Votre question

messages intempestifs

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Avril 2008 16:04:18

bonjour,

depuis hier ou j'ai chopé un virus (spyware) lequel je pense que je l'ai éliminé; j'ai des messages me disant que mon ordi est peut être infecté et qu'il faudrait que j'installe PC-Cleaner
de même un triangle jaune se met dans ma barre d'outil et si je clic dessus il me renvoie vers le site de PC-Cleaner

j'ai passé ad-aware et spybot rien à signaler

j'ai fait un scan hijackthis dont je poste le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:40, on 02/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Lexmark 3300 Series\ezprint.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Windows\system32\taskeng.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\ProgramData\ebkdiral\crqroryl.exe
C:\ProgramData\ppoqcalg\qtknkloh.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Windows\System32\mobsync.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Users\famille Guignard\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3300 Series\ezprint.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [CTRegRun] C:\Windows\CTRegRun.EXE
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [bqilkhnq] C:\ProgramData\bqilkhnq\wpezuvqd.exe
O4 - HKCU\..\Run: [6b5DxdFjWL] C:\ProgramData\ebkdiral\crqroryl.exe
O4 - HKCU\..\Run: [ppoqcalg] C:\ProgramData\ppoqcalg\qtknkloh.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-cd8d6a9894a62d9c.spaces.live.com/PhotoUpload...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: lxcc_device - - C:\Windows\system32\lxcccoms.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10939 bytes

que dois-je faire?
merci de me filer un coup de main

Autres pages sur : messages intempestifs

a b 8 Sécurité
2 Avril 2008 16:28:07

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    3 Avril 2008 10:27:17

    bonjour,

    j'ai fait ce que tu m'as dis et voilà le rapport
    ComboFix 08-04-02.1 - famille Guignard 2008-04-03 10:18:10.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.357 [GMT 2:00]
    Endroit: C:\Users\famille Guignard\Desktop\ComboFix.exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Users\famille Guignard\Desktopblackbird.jpg
    C:\Users\famille Guignard\DesktopEditorFKWP1.5.exe
    C:\Users\famille Guignard\DesktopEditorFKWP2.0.exe
    C:\Users\famille Guignard\Desktopfilemanagerclient.exe
    C:\Users\famille Guignard\Desktopfkwp1.5.exe
    C:\Users\famille Guignard\Desktopfkwp2.0.exe
    C:\Users\famille Guignard\Desktopfwebd.exe
    C:\Users\famille Guignard\DesktopFWebdEditor.exe
    C:\Users\famille Guignard\DesktopTrojan.Win32.BlackBird.exe
    C:\Users\famille Guignard\Desktopvirii

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-03 to 2008-04-03 ))))))))))))))))))))))))))))))))))))
    .

    Pas de nouveau fichier créé dans cet espace de temps

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-03 07:29 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\OpenOffice.org2
    2008-04-02 13:50 --------- d-----w C:\ProgramData\qfnispmc
    2008-03-31 17:57 --------- d-----w C:\ProgramData\ppoqcalg
    2008-03-31 10:01 --------- d-----w C:\ProgramData\ebkdiral
    2008-03-31 10:01 --------- d-----w C:\ProgramData\bqilkhnq
    2008-03-29 17:45 1,146,232 ----a-w C:\Windows\System32\aswBoot.exe
    2008-03-29 17:35 20,560 ----a-w C:\Windows\system32\drivers\aswFsBlk.sys
    2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
    2008-03-29 17:31 75,856 ----a-w C:\Windows\system32\drivers\aswSP.sys
    2008-03-29 17:29 23,152 ----a-w C:\Windows\system32\drivers\aswRdr.sys
    2008-03-29 17:27 42,912 ----a-w C:\Windows\system32\drivers\aswTdi.sys
    2008-03-29 17:23 95,608 ----a-w C:\Windows\System32\AvastSS.scr
    2008-03-24 10:52 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\Azureus
    2008-03-18 09:43 --------- d-----w C:\ProgramData\Roxio
    2008-03-18 09:41 --------- d-----w C:\Program Files\Lx_cats
    2008-03-13 07:38 --------- d-----w C:\Program Files\Windows Mail
    2008-03-09 09:50 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-03-04 17:31 606,848 ----a-w C:\Windows\flashax.exe
    2008-03-04 17:31 12,288 ----a-w C:\Windows\impborl.dll
    2008-02-26 09:45 --------- d-----w C:\ProgramData\Dell
    2008-02-24 20:11 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\Creative
    2008-02-24 20:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-24 20:05 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\muvee Technologies
    2008-02-24 20:04 --------- d-----w C:\ProgramData\TEMP
    2008-02-18 18:33 --------- d-----w C:\ProgramData\Creative
    2008-02-18 18:00 --------- d-----w C:\Program Files\Creative
    2008-02-18 17:52 --------- d-----w C:\ProgramData\muvee Technologies
    2008-02-13 19:02 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-13 19:02 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
    2008-02-13 18:58 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2008-02-13 18:58 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-13 18:58 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-13 18:58 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-13 18:58 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-13 18:58 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
    2008-02-13 18:58 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-13 18:58 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
    2008-02-13 18:57 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-13 18:57 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-13 18:57 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-13 18:57 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-13 18:57 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-13 18:57 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-13 18:55 824,832 ----a-w C:\Windows\System32\wininet.dll
    2008-02-13 18:55 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-13 18:55 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-13 18:55 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-09 18:09 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2007-08-30 13:14 174 --sha-w C:\Program Files\desktop.ini
    2007-08-08 12:19 10,007,784 ----a-w C:\Users\famille Guignard\Azureus_2.5.0.4a_Win32.setup.exe
    2007-08-01 14:35 1,110,800 ----a-w C:\Users\famille Guignard\ForeverPES_v1.0.exe
    2007-06-14 20:23 28,437,860 ----a-w C:\Users\famille Guignard\klmcodec210.exe
    2007-06-13 17:00 3,858,985 ----a-w C:\Users\famille Guignard\eMule0.48a-Installer.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\windows sidebar\sidebar.exe" [2008-01-09 20:09 1232896]
    "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2006-11-12 03:19 446976]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-05-03 13:38 171448]
    "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 16:21 1449984]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
    "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
    "CTRegRun"="C:\Windows\CTRegRun.EXE" [2006-10-06 08:17 53248]
    "CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-11-17 11:42 53341]
    "bqilkhnq"="C:\ProgramData\bqilkhnq\wpezuvqd.exe" [2008-03-31 12:01 114688]
    "6b5DxdFjWL"="C:\ProgramData\ebkdiral\crqroryl.exe" [2008-03-31 12:01 34304]
    "ppoqcalg"="C:\ProgramData\ppoqcalg\qtknkloh.exe" [2008-03-31 19:57 102400]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
    "qfnispmc"="C:\ProgramData\qfnispmc\alcjglmh.exe" [2008-04-02 15:50 106496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-25 10:25 1006264]
    "SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-04-19 06:50 77824]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 18:12 90112]
    "SigmatelSysTrayApp"="sttray.exe" [2007-02-08 07:16 303104 C:\Windows\sttray.exe]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37 81920]
    "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22 221184]
    "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 23:13 17920]
    "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 12:35 221184]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
    "LXCCCATS"="C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2007-02-22 05:13 73728]
    "lxccmon.exe"="C:\Program Files\Lexmark 3300 Series\lxccmon.exe" [2007-05-11 08:57 205744]
    "EzPrint"="C:\Program Files\Lexmark 3300 Series\ezprint.exe" [2007-05-11 08:58 103344]
    "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36 229376]
    "MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45 222208]
    "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384]
    "V0420Mon.exe"="C:\Windows\V0420Mon.exe" [2007-04-30 03:00 32768]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

    C:\Users\famille Guignard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 16:54:56 393216]

    [HKLM\~\startupfolder\C:^Users^famille Guignard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ForeverPES v1.0.lnk]
    path=C:\Users\famille Guignard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ForeverPES v1.0.lnk
    backup=C:\Windows\pss\ForeverPES v1.0.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{A685C6F2-C3A9-4F99-B166-112B8ED8E3BF}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
    "{6B3EC115-3B2C-49BF-BB77-D0D4A8833D84}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
    "{86D9BCC1-BC7A-4E58-9720-516EFF442833}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{716A8C59-12B1-4F57-8B84-86243D607138}"= UDP:8904:BitComet 8904 TCP
    "{3B6EA7A4-EB12-4302-8C4B-533D241AA3D6}"= TCP:8904:BitComet 8904 UDP
    "TCP Query User{5F47E35F-9BD2-4D45-B97B-8B6C0C69759F}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{51CD3F96-5320-42A7-979B-ED33B2E56DFB}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "TCP Query User{5FCF31C5-8C5D-48C3-9B97-2296C35C8D5E}C:\\users\\famille guignard\\utorrent.exe"= UDP:C:\users\famille guignard\utorrent.exe:utorrent.exe
    "UDP Query User{CC97CB50-7842-4E5A-AD18-F82A99FC093A}C:\\users\\famille guignard\\utorrent.exe"= TCP:C:\users\famille guignard\utorrent.exe:utorrent.exe
    "TCP Query User{4985C50D-17B6-44B1-B9EB-644DF2E72BF5}C:\\program files\\freeplayer\\vlc\\vlc.exe"= UDP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player
    "UDP Query User{8D7F3E8F-81A2-4A75-BA24-6C8490FB6BA2}C:\\program files\\freeplayer\\vlc\\vlc.exe"= TCP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player
    "{41681949-A79F-42D2-811B-64FD7EEB6F9C}"= UDP:C:\Windows\System32\lxcccoms.exe:Lexmark Communications System
    "{CD1B1B5B-13A9-4727-ACA0-4073BFDFC4EF}"= TCP:C:\Windows\System32\lxcccoms.exe:Lexmark Communications System
    "{6602DF51-26C0-4E62-9A3D-1CEC7B6886C4}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxccpswx.exe:p rinter Status Window
    "{3874E8EE-C309-4AC5-9A65-5CC792654C7A}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxccpswx.exe:p rinter Status Window
    "TCP Query User{D2989470-FF9D-46C7-AF31-0B6444724C74}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "UDP Query User{D7A77E54-4F1B-4FEF-8521-AC8ADFE147B8}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "TCP Query User{FE7E1A5D-EE4A-4404-965E-BD30114A59F5}C:\\program files\\konami\\pro evolution soccer 5\\pes5.exe"= UDP:C:\program files\konami\pro evolution soccer 5\pes5.exe:p es5.exe
    "UDP Query User{0E7C4AE6-A3D4-403E-BCA8-73E4EBE81DDC}C:\\program files\\konami\\pro evolution soccer 5\\pes5.exe"= TCP:C:\program files\konami\pro evolution soccer 5\pes5.exe:p es5.exe
    "TCP Query User{8B4264FC-09C8-44A8-9079-212319B31B3A}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
    "UDP Query User{EEE689C0-C634-46E6-9C00-CD7F45BFA28E}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
    "TCP Query User{D7B7B803-D46D-4F66-BEB2-4633CC792537}C:\\program files\\k-lite codec pack\\media player classic\\mplayerc.exe"= UDP:C:\program files\k-lite codec pack\media player classic\mplayerc.exe:Media Player Classic
    "UDP Query User{D5463018-4325-4875-8A66-ACA32312ACF3}C:\\program files\\k-lite codec pack\\media player classic\\mplayerc.exe"= TCP:C:\program files\k-lite codec pack\media player classic\mplayerc.exe:Media Player Classic
    "TCP Query User{EA2E46DD-F039-4C5E-9BCA-A32A1D323779}C:\\program files\\sightspeed\\sightspeed.exe"= UDP:C:\program files\sightspeed\sightspeed.exe:SightSpeed
    "UDP Query User{3A954AE7-5827-44EC-98F4-96B41230B40D}C:\\program files\\sightspeed\\sightspeed.exe"= TCP:C:\program files\sightspeed\sightspeed.exe:SightSpeed

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R1 DLARTL_M;DLARTL_M;C:\Windows\system32\Drivers\DLARTL_M.SYS [2007-02-08 20:05]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 17:46]
    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
    R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-10-25 06:53]
    R3 V0420VID;Live! Cam Vista IM (VF0420);C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 03:32]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-04-02 09:46:22 C:\Windows\Tasks\User_Feed_Synchronization-{D46E26B8-D53E-4F84-B18F-72E571EDD258}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-03 10:21:46
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    LXCCCATS = rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-03 10:22:31
    ComboFix-quarantined-files.txt 2008-04-03 08:22:27
    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
    .
    2008-04-02 12:12:18 --- E O F ---

    et maintenant que dois-je faire?
    merci
    Contenus similaires
    a b 8 Sécurité
    3 Avril 2008 17:21:45

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    Folder::
    C:\ProgramData\bqilkhnq
    C:\ProgramData\ebkdiral
    C:\ProgramData\ppoqcalg
    C:\ProgramData\qfnispmc

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bqilkhnq"=-
    "6b5DxdFjWL"=
    "ppoqcalg"=-
    "qfnispmc"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    3 Avril 2008 20:07:06

    merci
    j'ai effectué ce que tu m'as dis et voilà les rapport
    ComboFix 08-04-02.1 - famille Guignard 2008-04-03 19:54:49.2 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.410 [GMT 2:00]
    Endroit: C:\Users\famille Guignard\Desktop\ComboFix.exe
    Command switches used :: C:\Users\famille Guignard\Desktop\CFScript.txt
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\ProgramData\bqilkhnq
    C:\ProgramData\bqilkhnq\wpezuvqd.exe
    C:\ProgramData\ebkdiral
    C:\ProgramData\ebkdiral\crqroryl.exe
    C:\ProgramData\ppoqcalg
    C:\ProgramData\ppoqcalg\qtknkloh.exe
    C:\ProgramData\qfnispmc
    C:\ProgramData\qfnispmc\alcjglmh.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-03 to 2008-04-03 ))))))))))))))))))))))))))))))))))))
    .

    Pas de nouveau fichier créé dans cet espace de temps

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-03 14:45 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\OpenOffice.org2
    2008-04-03 14:44 --------- d-----w C:\ProgramData\ykvbxxdc
    2008-04-03 13:34 --------- d-----w C:\ProgramData\dpullhqo
    2008-04-03 10:14 --------- d-----w C:\Program Files\Navilog1
    2008-03-29 17:45 1,146,232 ----a-w C:\Windows\System32\aswBoot.exe
    2008-03-29 17:35 20,560 ----a-w C:\Windows\system32\drivers\aswFsBlk.sys
    2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
    2008-03-29 17:31 75,856 ----a-w C:\Windows\system32\drivers\aswSP.sys
    2008-03-29 17:29 23,152 ----a-w C:\Windows\system32\drivers\aswRdr.sys
    2008-03-29 17:27 42,912 ----a-w C:\Windows\system32\drivers\aswTdi.sys
    2008-03-29 17:23 95,608 ----a-w C:\Windows\System32\AvastSS.scr
    2008-03-24 10:52 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\Azureus
    2008-03-18 09:43 --------- d-----w C:\ProgramData\Roxio
    2008-03-18 09:41 --------- d-----w C:\Program Files\Lx_cats
    2008-03-13 07:38 --------- d-----w C:\Program Files\Windows Mail
    2008-03-09 09:50 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-03-04 17:31 606,848 ----a-w C:\Windows\flashax.exe
    2008-03-04 17:31 12,288 ----a-w C:\Windows\impborl.dll
    2008-02-26 09:45 --------- d-----w C:\ProgramData\Dell
    2008-02-24 20:11 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\Creative
    2008-02-24 20:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-24 20:05 --------- d-----w C:\Users\famille Guignard\AppData\Roaming\muvee Technologies
    2008-02-24 20:04 --------- d-----w C:\ProgramData\TEMP
    2008-02-18 18:33 --------- d-----w C:\ProgramData\Creative
    2008-02-18 18:00 --------- d-----w C:\Program Files\Creative
    2008-02-18 17:52 --------- d-----w C:\ProgramData\muvee Technologies
    2008-02-13 19:02 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-13 19:02 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
    2008-02-13 18:58 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2008-02-13 18:58 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-13 18:58 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-13 18:58 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-13 18:58 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-13 18:58 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
    2008-02-13 18:58 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-13 18:58 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
    2008-02-13 18:57 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-13 18:57 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-13 18:57 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-13 18:57 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-13 18:57 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-13 18:57 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-13 18:55 824,832 ----a-w C:\Windows\System32\wininet.dll
    2008-02-13 18:55 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-13 18:55 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-13 18:55 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-09 18:09 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2007-08-30 13:14 174 --sha-w C:\Program Files\desktop.ini
    2007-08-08 12:19 10,007,784 ----a-w C:\Users\famille Guignard\Azureus_2.5.0.4a_Win32.setup.exe
    2007-08-01 14:35 1,110,800 ----a-w C:\Users\famille Guignard\ForeverPES_v1.0.exe
    2007-06-14 20:23 28,437,860 ----a-w C:\Users\famille Guignard\klmcodec210.exe
    2007-06-13 17:00 3,858,985 ----a-w C:\Users\famille Guignard\eMule0.48a-Installer.exe
    .

    ((((((((((((((((((((((((((((( snapshot@2008-04-03_10.22.14.63 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-03 07:28:31 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-03 14:43:42 67,584 --s-a-w C:\Windows\bootstat.dat
    - 2008-04-03 07:43:43 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
    + 2008-04-03 16:58:51 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
    - 2008-04-03 07:30:52 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-03 14:45:48 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    - 2008-04-03 08:17:12 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
    + 2008-04-03 17:53:09 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
    - 2008-04-03 08:21:30 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-03 17:57:38 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-03 17:57:38 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
    - 2008-04-03 07:29:00 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-04-03 14:44:06 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-04-03 07:29:00 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-04-03 14:44:06 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-04-03 07:29:00 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-03 14:44:06 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-04-03 07:31:01 10,284 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3203591292-437425144-1656290942-1000_UserData.bin
    + 2008-04-03 14:45:54 10,284 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3203591292-437425144-1656290942-1000_UserData.bin
    - 2008-04-03 07:31:00 56,098 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-04-03 14:45:54 56,280 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-04-03 07:30:52 51,610 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-04-03 14:45:47 51,634 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\windows sidebar\sidebar.exe" [2008-01-09 20:09 1232896]
    "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2006-11-12 03:19 446976]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-05-03 13:38 171448]
    "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 16:21 1449984]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
    "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
    "CTRegRun"="C:\Windows\CTRegRun.EXE" [2006-10-06 08:17 53248]
    "CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-11-17 11:42 53341]
    "6b5DxdFjWL"="C:\ProgramData\ebkdiral\crqroryl.exe" [ ]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
    "dpullhqo"="C:\ProgramData\dpullhqo\ergtixgd.exe" [2008-04-03 15:34 94208]
    "ykvbxxdc"="C:\ProgramData\ykvbxxdc\yryhcvmr.exe" [2008-04-03 16:44 90112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-25 10:25 1006264]
    "SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-04-19 06:50 77824]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 18:12 90112]
    "SigmatelSysTrayApp"="sttray.exe" [2007-02-08 07:16 303104 C:\Windows\sttray.exe]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37 81920]
    "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22 221184]
    "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 23:13 17920]
    "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 12:35 221184]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
    "LXCCCATS"="C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2007-02-22 05:13 73728]
    "lxccmon.exe"="C:\Program Files\Lexmark 3300 Series\lxccmon.exe" [2007-05-11 08:57 205744]
    "EzPrint"="C:\Program Files\Lexmark 3300 Series\ezprint.exe" [2007-05-11 08:58 103344]
    "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36 229376]
    "MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45 222208]
    "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384]
    "V0420Mon.exe"="C:\Windows\V0420Mon.exe" [2007-04-30 03:00 32768]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

    C:\Users\famille Guignard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ForeverPES v1.0.lnk - C:\Users\famille Guignard\Documents\KONAMI\Pro Evolution Soccer 5\save\folder1\KONAMI-WIN32PES5OPT [2008-04-03 09:25:19 1250304]
    OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 16:54:56 393216]

    [HKLM\~\startupfolder\C:^Users^famille Guignard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ForeverPES v1.0.lnk]
    path=C:\Users\famille Guignard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ForeverPES v1.0.lnk
    backup=C:\Windows\pss\ForeverPES v1.0.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{A685C6F2-C3A9-4F99-B166-112B8ED8E3BF}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
    "{6B3EC115-3B2C-49BF-BB77-D0D4A8833D84}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
    "{86D9BCC1-BC7A-4E58-9720-516EFF442833}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{716A8C59-12B1-4F57-8B84-86243D607138}"= UDP:8904:BitComet 8904 TCP
    "{3B6EA7A4-EB12-4302-8C4B-533D241AA3D6}"= TCP:8904:BitComet 8904 UDP
    "TCP Query User{5F47E35F-9BD2-4D45-B97B-8B6C0C69759F}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{51CD3F96-5320-42A7-979B-ED33B2E56DFB}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "TCP Query User{5FCF31C5-8C5D-48C3-9B97-2296C35C8D5E}C:\\users\\famille guignard\\utorrent.exe"= UDP:C:\users\famille guignard\utorrent.exe:utorrent.exe
    "UDP Query User{CC97CB50-7842-4E5A-AD18-F82A99FC093A}C:\\users\\famille guignard\\utorrent.exe"= TCP:C:\users\famille guignard\utorrent.exe:utorrent.exe
    "TCP Query User{4985C50D-17B6-44B1-B9EB-644DF2E72BF5}C:\\program files\\freeplayer\\vlc\\vlc.exe"= UDP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player
    "UDP Query User{8D7F3E8F-81A2-4A75-BA24-6C8490FB6BA2}C:\\program files\\freeplayer\\vlc\\vlc.exe"= TCP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player
    "{41681949-A79F-42D2-811B-64FD7EEB6F9C}"= UDP:C:\Windows\System32\lxcccoms.exe:Lexmark Communications System
    "{CD1B1B5B-13A9-4727-ACA0-4073BFDFC4EF}"= TCP:C:\Windows\System32\lxcccoms.exe:Lexmark Communications System
    "{6602DF51-26C0-4E62-9A3D-1CEC7B6886C4}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxccpswx.exe:p rinter Status Window
    "{3874E8EE-C309-4AC5-9A65-5CC792654C7A}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxccpswx.exe:p rinter Status Window
    "TCP Query User{D2989470-FF9D-46C7-AF31-0B6444724C74}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "UDP Query User{D7A77E54-4F1B-4FEF-8521-AC8ADFE147B8}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "TCP Query User{FE7E1A5D-EE4A-4404-965E-BD30114A59F5}C:\\program files\\konami\\pro evolution soccer 5\\pes5.exe"= UDP:C:\program files\konami\pro evolution soccer 5\pes5.exe:p es5.exe
    "UDP Query User{0E7C4AE6-A3D4-403E-BCA8-73E4EBE81DDC}C:\\program files\\konami\\pro evolution soccer 5\\pes5.exe"= TCP:C:\program files\konami\pro evolution soccer 5\pes5.exe:p es5.exe
    "TCP Query User{8B4264FC-09C8-44A8-9079-212319B31B3A}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
    "UDP Query User{EEE689C0-C634-46E6-9C00-CD7F45BFA28E}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
    "TCP Query User{D7B7B803-D46D-4F66-BEB2-4633CC792537}C:\\program files\\k-lite codec pack\\media player classic\\mplayerc.exe"= UDP:C:\program files\k-lite codec pack\media player classic\mplayerc.exe:Media Player Classic
    "UDP Query User{D5463018-4325-4875-8A66-ACA32312ACF3}C:\\program files\\k-lite codec pack\\media player classic\\mplayerc.exe"= TCP:C:\program files\k-lite codec pack\media player classic\mplayerc.exe:Media Player Classic
    "TCP Query User{EA2E46DD-F039-4C5E-9BCA-A32A1D323779}C:\\program files\\sightspeed\\sightspeed.exe"= UDP:C:\program files\sightspeed\sightspeed.exe:SightSpeed
    "UDP Query User{3A954AE7-5827-44EC-98F4-96B41230B40D}C:\\program files\\sightspeed\\sightspeed.exe"= TCP:C:\program files\sightspeed\sightspeed.exe:SightSpeed

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R1 DLARTL_M;DLARTL_M;C:\Windows\system32\Drivers\DLARTL_M.SYS [2007-02-08 20:05]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 17:46]
    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
    R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-10-25 06:53]
    R3 V0420VID;Live! Cam Vista IM (VF0420);C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 03:32]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6179ac7-ee2f-11db-885a-806e6f6e6963}]
    \shell\AutoRun\command - E:\autorun.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-04-03 10:51:21 C:\Windows\Tasks\User_Feed_Synchronization-{D46E26B8-D53E-4F84-B18F-72E571EDD258}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-03 19:57:58
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    LXCCCATS = rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-03 19:58:35
    ComboFix-quarantined-files.txt 2008-04-03 17:58:32
    ComboFix2.txt 2008-04-03 08:22:32
    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
    .
    2008-04-02 12:12:18 --- E O F ---

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:01:15, on 03/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Windows\sttray.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Lexmark 3300 Series\lxccmon.exe
    C:\Program Files\Lexmark 3300 Series\ezprint.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Windows\V0420Mon.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Creative\Shared Files\CTSched.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
    C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Windows\Explorer.exe
    C:\Users\famille Guignard\Downloads\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [CTRegRun] C:\Windows\CTRegRun.EXE
    O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
    O4 - HKCU\..\Run: [6b5DxdFjWL] C:\ProgramData\ebkdiral\crqroryl.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [dpullhqo] C:\ProgramData\dpullhqo\ergtixgd.exe
    O4 - HKCU\..\Run: [ykvbxxdc] C:\ProgramData\ykvbxxdc\yryhcvmr.exe
    O4 - Startup: ForeverPES v1.0.lnk = ?
    O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-cd8d6a9894a62d9c.spaces.live.com/PhotoUpload...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: lxcc_device - - C:\Windows\system32\lxcccoms.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 10115 bytes
    3 Avril 2008 20:07:58

    et maintenat que dois je faire?

    merci
    4 Avril 2008 11:56:26

    peut on m'indiquer la suite à donner??

    merci
    4 Avril 2008 20:58:10

    voici le rapport

    AntiVir PersonalEdition Classic
    Report file date: vendredi 4 avril 2008 19:28

    Scanning for 1181183 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows Vista
    Windows version: (plain) [6.0.6000]
    Username: famille Guignard
    Computer name: PC-DE-FAMILLEGU

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 17:23:07
    ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 17:23:07
    ANTIVIR3.VDF : 7.0.3.121 189952 Bytes 04/04/2008 17:23:07
    AVEWIN32.DLL : 7.6.0.81 3424768 Bytes 04/04/2008 17:23:07
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 04/04/2008 17:23:07
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

    Configuration settings for the scan:
    Jobname..........................: Local Hard Disks
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: vendredi 4 avril 2008 19:28

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'VSSVC.exe' - '1' Module(s) have been scanned
    Scan process 'FlashUtil9e.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'CLI.exe' - '1' Module(s) have been scanned
    Scan process 'CLI.exe' - '1' Module(s) have been scanned
    Scan process 'CPSHelpRunner.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'ieuser.exe' - '1' Module(s) have been scanned
    Scan process 'RoxMediaDB9.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
    Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
    Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'stacsv.exe' - '1' Module(s) have been scanned
    Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
    Scan process 'RoxWatch9.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lxcccoms.exe' - '1' Module(s) have been scanned
    Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned
    Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
    Scan process 'soffice.bin' - '1' Module(s) have been scanned
    Scan process 'soffice.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'CTSched.exe' - '1' Module(s) have been scanned
    Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
    Scan process 'ehtray.exe' - '1' Module(s) have been scanned
    Scan process 'PcSync2.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'DSAgnt.exe' - '1' Module(s) have been scanned
    Scan process 'sidebar.exe' - '1' Module(s) have been scanned
    Scan process 'V0420Mon.exe' - '1' Module(s) have been scanned
    Scan process 'CLI.exe' - '1' Module(s) have been scanned
    Scan process 'LaunchApplication.exe' - '1' Module(s) have been scanned
    Scan process 'ezprint.exe' - '1' Module(s) have been scanned
    Scan process 'lxccmon.exe' - '1' Module(s) have been scanned
    Scan process 'RoxWatchTray9.exe' - '1' Module(s) have been scanned
    Scan process 'issch.exe' - '1' Module(s) have been scanned
    Scan process 'sttray.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'dwm.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
    Scan process 'audiodg.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'lsm.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'wininit.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    76 processes with 76 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '21' files ).


    Starting the file scan:

    Begin scan in 'C:\' <OS>
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Users\famille Guignard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\1d19b497-52fcd81b
    [0] Archive type: ZIP
    --> BaaaaBaa.class
    [DETECTION] Is the Trojan horse TR/Java.Downloader.Gen
    --> VaaaaaaaBaa.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/ClassLoader.FA
    --> Dvnny.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/Exploit.By.A.2
    --> Baaaaa.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/Exploit.By.A.1
    --> Dex.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/ClassLoader.GC
    --> Dix.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/ClassLoader.GD
    --> Dux.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/ClassLoader.GE
    [INFO] The file was moved to '48276ca1.qua'!
    Begin scan in 'D:\' <RECOVERY>


    End of the scan: vendredi 4 avril 2008 20:29
    Used time: 1:01:39 min

    The scan has been done completely.

    16893 Scanning directories
    316043 Files were scanned
    6 viruses and/or unwanted programs were found
    1 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    1 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    316037 Files not concerned
    3672 Archives were scanned
    1 Warnings
    0 Notes

    c bon signe??
    que dois je faire??
    a b 8 Sécurité
    5 Avril 2008 12:23:53

    Reposte un rapport Hijackthis.
    11 Avril 2008 15:42:39

    voici le rapport
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:40:17, on 11/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Windows\sttray.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Lexmark 3300 Series\lxccmon.exe
    C:\Program Files\Lexmark 3300 Series\ezprint.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Windows\V0420Mon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Creative\Shared Files\CTSched.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
    C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\Windows Mail\WinMail.exe
    c:\program files\common files\installshield\updateservice\isuspm.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
    C:\Users\famille Guignard\Downloads\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [CTRegRun] C:\Windows\CTRegRun.EXE
    O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Startup: ForeverPES v1.0.lnk = ?
    O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-cd8d6a9894a62d9c.spaces.live.com/PhotoUpload...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: lxcc_device - - C:\Windows\system32\lxcccoms.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 10218 bytes
    bonnes nouvelles??
    a b 8 Sécurité
    11 Avril 2008 18:06:19

    Même problème ?
    12 Avril 2008 15:58:12

    non ca va mieux

    il me reste un message qui s'affiche et qui dit
    "This program requires the file advrcntr2.dll, which was not found on this system"

    une solution?
    merci
    a b 8 Sécurité
    12 Avril 2008 16:33:13

    Quel programme ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS