Se connecter / S'enregistrer
Votre question

pc trop lent

Tags :
  • Acer
  • Sécurité
Dernière réponse : dans Sécurité et virus
24 Janvier 2008 09:38:26

Bonjour,
Mon pc est très lent ,il rame énormément. Et fait 1 bruit monstre.
Ma question est de savoir s'il est infecté ou non. Pourriez vous m'aider s'il vous plaît.
MErci

Autres pages sur : lent

24 Janvier 2008 09:51:55

Je me suis permise de vous poster mon rapport ,en espérant que cela vous aidera .
merci encore

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:49:48, on 24/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\nadia\Bureau\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: muslimtool Toolbar - {a9e74564-316d-4054-b8e7-2b618e7fb5c1} - C:\Program Files\muslimtool\tbmus1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb125\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: muslimtool Toolbar - {a9e74564-316d-4054-b8e7-2b618e7fb5c1} - C:\Program Files\muslimtool\tbmus1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: muslimtool Toolbar - {a9e74564-316d-4054-b8e7-2b618e7fb5c1} - C:\Program Files\muslimtool\tbmus1.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb125\Dealio.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] "c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"
O4 - HKLM\..\Run: [AspireService] "C:\Program Files\Acer\Acer eMode Management\AspireService.exe"
O4 - HKLM\..\Run: [MediaSync] "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"
O4 - HKLM\..\Run: [Omnipage] "C:\Program Files\ScanSoft\OmniPageSE\opware32.exe"
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] "C:\Program Files\Logitech\ImageStudio\ISStart.exe"
O4 - HKLM\..\Run: [LogitechImageStudioTray] "C:\Program Files\Logitech\ImageStudio\LogiTray.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe"
O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [SweetIM] "C:\Program Files\Macrogaming\SweetIM\SweetIM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\nadia\Application Data\Dealio\kb125\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb125\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb125\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nadia-c.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{88D13CA3-D164-443A-8E32-9C453CA3C367}: NameServer = 192.168.1.1
O21 - SSODL: syshosts - {54574C85-558B-46EB-BF40-A9D3F8C16861} - syshosts.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 14254 bytes
24 Janvier 2008 12:56:21

s'il vous plait.Aidez moi!
Contenus similaires
a b 8 Sécurité
24 Janvier 2008 13:28:23

muslimtool, tu connais ?

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    24 Janvier 2008 13:51:47

    petite question bête, c'est quoi son antivirus je le vois pas
    24 Janvier 2008 16:04:41

    oui muslim tool c'est un moteur de recherche que mon mari a télécharger...
    24 Janvier 2008 16:21:39

    ComboFix 08-01-23.2 - nadia 2008-01-24 16:16:19.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.240 [GMT 1:00]
    Endroit: C:\Documents and Settings\nadia\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\err.log
    C:\Documents and Settings\nadia\new.txt
    C:\WINDOWS\pack.epk
    C:\WINDOWS\photos.zip
    C:\WINDOWS\system32\ztlzseqw.dat
    C:\WINDOWS\system32\ztlzseqw_nav.dat
    C:\WINDOWS\system32\ztlzseqw_navps.dat

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-24 to 2008-01-24 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-24 16:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
    2008-01-14 22:36 . 2008-01-14 22:36 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-13 15:15 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-01-13 15:15 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
    2008-01-13 15:15 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-01-13 11:03 . 2008-01-13 11:03 <REP> d-------- C:\Program Files\MSBuild
    2008-01-13 11:02 . 2008-01-13 11:02 <REP> d-------- C:\Program Files\Microsoft.NET
    2008-01-13 10:58 . 2008-01-13 10:58 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-01-07 12:59 . 2008-01-07 12:59 <REP> d-------- C:\futsoft
    2008-01-06 09:58 . 2008-01-06 10:06 <REP> d-------- C:\Program Files\EA Sports
    2008-01-05 22:31 . 2008-01-05 22:31 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2008-01-05 22:17 . 2008-01-05 22:17 <REP> d-------- C:\Program Files\KONAMI
    2007-12-27 14:28 . 2007-12-27 14:28 <REP> d-------- C:\Program Files\Microsoft Picture It! PhotoPub
    2007-12-27 14:28 . 2007-12-27 14:30 2,174 --a------ C:\WINDOWS\Active Setup Log.BAK

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-24 14:26 --------- d-----w C:\Program Files\eMule
    2008-01-13 10:03 --------- d-----w C:\Program Files\Microsoft Works
    2008-01-09 09:14 --------- d-----w C:\Program Files\DivX
    2008-01-05 21:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-20 17:14 --------- d-----w C:\Program Files\Easiestutils
    2007-12-20 14:25 --------- d-----w C:\Program Files\Lupas Rename 2000
    2007-12-20 10:40 --------- d-----w C:\Program Files\iTunes
    2007-12-20 10:40 --------- d-----w C:\Program Files\iPod
    2007-12-20 10:36 --------- d-----w C:\Program Files\QuickTime
    2007-12-17 09:00 --------- d-----w C:\Program Files\Total Video Converter
    2007-12-14 18:45 --------- d-----w C:\Program Files\CDex_150
    2007-12-14 18:11 --------- d-----w C:\Program Files\MP3Producer
    2007-12-14 17:45 --------- d-----w C:\Program Files\Winamp
    2007-12-14 14:56 --------- d-----w C:\Program Files\AoA Audio Extractor
    2007-12-14 14:27 --------- d-----w C:\Program Files\Free FLV Converter
    2007-12-14 14:26 --------- d-----w C:\Program Files\Video mp3 Extractor
    2007-12-12 09:50 --------- d-----w C:\Program Files\Musicmatch
    2007-12-11 22:34 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-12-11 22:34 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2007-12-11 22:34 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-12-11 22:34 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-12-11 22:33 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-12-11 22:33 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-12-11 22:33 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-12-11 22:32 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-12-11 12:15 --------- d-----w C:\Program Files\Search Settings
    2007-12-11 12:15 --------- d-----w C:\Program Files\Dealio
    2007-12-10 17:58 --------- d-----w C:\Program Files\VideoLAN
    2007-12-10 17:47 --------- d-----w C:\Program Files\Apple Software Update
    2007-12-10 17:46 --------- d-----w C:\Program Files\Fichiers communs\Apple
    2007-12-09 20:01 --------- d-----w C:\Program Files\MSN Messenger
    2007-12-08 22:24 --------- d-----w C:\Program Files\SopCast
    2007-12-05 18:38 --------- d-----w C:\Program Files\MSECache
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-11-20 07:15 737,280 ----a-w C:\WINDOWS\iun6002.exe
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
    2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
    2006-09-30 20:31 4,642,748 ----a-w C:\Program Files\eMule-NG-0[1].47a-Installer.zip
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a9e74564-316d-4054-b8e7-2b618e7fb5c1}]
    2007-12-07 10:53 1502232 --a------ C:\Program Files\muslimtool\tbmus1.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
    2007-12-06 11:58 1198432 --a------ C:\Program Files\Search Settings\kb125\SearchSettings.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11D4-9B18-009027A5CD4F}
    {A9E74564-316D-4054-B8E7-2B618E7FB5C1}
    {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}

    [HKEY_CLASSES_ROOT\clsid\{a9e74564-316d-4054-b8e7-2b618e7fb5c1}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{A9E74564-316D-4054-B8E7-2B618E7FB5C1}"= C:\Program Files\muslimtool\tbmus1.dll [2007-12-07 10:53 1502232]

    [HKEY_CLASSES_ROOT\clsid\{a9e74564-316d-4054-b8e7-2b618e7fb5c1}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 06:00 15360]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 07:55 68856]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [ ]
    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 12:00 204800]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" []
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
    "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 13:36 14854144 C:\WINDOWS\RTHDCPL.exe]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15 45056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 06:00 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 06:00 59392]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 17:00 397312]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 15:07 114688]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 12:48 425984]
    "Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 10:38 49152]
    "Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 20:25 1003520]
    "LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 18:32 155648]
    "LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 18:31 61440]
    "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
    "SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
    "ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
    "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 17:49 50688]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 13:19 185632]
    "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
    "au"="C:\Program Files\Dealio\DealioAU.exe" [2007-12-06 11:57 546144]
    "SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2007-12-06 11:58 1069920]
    "WinampAgent"="C:\Program Files\Winamp\wianmpa.exe" [ ]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 06:00 15360]

    R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 08:00]
    R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2005-06-29 01:38]
    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 17:14]
    R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
    R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
    S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-02-27 14:31]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47cb70d4-cfbe-11db-a902-0008d303382e}]
    \shell\verb1\command - desktop.exe

    *Newly Created Service* - INT15.SYS
    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-24 10:33:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-24 16:19:03
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    a b 8 Sécurité
    24 Janvier 2008 20:39:37

    Commence par désinstaller Search Settings et Dealio.
    24 Janvier 2008 21:30:31

    voila c'est fait.
    Il rame et fait énormément de bruit.
    a b 8 Sécurité
    24 Janvier 2008 21:32:06

    Refais un scan Combofix.
    25 Janvier 2008 08:29:21

    je viens de refaire le scan.Maintenant l'emplacement du rapport est le même que précédemment c'est à dire sur C/ En espérant que ce ne soit pas le même que le 1er rapport car il n'y a que celui-ci sur mon pc.

    De plus un nouveau message s'affiche à chaque fois que je veux éteindre mon Pc en me disant que l'application DShowMsgWindow ne veut pas se fermé.

    Mon pc fait de plus en plus de bruit(de ventilation je pense) et devient encore plus lent :-(

    En tout cas merci pour votre aide.

    ComboFix 08-01-23.2 - nadia 2008-01-25 8:20:07.3 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.256 [GMT 1:00]
    Endroit: C:\Documents and Settings\nadia\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\err.log
    C:\Documents and Settings\nadia\new.txt
    C:\WINDOWS\pack.epk
    C:\WINDOWS\photos.zip
    C:\WINDOWS\system32\ztlzseqw.dat
    C:\WINDOWS\system32\ztlzseqw_nav.dat
    C:\WINDOWS\system32\ztlzseqw_navps.dat

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-25 to 2008-01-25 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-24 17:03 . 2008-01-24 17:03 <REP> d-------- C:\Program Files\iTunes
    2008-01-24 17:03 . 2008-01-24 17:03 <REP> d-------- C:\Program Files\iPod
    2008-01-24 16:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
    2008-01-14 22:36 . 2008-01-14 22:36 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-13 15:15 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-01-13 15:15 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
    2008-01-13 15:15 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-01-13 11:03 . 2008-01-13 11:03 <REP> d-------- C:\Program Files\MSBuild
    2008-01-13 11:02 . 2008-01-13 11:02 <REP> d-------- C:\Program Files\Microsoft.NET
    2008-01-13 10:58 . 2008-01-13 10:58 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-01-07 12:59 . 2008-01-07 12:59 <REP> d-------- C:\futsoft
    2008-01-06 09:58 . 2008-01-25 08:06 <REP> d-------- C:\Program Files\EA Sports
    2008-01-05 22:31 . 2008-01-05 22:31 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2008-01-05 22:17 . 2008-01-05 22:17 <REP> d-------- C:\Program Files\KONAMI
    2007-12-27 14:28 . 2007-12-27 14:28 <REP> d-------- C:\Program Files\Microsoft Picture It! PhotoPub
    2007-12-27 14:28 . 2007-12-27 14:30 2,174 --a------ C:\WINDOWS\Active Setup Log.BAK

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-25 07:11 --------- d-----w C:\Program Files\Logitech
    2008-01-25 06:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-24 19:21 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
    2008-01-24 19:21 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
    2008-01-24 18:00 --------- d-----w C:\Program Files\eMule
    2008-01-24 15:30 --------- d-----w C:\Program Files\muslimtool
    2008-01-13 10:03 --------- d-----w C:\Program Files\Microsoft Works
    2008-01-09 09:14 --------- d-----w C:\Program Files\DivX
    2007-12-20 14:25 --------- d-----w C:\Program Files\Lupas Rename 2000
    2007-12-17 09:00 --------- d-----w C:\Program Files\Total Video Converter
    2007-12-14 18:45 --------- d-----w C:\Program Files\CDex_150
    2007-12-14 18:11 --------- d-----w C:\Program Files\MP3Producer
    2007-12-14 17:45 --------- d-----w C:\Program Files\Winamp
    2007-12-14 14:56 --------- d-----w C:\Program Files\AoA Audio Extractor
    2007-12-14 14:27 --------- d-----w C:\Program Files\Free FLV Converter
    2007-12-14 14:26 --------- d-----w C:\Program Files\Video mp3 Extractor
    2007-12-12 09:50 --------- d-----w C:\Program Files\Musicmatch
    2007-12-11 22:34 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-12-11 22:34 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2007-12-11 22:34 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-12-11 22:34 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-12-11 22:33 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-12-11 22:33 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-12-11 22:33 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-12-11 22:32 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-12-11 12:15 --------- d-----w C:\Program Files\Dealio
    2007-12-10 17:58 --------- d-----w C:\Program Files\VideoLAN
    2007-12-10 17:47 --------- d-----w C:\Program Files\Apple Software Update
    2007-12-10 17:46 --------- d-----w C:\Program Files\Fichiers communs\Apple
    2007-12-09 20:01 --------- d-----w C:\Program Files\MSN Messenger
    2007-12-08 22:24 --------- d-----w C:\Program Files\SopCast
    2007-12-05 18:38 --------- d-----w C:\Program Files\MSECache
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-11-20 07:15 737,280 ----a-w C:\WINDOWS\iun6002.exe
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
    2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
    2006-09-30 20:31 4,642,748 ----a-w C:\Program Files\eMule-NG-0[1].47a-Installer.zip
    .

    ((((((((((((((((((((((((((((( snapshot@2008-01-24_16.10.15,51 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-01-24 16:03:49 102,400 ----a-r C:\WINDOWS\Installer\{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}\iTunesIco.exe
    - 2006-09-05 16:03:16 3,968 ----a-w C:\WINDOWS\system32\drivers\AvgAsCln.sys
    + 2007-05-30 12:10:42 10,872 ----a-w C:\WINDOWS\system32\drivers\AvgAsCln.sys
    + 2008-01-24 19:21:08 10,760 ----a-w C:\WINDOWS\system32\drivers\avgclean.sys
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a9e74564-316d-4054-b8e7-2b618e7fb5c1}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 06:00 15360]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 07:55 68856]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [ ]
    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 12:00 204800]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" []
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
    "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 13:36 14854144 C:\WINDOWS\RTHDCPL.exe]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15 45056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 06:00 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 06:00 59392]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 17:00 397312]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 15:07 114688]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 12:48 425984]
    "Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 10:38 49152]
    "Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 20:25 1003520]
    "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
    "SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
    "ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 17:49 50688]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 13:19 185632]
    "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
    "au"="C:\Program Files\Dealio\DealioAU.exe" [2007-12-06 11:57 546144]
    "WinampAgent"="C:\Program Files\Winamp\wianmpa.exe" [ ]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 06:00 15360]

    R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 08:00]
    R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2005-06-29 01:38]
    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 17:14]
    R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
    S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
    S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-02-27 14:31]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47cb70d4-cfbe-11db-a902-0008d303382e}]
    \shell\verb1\command - desktop.exe

    *Newly Created Service* - INT15.SYS
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-24 10:33:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-25 08:23:22
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    a b 8 Sécurité
    25 Janvier 2008 19:05:32

    Reposte un rapport Hijackthis.
    25 Janvier 2008 20:29:08

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 20:28, on 2008-01-25
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\nadia\Bureau\scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {a9e74564-316d-4054-b8e7-2b618e7fb5c1} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ntiMUI] "c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"
    O4 - HKLM\..\Run: [AspireService] "C:\Program Files\Acer\Acer eMode Management\AspireService.exe"
    O4 - HKLM\..\Run: [MediaSync] "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"
    O4 - HKLM\..\Run: [Omnipage] "C:\Program Files\ScanSoft\OmniPageSE\opware32.exe"
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe"
    O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [SweetIM] "C:\Program Files\Macrogaming\SweetIM\SweetIM.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nadia-c.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{88D13CA3-D164-443A-8E32-9C453CA3C367}: NameServer = 192.168.1.1
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

    --
    End of file - 12090 bytes
    a b 8 Sécurité
    25 Janvier 2008 20:51:25

    Tu as bien désinstallé Dealio ?

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    Folder::
    C:\Program Files\Dealio
    C:\Program Files\Macrogaming

    Registry::
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a9e74564-316d-4054-b8e7-2b618e7fb5c1}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SweetIM"=-
    "au"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    25 Janvier 2008 21:27:28

    ComboFix 08-01-23.2 - nadia 2008-01-25 21:20:58.4 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.339 [GMT 1:00]
    Endroit: C:\Documents and Settings\nadia\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\nadia\Bureau\CFScript.txt.log
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\err.log
    C:\Documents and Settings\nadia\new.txt
    C:\WINDOWS\pack.epk
    C:\WINDOWS\photos.zip
    C:\WINDOWS\system32\ztlzseqw.dat
    C:\WINDOWS\system32\ztlzseqw_nav.dat
    C:\WINDOWS\system32\ztlzseqw_navps.dat

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-25 to 2008-01-25 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-24 17:03 . 2008-01-24 17:03 <REP> d-------- C:\Program Files\iTunes
    2008-01-24 17:03 . 2008-01-24 17:03 <REP> d-------- C:\Program Files\iPod
    2008-01-24 16:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
    2008-01-14 22:36 . 2008-01-14 22:36 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-13 15:15 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-01-13 15:15 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
    2008-01-13 15:15 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-01-13 11:03 . 2008-01-13 11:03 <REP> d-------- C:\Program Files\MSBuild
    2008-01-13 11:02 . 2008-01-13 11:02 <REP> d-------- C:\Program Files\Microsoft.NET
    2008-01-13 10:58 . 2008-01-13 10:58 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-01-07 12:59 . 2008-01-07 12:59 <REP> d-------- C:\futsoft
    2008-01-06 09:58 . 2008-01-25 08:06 <REP> d-------- C:\Program Files\EA Sports
    2008-01-05 22:31 . 2008-01-05 22:31 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2008-01-05 22:17 . 2008-01-05 22:17 <REP> d-------- C:\Program Files\KONAMI
    2007-12-27 14:28 . 2007-12-27 14:28 <REP> d-------- C:\Program Files\Microsoft Picture It! PhotoPub
    2007-12-27 14:28 . 2007-12-27 14:30 2,174 --a------ C:\WINDOWS\Active Setup Log.BAK

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-25 09:48 --------- d-----w C:\Program Files\eMule
    2008-01-25 07:11 --------- d-----w C:\Program Files\Logitech
    2008-01-25 06:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-24 19:21 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
    2008-01-24 19:21 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
    2008-01-24 15:30 --------- d-----w C:\Program Files\muslimtool
    2008-01-13 10:03 --------- d-----w C:\Program Files\Microsoft Works
    2008-01-09 09:14 --------- d-----w C:\Program Files\DivX
    2007-12-20 14:25 --------- d-----w C:\Program Files\Lupas Rename 2000
    2007-12-17 09:00 --------- d-----w C:\Program Files\Total Video Converter
    2007-12-14 18:45 --------- d-----w C:\Program Files\CDex_150
    2007-12-14 18:11 --------- d-----w C:\Program Files\MP3Producer
    2007-12-14 17:45 --------- d-----w C:\Program Files\Winamp
    2007-12-14 14:56 --------- d-----w C:\Program Files\AoA Audio Extractor
    2007-12-14 14:27 --------- d-----w C:\Program Files\Free FLV Converter
    2007-12-14 14:26 --------- d-----w C:\Program Files\Video mp3 Extractor
    2007-12-12 09:50 --------- d-----w C:\Program Files\Musicmatch
    2007-12-11 22:34 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-12-11 22:34 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2007-12-11 22:34 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-12-11 22:34 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-12-11 22:33 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-12-11 22:33 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-12-11 22:33 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-12-11 22:32 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-12-10 17:58 --------- d-----w C:\Program Files\VideoLAN
    2007-12-10 17:47 --------- d-----w C:\Program Files\Apple Software Update
    2007-12-10 17:46 --------- d-----w C:\Program Files\Fichiers communs\Apple
    2007-12-09 20:01 --------- d-----w C:\Program Files\MSN Messenger
    2007-12-08 22:24 --------- d-----w C:\Program Files\SopCast
    2007-12-05 18:38 --------- d-----w C:\Program Files\MSECache
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-11-20 07:15 737,280 ----a-w C:\WINDOWS\iun6002.exe
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
    2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
    2006-09-30 20:31 4,642,748 ----a-w C:\Program Files\eMule-NG-0[1].47a-Installer.zip
    .

    ((((((((((((((((((((((((((((( snapshot@2008-01-24_16.10.15,51 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-24 15:06:15 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
    + 2008-01-25 20:20:46 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
    - 2008-01-24 15:06:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
    + 2008-01-25 20:20:46 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
    - 2008-01-24 15:06:15 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
    + 2008-01-25 20:20:46 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
    - 2008-01-24 15:06:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
    + 2008-01-25 20:20:46 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
    - 2008-01-24 15:06:15 7,860,224 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat
    + 2008-01-25 20:20:46 7,868,416 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat
    - 2008-01-24 15:06:15 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
    + 2008-01-25 20:20:46 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
    + 2008-01-24 16:03:49 102,400 ----a-r C:\WINDOWS\Installer\{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}\iTunesIco.exe
    - 2006-09-05 16:03:16 3,968 ----a-w C:\WINDOWS\system32\drivers\AvgAsCln.sys
    + 2007-05-30 12:10:42 10,872 ----a-w C:\WINDOWS\system32\drivers\AvgAsCln.sys
    + 2008-01-24 19:21:08 10,760 ----a-w C:\WINDOWS\system32\drivers\avgclean.sys
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a9e74564-316d-4054-b8e7-2b618e7fb5c1}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 06:00 15360]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 07:55 68856]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [ ]
    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 12:00 204800]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" []
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
    "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 13:36 14854144 C:\WINDOWS\RTHDCPL.exe]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15 45056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 06:00 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 06:00 59392]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 17:00 397312]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 15:07 114688]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 12:48 425984]
    "Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 10:38 49152]
    "Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 20:25 1003520]
    "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
    "SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
    "ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 17:49 50688]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 13:19 185632]
    "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
    "WinampAgent"="C:\Program Files\Winamp\wianmpa.exe" [ ]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 06:00 15360]

    R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 08:00]
    R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2005-06-29 01:38]
    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 17:14]
    R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
    R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
    S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-02-27 14:31]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47cb70d4-cfbe-11db-a902-0008d303382e}]
    \shell\verb1\command - desktop.exe

    *Newly Created Service* - INT15.SYS
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-24 10:33:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-25 21:24:27
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    25 Janvier 2008 21:28:08

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 21:27, on 2008-01-25
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Documents and Settings\nadia\Bureau\scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {a9e74564-316d-4054-b8e7-2b618e7fb5c1} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ntiMUI] "c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"
    O4 - HKLM\..\Run: [AspireService] "C:\Program Files\Acer\Acer eMode Management\AspireService.exe"
    O4 - HKLM\..\Run: [MediaSync] "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"
    O4 - HKLM\..\Run: [Omnipage] "C:\Program Files\ScanSoft\OmniPageSE\opware32.exe"
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe"
    O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nadia-c.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{88D13CA3-D164-443A-8E32-9C453CA3C367}: NameServer = 192.168.1.1
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

    --
    End of file - 11767 bytes
    25 Janvier 2008 21:29:30

    il n'y as pas eu de rédémarrage. J'ai bien désactivé spybot et AVG avant de faire ce que tu m'avait dit(mais pas celui de windows). Et effectivement j'ai bien désinstallé Delio.
    a b 8 Sécurité
    25 Janvier 2008 21:32:31

    C:\Documents and Settings\nadia\Bureau\CFScript.txt.log
    enlève l'extension .log
    25 Janvier 2008 21:41:23

    comment je fais?
    25 Janvier 2008 21:44:46

    du moins je ne le trouve pas..j'ai suivit le chemin jusqu'à C:\Documents and Settings\nadia\Bureau mais ya pas CFscript.txt.log
    a b 8 Sécurité
    25 Janvier 2008 21:45:27

    Tu as accès aux extensions des fichiers ?
    25 Janvier 2008 21:46:38

    euh ,aucune idée....
    je dois aller vérifier ca où?
    25 Janvier 2008 21:53:39

    je viens de décocher la case masquer les extensions des fichiers connus de ce type. Mais je ne trouve toujours pas ce que tu me demande.
    a b 8 Sécurité
    25 Janvier 2008 22:04:14

    Le fichier CFScript se nomme CFScript.txt.log chez toi non ?
    25 Janvier 2008 22:06:27

    Je ne sais pas, vu que je ne le trouve même pas.
    a b 8 Sécurité
    25 Janvier 2008 22:07:34

    Il est sur ton bureau si tu ne l'as pas supprimé..
    25 Janvier 2008 22:09:35

    ce fichier là était sur mon bureau ,mais d'apres ce que j'avais compris je devais le déplacer vers Combofix.exe tout à l'heure.C'était ca n'est ce pas.
    Aussi là il n'y est plus.
    a b 8 Sécurité
    25 Janvier 2008 22:10:41

    Recommence la procédure alors.
    25 Janvier 2008 22:12:49

    je copie-colle le texte donné tout à l'heure sur le bloc note.JE le nomme CFScript.txt .Et ensuite?
    25 Janvier 2008 22:14:41

    c fait il est sur mon bureau CfScript.txt
    a b 8 Sécurité
    25 Janvier 2008 22:21:59

    Bah tu continue.
    25 Janvier 2008 22:30:53

    ComboFix 08-01-23.2 - nadia 2008-01-25 22:25:23.5 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.244 [GMT 1:00]
    Endroit: C:\Documents and Settings\nadia\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\nadia\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\abou anas\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\nadia\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\nadia\err.log
    C:\Documents and Settings\nadia\new.txt
    C:\WINDOWS\pack.epk
    C:\WINDOWS\photos.zip
    C:\WINDOWS\system32\ztlzseqw.dat
    C:\WINDOWS\system32\ztlzseqw_nav.dat
    C:\WINDOWS\system32\ztlzseqw_navps.dat

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-25 to 2008-01-25 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-24 17:03 . 2008-01-24 17:03 <REP> d-------- C:\Program Files\iTunes
    2008-01-24 17:03 . 2008-01-24 17:03 <REP> d-------- C:\Program Files\iPod
    2008-01-24 16:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
    2008-01-14 22:36 . 2008-01-14 22:36 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-13 15:15 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-01-13 15:15 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
    2008-01-13 15:15 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-01-13 11:03 . 2008-01-13 11:03 <REP> d-------- C:\Program Files\MSBuild
    2008-01-13 11:02 . 2008-01-13 11:02 <REP> d-------- C:\Program Files\Microsoft.NET
    2008-01-13 10:58 . 2008-01-13 10:58 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-01-07 12:59 . 2008-01-07 12:59 <REP> d-------- C:\futsoft
    2008-01-06 09:58 . 2008-01-25 08:06 <REP> d-------- C:\Program Files\EA Sports
    2008-01-05 22:31 . 2008-01-05 22:31 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2008-01-05 22:17 . 2008-01-05 22:17 <REP> d-------- C:\Program Files\KONAMI
    2007-12-27 14:28 . 2007-12-27 14:28 <REP> d-------- C:\Program Files\Microsoft Picture It! PhotoPub
    2007-12-27 14:28 . 2007-12-27 14:30 2,174 --a------ C:\WINDOWS\Active Setup Log.BAK

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-25 09:48 --------- d-----w C:\Program Files\eMule
    2008-01-25 07:11 --------- d-----w C:\Program Files\Logitech
    2008-01-25 06:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-24 19:21 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
    2008-01-24 19:21 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
    2008-01-24 15:30 --------- d-----w C:\Program Files\muslimtool
    2008-01-13 10:03 --------- d-----w C:\Program Files\Microsoft Works
    2008-01-09 09:14 --------- d-----w C:\Program Files\DivX
    2007-12-20 14:25 --------- d-----w C:\Program Files\Lupas Rename 2000
    2007-12-17 09:00 --------- d-----w C:\Program Files\Total Video Converter
    2007-12-14 18:45 --------- d-----w C:\Program Files\CDex_150
    2007-12-14 18:11 --------- d-----w C:\Program Files\MP3Producer
    2007-12-14 17:45 --------- d-----w C:\Program Files\Winamp
    2007-12-14 14:56 --------- d-----w C:\Program Files\AoA Audio Extractor
    2007-12-14 14:27 --------- d-----w C:\Program Files\Free FLV Converter
    2007-12-14 14:26 --------- d-----w C:\Program Files\Video mp3 Extractor
    2007-12-12 09:50 --------- d-----w C:\Program Files\Musicmatch
    2007-12-11 22:34 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-12-11 22:34 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2007-12-11 22:34 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-12-11 22:34 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-12-11 22:33 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-12-11 22:33 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-12-11 22:33 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-12-11 22:32 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-12-10 17:58 --------- d-----w C:\Program Files\VideoLAN
    2007-12-10 17:47 --------- d-----w C:\Program Files\Apple Software Update
    2007-12-10 17:46 --------- d-----w C:\Program Files\Fichiers communs\Apple
    2007-12-09 20:01 --------- d-----w C:\Program Files\MSN Messenger
    2007-12-08 22:24 --------- d-----w C:\Program Files\SopCast
    2007-12-05 18:38 --------- d-----w C:\Program Files\MSECache
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-11-20 07:15 737,280 ----a-w C:\WINDOWS\iun6002.exe
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
    2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
    2006-09-30 20:31 4,642,748 ----a-w C:\Program Files\eMule-NG-0[1].47a-Installer.zip
    .

    ((((((((((((((((((((((((((((( snapshot@2008-01-24_16.10.15,51 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-24 15:06:15 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
    + 2008-01-25 21:25:12 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
    - 2008-01-24 15:06:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
    + 2008-01-25 21:25:12 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
    - 2008-01-24 15:06:15 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
    + 2008-01-25 21:25:12 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
    - 2008-01-24 15:06:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
    + 2008-01-25 21:25:12 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
    - 2008-01-24 15:06:15 7,860,224 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat
    + 2008-01-25 21:25:12 7,876,608 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat
    - 2008-01-24 15:06:15 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
    + 2008-01-25 21:25:12 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
    + 2008-01-24 16:03:49 102,400 ----a-r C:\WINDOWS\Installer\{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}\iTunesIco.exe
    - 2006-09-05 16:03:16 3,968 ----a-w C:\WINDOWS\system32\drivers\AvgAsCln.sys
    + 2007-05-30 12:10:42 10,872 ----a-w C:\WINDOWS\system32\drivers\AvgAsCln.sys
    + 2008-01-24 19:21:08 10,760 ----a-w C:\WINDOWS\system32\drivers\avgclean.sys
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a9e74564-316d-4054-b8e7-2b618e7fb5c1}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 06:00 15360]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 07:55 68856]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [ ]
    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 12:00 204800]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" []
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
    "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 13:36 14854144 C:\WINDOWS\RTHDCPL.exe]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15 45056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 06:00 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 06:00 59392]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 06:00 455168]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 17:00 397312]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 15:07 114688]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 12:48 425984]
    "Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 10:38 49152]
    "Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 20:25 1003520]
    "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
    "SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
    "ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 17:49 50688]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 13:19 185632]
    "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
    "WinampAgent"="C:\Program Files\Winamp\wianmpa.exe" [ ]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 06:00 15360]

    R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 08:00]
    R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2005-06-29 01:38]
    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 17:14]
    R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
    R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
    S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-02-27 14:31]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47cb70d4-cfbe-11db-a902-0008d303382e}]
    \shell\verb1\command - desktop.exe

    *Newly Created Service* - INT15.SYS
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-24 10:33:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-25 22:28:19
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    25 Janvier 2008 22:31:30

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 22:31, on 2008-01-25
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Documents and Settings\nadia\Bureau\scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {a9e74564-316d-4054-b8e7-2b618e7fb5c1} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ntiMUI] "c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"
    O4 - HKLM\..\Run: [AspireService] "C:\Program Files\Acer\Acer eMode Management\AspireService.exe"
    O4 - HKLM\..\Run: [MediaSync] "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"
    O4 - HKLM\..\Run: [Omnipage] "C:\Program Files\ScanSoft\OmniPageSE\opware32.exe"
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe"
    O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nadia-c.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{88D13CA3-D164-443A-8E32-9C453CA3C367}: NameServer = 192.168.1.1
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

    --
    End of file - 11800 bytes
    a b 8 Sécurité
    26 Janvier 2008 13:13:14

    C'est pas mieux ?
    26 Janvier 2008 14:08:42

    eh bien non.
    Mon pc fait continuellement du bruit.Je dirais plutot que les ventilos sont à fond tout le temps .Même quand il n'y a pas de programme de lancé.
    Pour ce qui est du fichier qui ne veut pas se fermé lorsque j'arrete mon pc Windows me l'indique encore et je suis obligé de cliquer sur arreter maintenant sinon mon pc ne s'éteind pas à cause de cette application: DShowMsgWindow
    a b 8 Sécurité
    26 Janvier 2008 14:19:34

    Pas lié à un virus.
    26 Janvier 2008 16:49:37

    ok.
    De quel côté dois-je aller demander?
    peut être certains de mes programmes ?non car j'ai remarqué que certains processus prenait énormément de place,jusqu'à 63.092Ko(iexplore.exe) ou encore RTHDCPL.exe avec 27.740Ko.
    Mais bon comme je ne m'y connais pas, je ne sais pas d'où ca viendrait.
    En tout cas je vous remercie opur votre patience et pour l'aide que vous m'avait apporter.
    Je suppose qu'à présent mon pc n'as plus aucun virus c'est bien cela?
    Merci encore :-)
    a b 8 Sécurité
    26 Janvier 2008 18:03:24

    Commence par faire le ménage dans tes programmes.
    Il y a de la poussière ?
    27 Janvier 2008 21:29:41

    eh bien ,oui il y avait pas lam de poussière mais j'ai juste aspirer avec l'aspirateur vers l'aération.
    Sinon pour les programme j'ai suivit ton conseil et je viens de faire le ménage dans les programmes que je n'utilisait plus depuis longtemps.
    Donc du coup là il fait beaucoup moins de bruits ,c'est vrai...
    Allez merci encore pour ton aide et bonne soirée...
    a b 8 Sécurité
    27 Janvier 2008 22:43:40

    Bon surf ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS