O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/Fnacmu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-downloa...
    O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://orange.securitoo.com/pchc/fscax.cab
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

    --
    End of file - 13859 bytes
    10 Août 2008 16:07:35

    Re,

    Oki, l'outil ne doit plus être mis à jour :) 

    On va effectuer un scan plus en profondeur et après on enlèvera tout d'un coup ;) 

    Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
    NB : Tu dois être connecté avec des droits d'Administrateur.
  • ferme toutes les applications et fenêtres
  • double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous
    Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
  • s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
  • tu devras cliquer 2 fois sur le OK des boîtes de dialogue
    Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
  • quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :
    main.txt <- ouvert en premier plan et en plein écran
    extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
    S'il s'agit d'une utilisation supplémentaire de DSS :
  • tu n'auras pas de boîte de dialogue (pas de OK)
  • quand le traitement est terminé, un fichier texte s'affiche :
    main.txt <- ouvert en premier plan et en plein écran

  • copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
  • copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
  • n'oublie pas de réactiver les protections si elles ont été stoppées.



    Ce que fait DSS :
  • crée un point de restauration dans Windows XP et Vista
  • nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
  • vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

    ;) 
    10 Août 2008 17:08:31

    Ok voici les fichiers (j'ai eu les deux !)

    1/
    Deckard's System Scanner v20071014.68
    Run by ARNAUD on 2008-08-10 16:55:45
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------



    -- Last 5 Restore Point(s) --
    36: 2008-08-10 14:51:56 UTC - RP335 - Deckard's System Scanner Restore Point
    35: 2008-08-10 07:08:39 UTC - RP334 - Point de vérification système
    34: 2008-08-08 16:39:07 UTC - RP333 - Point de vérification système
    33: 2008-08-07 13:27:09 UTC - RP332 - Supprimé Ad-Aware
    32: 2008-08-06 18:29:09 UTC - RP331 - Point de vérification système


    -- First Restore Point --
    1: 2008-07-04 08:50:04 UTC - RP300 - Software Distribution Service 3.0


    Backed up registry hives.
    Performed disk cleanup.

    Total Physical Memory: 448 MiB (512 MiB recommended).


    -- HijackThis (run as ARNAUD.exe) ----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:57:02, on 10/08/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
    C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
    C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
    C:\WINDOWS\system32\slmdmsr.exe
    C:\WINDOWS\system32\svchost.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
    C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\WINDOWS\system32\drivers\STDSB.exe
    C:\WINDOWS\system32\drivers\Icon.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
    C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
    C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTC07.EXE
    C:\Documents and Settings\ARNAUD\Bureau\dss.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\ARNAUD.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
    O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [acmyiuc] "c:\documents and settings\arnaud\local settings\application data\acmyiuc.exe" acmyiuc
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/Fnacmu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-downloa...
    O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://orange.securitoo.com/pchc/fscax.cab
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

    --
    End of file - 14034 bytes

    -- File Associations -----------------------------------------------------------

    .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 FSFW (F-Secure Firewall Driver) - c:\windows\system32\drivers\fsdfw.sys <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>
    R1 StarOpen - c:\windows\system32\drivers\staropen.sys
    R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
    R2 F-Secure Filter (F-Secure File System Filter) - c:\program files\antivirusfirewall\anti-virus\win2k\fsfilter.sys
    R2 F-Secure Gatekeeper - c:\program files\antivirusfirewall\anti-virus\win2k\fsgk.sys
    R2 F-Secure Recognizer (F-Secure File System Recognizer) - c:\program files\antivirusfirewall\anti-virus\win2k\fsrec.sys

    S3 catchme - c:\docume~1\arnaud\locals~1\temp\catchme.sys (file missing)
    S3 Via4in1 - c:\docume~1\propri~1\via4in1.sys (file missing)


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 BackWeb Plug-in - 6588780 (Antivirus Firewall) - c:\progra~1\antivi~1\backweb\6588780\program\servic~1.exe <Not Verified; Securitoo Portal; RunnerEXE Application>
    R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>
    R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>
    R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server>
    R2 fsbwsys - "c:\program files\antivirusfirewall\backweb\6588780\program\fsbwsys.exe" <Not Verified; F-Secure Corp.; F-Secure BackWeb>
    R2 F-Secure Gatekeeper Handler Starter (FSGKHS) - "c:\program files\antivirusfirewall\anti-virus\fsgk32st.exe" <Not Verified; F-Secure Corporation; F-Secure Corp. Startup service>
    R2 FSMA (F-Secure Management Agent) - "c:\program files\antivirusfirewall\common\fsma32.exe" <Not Verified; F-Secure Corporation; F-Secure Management Agent>
    R2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe
    R3 FSDFWD (F-Secure Anti-Virus Firewall Daemon) - "c:\program files\antivirusfirewall\fwes\program\fsdfwd.exe" <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>

    S3 MySqlInventime - c:\mysql\bin\mysqld-max-nt mysqlinventime


    -- Device Manager: Disabled ----------------------------------------------------

    No disabled devices found.


    -- Scheduled Tasks -------------------------------------------------------------

    2008-08-10 16:51:40 552 --a------ C:\WINDOWS\Tasks\Scheduled scanning task.job
    2008-07-14 08:20:18 262 --a------ C:\WINDOWS\Tasks\Nettoyage de disque.job
    2006-08-01 20:43:22 258 --a------ C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job


    -- Files created between 2008-07-10 and 2008-08-10 -----------------------------

    2008-08-10 07:38:32 0 d-------- C:\WINDOWS\ERUNT
    2008-08-08 16:17:13 0 d-------- C:\Program Files\Panda Security
    2008-08-07 16:07:22 0 dr-h----- C:\Documents and Settings\ARNAUD\Recent
    2008-08-07 14:52:02 0 d-------- C:\Program Files\Alwil Software
    2008-08-06 08:25:48 0 d-------- C:\Program Files\Trend Micro
    2008-08-05 16:06:16 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\Micro Application
    2008-08-05 16:06:11 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-08-05 10:42:11 0 d-------- C:\Documents and Settings\Propriétaire\SendTo
    2008-08-04 15:18:20 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\WinRAR
    2008-08-04 09:38:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
    2008-08-02 19:05:40 0 d-------- C:\WINDOWS\system32\fr
    2008-08-02 19:05:40 0 d-------- C:\WINDOWS\l2schemas
    2008-08-02 19:05:39 0 d-------- C:\WINDOWS\system32\bits
    2008-08-02 19:01:40 0 d-------- C:\WINDOWS\ServicePackFiles
    2008-08-02 18:49:35 0 d-------- C:\WINDOWS\EHome
    2008-08-02 17:44:26 0 d-------- C:\fsaua.data
    2008-08-01 15:48:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-20 08:40:13 0 d-------- C:\Program Files\Sun
    2008-07-14 16:10:22 0 d-------- C:\Documents and Settings\ARNAUD\.housecall6.6


    -- Find3M Report ---------------------------------------------------------------

    2008-08-10 15:16:15 82577 --a------ C:\logfile
    2008-08-07 16:00:15 0 d-------- C:\Program Files\CCleaner
    2008-08-07 15:27:48 0 d-------- C:\Program Files\Fichiers communs
    2008-08-07 14:55:13 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\Azureus
    2008-08-05 16:05:43 0 d-------- C:\Program Files\Micro Application
    2008-08-05 10:42:18 0 d-------- C:\Program Files\Fichiers communs\SureThing Shared
    2008-08-04 10:30:20 0 d-------- C:\Program Files\Fichiers communs\Adobe
    2008-08-04 10:27:07 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\AdobeUM
    2008-08-04 09:52:14 0 d-------- C:\Program Files\Azureus
    2008-08-02 19:35:09 480312 --a------ C:\WINDOWS\system32\perfh00C.dat
    2008-08-02 19:35:09 79810 --a------ C:\WINDOWS\system32\perfc00C.dat
    2008-08-02 19:06:09 0 d-------- C:\Program Files\Messenger
    2008-08-02 19:05:39 0 d-------- C:\Program Files\Movie Maker
    2008-08-02 19:01:14 0 d-------- C:\Program Files\Windows NT
    2008-07-30 18:16:51 0 d-------- C:\Program Files\eChanblard
    2008-07-20 08:38:50 0 d-------- C:\Program Files\Java
    2008-07-04 22:41:39 0 d-------- C:\Program Files\Icone
    2008-07-04 22:41:36 0 d-------- C:\Program Files\LETMIN
    2008-07-01 11:16:05 0 d-------- C:\Program Files\eMule
    2008-07-01 10:53:07 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\uTorrent
    2008-07-01 10:52:37 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\FileOpen
    2008-07-01 10:51:06 0 d-------- C:\Program Files\Spyware Doctor(2)
    2008-06-24 17:37:40 0 d-------- C:\Program Files\Google
    2008-06-23 17:49:25 0 d-------- C:\Program Files\FileOpen


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [05/08/2004 14:00]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00]
    "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [10/03/2005 18:44]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [10/03/2005 18:43]
    "VTTimer"="VTTimer.exe" [08/03/2005 03:33 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [14/09/2005 13:47 C:\WINDOWS\system32\VTTrayp.exe]
    "STDSB"="C:\WINDOWS\system32\drivers\STDSB.exe" [17/12/2003 16:50]
    "Icon"="C:\WINDOWS\system32\drivers\Icon.exe" [23/08/2005 15:51]
    "SoundMan"="SOUNDMAN.EXE" [17/08/2005 18:39 C:\WINDOWS\SOUNDMAN.EXE]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27]
    "IS CfgWiz"="C:\Program Files\Norton Internet Security\cfgwiz.exe" [21/09/2004 11:35]
    "SSC_UserPrompt"="C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [07/10/2004 09:25]
    "PCMService"="c:\Apps\Powercinema\PCMService.exe" [11/05/2005 13:48]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/09/2006 16:57]
    "RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [27/06/2006 10:07]
    "F-Secure Manager"="C:\Program Files\AntivirusFirewall\Common\FSM32.exe" [26/10/2005 03:51]
    "F-Secure TNB"="C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" [18/07/2005 16:51]
    "F-Secure Startup Wizard"="C:\Program Files\AntivirusFirewall\FSGUI\FSSW.exe" [18/10/2005 10:29]
    "News Service"="C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" [31/05/2005 14:45]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [07/09/2004 15:25]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [09/03/2003 22:30]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [13/04/2008 19:34]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [18/06/2007 14:25]
    "acmyiuc"="c:\documents and settings\arnaud\local settings\application data\acmyiuc.exe" [08/08/2008 20:27]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Antivirus Firewall.lnk - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe [08/02/2007 16:31:47]
    Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/04/2008 03:38:16]
    Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [19/09/2007 05:33:46]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
    C:\WINDOWS\System32\dimsntfy.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    eapsvcs eaphost
    dot3svc dot3svc

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    napagent
    hkmsvc


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{474e1149-4f6c-11dd-80eb-00038a000015}]
    AutoRun\command- E:\InstallTomTomHOME.exe




    -- End of Deckard's System Scanner: finished at 2008-08-10 16:58:19 ------------

    et voci le deuxième extra.txt :

    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Édition familiale (build 2600) SP 3.0
    Architecture: X86; Language: French

    CPU 0: Intel(R) Celeron(R) M processor 1.30GHz
    Percentage of Memory in Use: 70%
    Physical Memory (total/avail): 447.48 MiB / 131.17 MiB
    Pagefile Memory (total/avail): 1053.8 MiB / 495.76 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1928.09 MiB

    C: is Fixed (NTFS) - 38.77 GiB total, 12.54 GiB free.
    D: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - ST950212A - 46.58 GiB - 2 partitions
    \PARTITION0 - Unknown - 7.81 GiB
    \PARTITION1 (bootable) - Système de fichiers installable - 38.77 GiB - C:



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\ARNAUD\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Fichiers communs
    COMPUTERNAME=DELIGNY
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\ARNAUD
    LOGONSERVER=\\DELIGNY
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Samsung\Samsung PC Studio 3\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=0d08
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\ARNAUD\LOCALS~1\Temp
    TMP=C:\DOCUME~1\ARNAUD\LOCALS~1\Temp
    USERDOMAIN=DELIGNY
    USERNAME=ARNAUD
    USERPROFILE=C:\Documents and Settings\ARNAUD
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    ARNAUD (admin)
    ROXANE (admin)
    AURELIEN (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> "c:\apps\skype\phone\unins000.exe"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
    --> "C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"News Service"
    --> "C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
    --> C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
    --> C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
    --> C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
    --> C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
    --> C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
    --> C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe /X
    --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
    --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
    --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    --> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    --> C:\WINDOWS\system32\drivers\unSTDSB.exe
    --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
    --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
    --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
    Adobe AIR --> C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.1.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002}
    AntiVirus Firewall --> C:\PROGRA~1\ANTIVI~1\Common\fsbwih.exe /uninstall
    Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
    Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
    CC_ccProxyExt --> MsiExec.exe /I{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919}
    ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    ccPxyCore --> MsiExec.exe /I{FC08587A-4F01-4188-819F-F55880022917}
    CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
    ClickImpôts first step 2008 2008.1.053 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A20C266E-E493-45AC-A64F-237EB86E9BAC}\setup.exe" -l0x40c
    Conjugaison --> MsiExec.exe /I{057AA4D8-559F-42B1-98A0-508303834B2E}
    Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
    ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
    ESScore --> MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
    ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
    ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
    ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
    ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
    ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
    ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
    essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
    fflink --> MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
    Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    hp psc 1200 series --> rundll32 hpzcon07.dll,VendorJettison hp psc 1200 series
    J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    kgcbaby --> MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
    kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
    kgchday --> MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
    kgchlwn --> MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
    kgcinvt --> MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
    kgckids --> MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
    kgcmove --> MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
    kgcvday --> MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
    L&H TTS3000 Français --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
    Le code de la route --> C:\WINDOWS\unin040c.exe -f"C:\Program Files\Ediser\Le code de la route\DeIsL1.isu" -c"C:\Program Files\Ediser\Le code de la route\_ISREG32.DLL"
    Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
    Les départements français --> "C:\Program Files\GEOGRAPHIE\FRANCE\uninstall.exe"
    Logiciel Kodak EasyShare --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_41f38b\Setup.exe /APR-REMOVE
    Macromedia Shockwave Player --> MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
    Micro Application - Etiquettes CD-DVD 2006 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C438BA06-5E7F-4369-B9CB-F7012D9AE886}\SETUP.EXE" -l0x40c
    Micro Application - Vos Photos à la Télé sur CD-DVD 2 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CBE6914C-35FA-40B5-A5BE-16360B2FF55D}\SETUP.EXE" -l0x40c
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978) --> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    MP Manager --> MsiExec.exe /X{F11D58E5-50BC-4BB9-A68D-5F55CA8F5681}
    MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
    netbrdg --> MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
    Norton AntiSpam --> MsiExec.exe /I{3B29A786-5803-4e9e-9B58-3014A5B4E519}
    Norton AntiSpam --> MsiExec.exe /I{5677563D-0CB1-485f-9E18-C5025306BB3F}
    Norton AntiVirus 2005 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
    Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
    Norton Internet Security --> MsiExec.exe /I{449F3A9E-9903-4a0d-A209-08030D45A935}
    Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
    Norton Internet Security --> MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
    Norton Internet Security --> MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20}
    Norton Internet Security --> MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
    Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
    Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
    Norton Internet Security --> MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
    Norton WMI Update --> MsiExec.exe /X{E85FA9A1-C241-4698-893B-DD99509B8DB0}
    Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
    OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
    OpenOffice.org Installer 1.0 --> MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    PC Optimiseur --> "C:\Program Files\Micro Application\PC Optimiseur\unins000.exe"
    Plus de 300 Applications pour Excel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC53BB11-87A1-4935-BD1F-2A5083DD32FE}\Setup.exe" -l0x40c
    QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
    SAMSUNG CDMA Modem Driver Set --> C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile Composite Device Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
    Samsung Mobile phone USB driver Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 --> "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung PC Studio 3 USB Driver Installer --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
    Samsung Samples Installer --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
    SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
    skin0001 --> MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
    SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
    Smart Link 56K Modem --> C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove /NONGUI
    Sonic MyDVD --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
    staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
    SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
    tooltips --> MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
    VIA/S3G Display Driver --> C:\PROGRA~1\S3\UChromeP\S3MINSET.EXE /u UChromeP.uns
    VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
    Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Live Sign-in Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type19168 / Error
    Event Submitted/Written: 08/10/2008 04:55:05 PM
    Event ID/Source: 1000 / Application Error
    Event Description:
    Application défaillante dss.exe, version 3.2.8.1, module défaillant msvcrt.dll, version 7.0.2600.5512, adresse de défaillance 0x00037fd4.
    Traitement de l'événement propre au support pour [dss.exe!ws!]

    Event Record #/Type19166 / Error
    Event Submitted/Written: 08/10/2008 04:49:56 PM
    Event ID/Source: 103 / F-Secure Anti-Virus
    Event Description:
    3 2008-08-10 16:49:56+02:00 deligny DELIGNY\ARNAUD F-Secure Anti-Virus
    Scanning of C:\DOCUMENTS AND SETTINGS\ALL USERS\MENU DÉMARRER\PROGRAMMES\DESKTOP.INI was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

    Event Record #/Type19165 / Error
    Event Submitted/Written: 08/10/2008 04:42:30 PM
    Event ID/Source: 103 / F-Secure Anti-Virus
    Event Description:
    2 2008-08-10 16:42:28+02:00 deligny DELIGNY\ARNAUD F-Secure Anti-Virus
    Scanning of C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZENG07.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

    Event Record #/Type19164 / Error
    Event Submitted/Written: 08/10/2008 03:34:21 PM
    Event ID/Source: 103 / F-Secure Anti-Virus
    Event Description:
    1 2008-08-10 15:34:20+02:00 deligny DELIGNY\ARNAUD F-Secure Anti-Virus
    Scanning of C:\DOCUMENTS AND SETTINGS\ARNAUD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\2ZRLOPFK\1030-LA-RAGE-DE-VAINCRE[1].JPG was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

    Event Record #/Type19162 / Error
    Event Submitted/Written: 08/10/2008 03:29:57 PM
    Event ID/Source: 11706 / MsiInstaller
    Event Description:
    Product: Conjugaison -- Error 1706. No valid source could be found for product Conjugaison. The Windows installer cannot continue.



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type30603 / Error
    Event Submitted/Written: 08/10/2008 03:08:15 PM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    Le service STDSB n'a pas pu démarrer en raison de l'erreur :
    %%2

    Event Record #/Type30595 / Error
    Event Submitted/Written: 08/10/2008 02:55:13 PM
    Event ID/Source: 1 / F-Secure Gatekeeper
    Event Description:
    Real-time scanning failure occurred. Intercepted file name=C:\PROGRAM FILES\NORTON INT...NISPROD.DLL. For more information, please visit the customer support web pages at http://support.f-secure.com/enu/home/ for assistance.

    Event Record #/Type30593 / Error
    Event Submitted/Written: 08/10/2008 02:54:54 PM
    Event ID/Source: 7011 / Service Control Manager
    Event Description:
    Délai (30000 millisecondes) d'attente pour une réponse du service stisvc à une transaction.

    Event Record #/Type30591 / Warning
    Event Submitted/Written: 08/10/2008 02:53:45 PM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00106066B559. Il s'est
    produit l'erreur suivante :
    %%1223.
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Event Record #/Type30589 / Error
    Event Submitted/Written: 08/10/2008 11:47:44 AM
    Event ID/Source: 10010 / DCOM
    Event Description:
    Le serveur {F3A614DC-ABE0-11D2-A441-00C04F795683} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.



    -- End of Deckard's System Scanner: finished at 2008-08-10 16:58:19 ------------

    Encore Milles MERCI :) 
    10 Août 2008 23:40:34

    Re,

    1) Télécharge DAFT :
  • Sauvegarde-le sur ton bureau.
  • Double-clique sur l'icône de DAFT, présente sur ton bureau.
  • Clique sur le bouton scan.
  • Sélectionne tout ce qui apparaît.
  • Clique sur le bouton fix.
  • Ensuite relance DAFT et re-scan avec, Si un message du type "All associations are OK" apparaît c'est que tout est OK,
  • Ferme DAFT.

    2) Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    11 Août 2008 19:21:22

    voici le rapport,

    Malwarebytes' Anti-Malware 1.24
    Version de la base de données: 1040
    Windows 5.1.2600 Service Pack 3

    18:39:53 11/08/2008
    mbam-log-8-11-2008 (18-39-53).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 132565
    Temps écoulé: 1 hour(s), 50 minute(s), 38 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 8

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\acmyiuc (Adware.Navipromo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\ARNAUD\Local Settings\Application Data\acmyiuc_navps.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ARNAUD\Local Settings\Application Data\acmyiuc_nav.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ARNAUD\Local Settings\Application Data\acmyiuc.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ARNAUD\Local Settings\Application Data\acmyiuc.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ARNAUD\Local Settings\Application Data\sqcqi_navps.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ARNAUD\Local Settings\Application Data\sqcqi_nav.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ARNAUD\Local Settings\Application Data\sqcqi.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
    C:\Program Files\eChanblard\EvID4226Patch.exe (Adware.Agent) -> Quarantined and deleted successfully.

    Encore Merci
    11 Août 2008 20:46:05

    Pour info,
    je n'ai plus l'alerte sécurité ni page pub donc MERCI
    Mais comment puis je faire pour désinstaler Norton et dois je garder les programmes que j'ai installé (puis je les réutiliser ?).Et que me conseilles tu comme protection
    Bon j'arrête là :hello: 

    Encore merci de prendre de ton tps
    21 Août 2008 09:44:28

    Bonjour (me voici rentré !)

    Tout d'abord merci pour tout car je n ai plus l air d avoir de pb ,en plus ça a aussi fonctinné pour la désinstallation de norton
    Voici un rapport main.txt :

    Deckard's System Scanner v20071014.68
    Run by ARNAUD on 2008-08-21 09:37:15
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    Percentage of Memory in Use: 92% (more than 75%).
    Total Physical Memory: 448 MiB (512 MiB recommended).


    -- HijackThis (run as ARNAUD.exe) ----------------------------------------------

    logfile has no content; running clone.
    -- HijackThis Clone ------------------------------------------------------------


    Emulating logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2008-08-21 09:38:10
    Platform: Windows XP Service Pack 3 (5.01.2600)
    MSIE: Internet Explorer (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\system32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\ServiceWrapper-6588780.exe
    C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32.exe
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fsbwsys.exe
    C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
    C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
    C:\APPS\HIDSERVICE\HidService.exe
    C:\WINDOWS\system32\slmdmsr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
    C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\FSRW.exe
    C:\Program Files\AntivirusFirewall\FWES\program\fsdfwd.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\FSAV32.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTTrayp.exe
    C:\WINDOWS\system32\drivers\STDSB.exe
    C:\WINDOWS\system32\drivers\Icon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\APPS\Powercinema\PCMService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Real\RealPlayer\realplay.exe
    C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
    C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
    C:\Program Files\AntivirusFirewall\Anti-Spyware\FSAW.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\ARNAUD\Bureau\dss.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
    O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/Fnacmu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} () - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-downloa...
    O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://orange.securitoo.com/pchc/fscax.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
    O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL
    O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL
    O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\ServiceWrapper-6588780.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - C:\APPS\HIDSERVICE\HidService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: MySqlInventime - Unknown owner - C:\mysql\bin\mysqld-max-nt.exe
    O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slmdmsr.exe


    --
    End of file - 12139 bytes

    -- Files created between 2008-07-21 and 2008-08-21 -----------------------------

    2008-08-21 08:01:41 0 d-------- C:\WINDOWS\LastGood
    2008-08-11 15:10:35 0 d-------- C:\Documents and Settings\AURELIEN\Application Data\AdobeUM
    2008-08-11 15:09:50 0 d-------- C:\Documents and Settings\AURELIEN\Application Data\FileOpen
    2008-08-11 12:20:31 0 d-------- C:\Documents and Settings\AURELIEN\Application Data\Adobe
    2008-08-11 12:18:48 0 d-------- C:\Documents and Settings\AURELIEN\Application Data\F-Secure
    2008-08-11 10:57:22 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\Malwarebytes
    2008-08-11 10:57:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-08-11 10:57:07 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-10 07:38:32 0 d-------- C:\WINDOWS\ERUNT
    2008-08-08 16:17:13 0 d-------- C:\Program Files\Panda Security
    2008-08-07 16:07:22 0 dr-h----- C:\Documents and Settings\ARNAUD\Recent
    2008-08-07 14:52:02 0 d-------- C:\Program Files\Alwil Software
    2008-08-06 08:25:48 0 d-------- C:\Program Files\Trend Micro
    2008-08-05 16:06:16 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\Micro Application
    2008-08-05 16:06:11 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-08-05 10:42:11 0 d-------- C:\Documents and Settings\Propriétaire\SendTo
    2008-08-04 15:18:20 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\WinRAR
    2008-08-04 09:38:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
    2008-08-02 19:05:40 0 d-------- C:\WINDOWS\system32\fr
    2008-08-02 19:05:40 0 d-------- C:\WINDOWS\l2schemas
    2008-08-02 19:05:39 0 d-------- C:\WINDOWS\system32\bits
    2008-08-02 19:01:40 0 d-------- C:\WINDOWS\ServicePackFiles
    2008-08-02 18:49:35 0 d-------- C:\WINDOWS\EHome
    2008-08-02 17:44:26 0 d-------- C:\fsaua.data
    2008-08-01 15:48:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft


    -- Find3M Report ---------------------------------------------------------------

    2008-08-21 07:48:49 83793 --a------ C:\logfile
    2008-08-19 16:37:40 0 d-------- C:\Program Files\MSN Messenger
    2008-08-19 16:29:04 0 d-------- C:\Program Files\eChanblard
    2008-08-12 09:33:21 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared
    2008-08-07 16:00:15 0 d-------- C:\Program Files\CCleaner
    2008-08-07 15:27:48 0 d-------- C:\Program Files\Fichiers communs
    2008-08-07 14:55:13 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\Azureus
    2008-08-05 16:05:43 0 d-------- C:\Program Files\Micro Application
    2008-08-05 10:42:18 0 d-------- C:\Program Files\Fichiers communs\SureThing Shared
    2008-08-04 10:30:20 0 d-------- C:\Program Files\Fichiers communs\Adobe
    2008-08-04 10:27:07 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\AdobeUM
    2008-08-04 09:52:14 0 d-------- C:\Program Files\Azureus
    2008-08-02 19:35:09 480312 --a------ C:\WINDOWS\system32\perfh00C.dat
    2008-08-02 19:35:09 79810 --a------ C:\WINDOWS\system32\perfc00C.dat
    2008-08-02 19:06:09 0 d-------- C:\Program Files\Messenger
    2008-08-02 19:05:39 0 d-------- C:\Program Files\Movie Maker
    2008-08-02 19:01:14 0 d-------- C:\Program Files\Windows NT
    2008-07-20 08:40:13 0 d-------- C:\Program Files\Sun
    2008-07-20 08:38:50 0 d-------- C:\Program Files\Java
    2008-07-04 22:41:39 0 d-------- C:\Program Files\Icone
    2008-07-04 22:41:36 0 d-------- C:\Program Files\LETMIN
    2008-07-01 11:16:05 0 d-------- C:\Program Files\eMule
    2008-07-01 10:53:07 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\uTorrent
    2008-07-01 10:52:37 0 d-------- C:\Documents and Settings\ARNAUD\Application Data\FileOpen
    2008-07-01 10:51:06 0 d-------- C:\Program Files\Spyware Doctor(2)
    2008-06-24 17:37:40 0 d-------- C:\Program Files\Google
    2008-06-23 17:49:25 0 d-------- C:\Program Files\FileOpen


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [05/08/2004 14:00]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00]
    "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [10/03/2005 18:44]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [10/03/2005 18:43]
    "VTTimer"="VTTimer.exe" [08/03/2005 03:33 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [14/09/2005 13:47 C:\WINDOWS\system32\VTTrayp.exe]
    "STDSB"="C:\WINDOWS\system32\drivers\STDSB.exe" [17/12/2003 16:50]
    "Icon"="C:\WINDOWS\system32\drivers\Icon.exe" [23/08/2005 15:51]
    "SoundMan"="SOUNDMAN.EXE" [17/08/2005 18:39 C:\WINDOWS\SOUNDMAN.EXE]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27]
    "PCMService"="c:\Apps\Powercinema\PCMService.exe" [11/05/2005 13:48]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/09/2006 16:57]
    "RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [27/06/2006 10:07]
    "F-Secure Manager"="C:\Program Files\AntivirusFirewall\Common\FSM32.exe" [26/10/2005 03:51]
    "F-Secure TNB"="C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" [18/07/2005 16:51]
    "F-Secure Startup Wizard"="C:\Program Files\AntivirusFirewall\FSGUI\FSSW.exe" [18/10/2005 10:29]
    "News Service"="C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" [31/05/2005 14:45]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [09/03/2003 22:30]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [13/04/2008 19:34]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [18/06/2007 14:25]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Antivirus Firewall.lnk - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe [08/02/2007 16:31:47]
    Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/04/2008 03:38:16]
    Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [19/09/2007 05:33:46]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
    C:\WINDOWS\System32\dimsntfy.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    eapsvcs eaphost
    dot3svc dot3svc

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    napagent
    hkmsvc


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{474e1149-4f6c-11dd-80eb-00038a000015}]
    AutoRun\command- E:\InstallTomTomHOME.exe




    -- End of Deckard's System Scanner: finished at 2008-08-21 09:39:52 ------------

    Que me conseilles tu comme protection et opuis réutiliser sdfix si j ai encore un soucis

    Merci
    21 Août 2008 11:56:47

    Re,

    J'aimerais vérifier quelque chose :) 

    D'abord je veux être sûr que tu puisses voir les fichiers/dossiers cachés :

    [~]Aller dans poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
    [~]Aller dans poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d'exploitation./Appliquer - - > OK
    Tu recocheras après.

    [~] Poste de travail/outils/option des dossiers/affichage/décocher masquer les extensions dont le type est connu./Appliquer - - > OK

    Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir
  • Rends toi jusque sur ce fichier si tu le trouves :

    C:\WINDOWS\system32\drivers\Icon.exe

  • Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image :
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
    Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS