Bonjour,

Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )

Télécharge Combofix à partir d'**ICI** ou bien **ICI** et enregistre-le sur ton bureau.

**Note 1 : Dans le cas où tu aurais déjà une version de combofix, il faudra que tu en télécharges une autre, la toute dernière. De plus il est très important de le sauvegarder directement sur ton bureau.**

• Merci de ne jamais renommer Combofix, sauf si cela t'es expressément demandé.
• Ferme toutes les fenêtres en cours, sans exception.
• Désactive toutes les protections résidentes de tous tes logiciels antivirus, antispyware etc. afin que ces derniers n'interfèrent pas avec le bonfonctionnement de Combofix.

Très important : Désactive temporairement toutes tes protections résidentes de tous tes logiciels de sécurité avant de lancer un scan avec Combofix. Ils risqueraient d'altérer le bon déroulement du scan de Combofix, ce qui pourrait avoir des conséquences imprévues et désastreuses.

• Clique sur ce lien pour voir une liste de programmes qui devraient systématiquement être désactivés avant l'utilisation de combofix. A noter que la liste n'est pas exhaustive. Si ton logiciel de sécurité n'est pas dans cette liste et que tu ne sais pas comment le désactiver, ou que tu ne comprends pas l'anglais , merci de me poser la question.
• ATTENTION : Combofix va automatiquement te déconnecter d'internet dès que le scan débute.
• Merci ne pas essayer de reconnecter ta machine à internet tant que combofix n'a pas fini son travail.
• Si jamais tu n'arrives plus à te connecter à internet après l'utilisation de combofix, redémarre ton PC pour restaurer la connexion à internet.
• Double clique sur combofix.exe et suis les instructions qui s'affichent.
• Quand le scan sera fini, un rapport devrait normalement s'afficher à l'écran.
• Merci de poster le rapport suivant, "C:\ComboFix.txt" , dans votre prochaine réponse, accompagné d'un nouveau rapport HiJackThis.

**Note 2 : Ne pas cliquer dans la fenêtre de combofix pendant qu'il travaille. Tu risquerais de planter le PC et de causer d'importants dommages.**

bilox2000,

Tu peux arrêter de squatter mes désinfections ?

Merci.

Re,

Je te renvoie aux règles du forum.

Ensuite, tu n'es pas en mesure d'aider les internautes.

Si penses venir à bout d'un trojan vundo/virtumonde, ça prouve que tu n'y connais pas grand chose

Ce qui compte, c'est avant tout la satisfaction de l'internaute et la qualité des informations/instructions que nous lui donnons. C'est un "helper" par sujet, et non deux, sinon ça gêne le bon déroulement des désinfections.

ouh j'ai eu du mal, mais voici les rapports :

combofix :

ComboFix 08-06-20.4 - 2008-06-30 15:23:39.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.1.1036.18.1366 [GMT 3:00]
Endroit: C:\Users/Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\SW_Win2146X32.DLL
C:\Windows\system32\afcwiuow.ini
C:\Windows\System32\BJRYceLm.ini
C:\Windows\System32\BJRYceLm.ini2
C:\Windows\system32\ivabsnwl.ini
C:\Windows\System32\kUFfihQr.ini
C:\Windows\System32\kUFfihQr.ini2
C:\Windows\system32\mLecYRJB.dll
C:\Windows\System32\NpYJRqss.ini
C:\Windows\System32\NpYJRqss.ini2
C:\Windows\system32\ocvqbidp.ini
C:\Windows\system32\rQhifFUk.dll
C:\Windows\system32\ssqRJYpN.dll
C:\Windows\system32\vsanbpoe.ini
C:\Windows\system32\x64

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier cr‚‚ dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-30 12:21 91,520 ----a-w C:\Windows\System32\pdibqvco.dll
2008-06-29 22:42 --------- d-----w C:\ProgramData\Avira
2008-06-29 22:42 --------- d-----w C:\Program Files\Avira
2008-06-29 21:25 317,632 ----a-w C:\Windows\System32\tuvTmKee.dll
2008-06-29 21:18 28,800 ----a-w C:\Windows\System32\khfGwUmn.dll
2008-06-29 21:18 28,800 ----a-w C:\Windows\System32\byXQICVm.dll
2008-06-29 21:03 --------- d-----w C:\Users\Elsa\AppData\Roaming\Azureus
2008-06-29 20:26 --------- d-----w C:\ProgramData\FLEXnet
2008-06-29 20:07 --------- d-----w C:\ProgramData\ALM
2008-06-29 20:05 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-29 20:05 --------- d-----w C:\Program Files\Bonjour
2008-06-29 19:49 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-06-29 19:07 --------- d-----w C:\Program Files\PowerISO
2008-06-29 16:00 --------- d-----w C:\Program Files\Azureus
2008-06-29 15:48 --------- d-----w C:\ProgramData\Azureus
2008-06-29 08:49 311,296 ----a-w C:\Windows\pntqkflv.dll
2008-06-29 08:49 249,856 ----a-w C:\Windows\qegbdmwf.dll
2008-06-18 13:20 --------- d-----w C:\Program Files\USB Tablet
2008-06-18 04:07 --------- d--h--w C:\ProgramData\CanonBJ
2008-06-17 20:13 --------- d-----w C:\Program Files\Softinterface, Inc
2008-06-12 06:28 56,108 ----a-w C:\Windows\system32\drivers\scdemu.sys
2008-06-09 01:46 --------- d-----w C:\ProgramData\Roxio
2008-06-02 15:48 --------- d-----w C:\Users\AppData\Roaming\Samsung
2008-06-02 15:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 14:01 --------- d-----w C:\Program Files\Samsung
2008-06-02 12:15 1,650,688 ----a-w C:\Windows\System32\beconvlib.dll
2008-05-23 08:45 126,976 ----a-w C:\Windows\System32\beconv.dll
2008-05-16 14:45 558 ----a-w C:\Users\AppData\Roaming\wklnhst.dat
2008-05-15 13:32 --------- d-----w C:\ProgramData\Macrovision
2008-05-15 13:10 --------- d-----w C:\Program Files\CyberLink
2008-05-15 13:08 --------- d-----w C:\Program Files\EPSON
2008-05-15 12:59 --------- d-----w C:\ProgramData\Skype
2008-05-15 12:49 --------- d-----w C:\ProgramData\eMule
2008-05-15 12:31 --------- d-----w C:\Users\AppData\Roaming\skypePM
2008-05-10 03:30 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-05-10 01:21 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-04-26 08:02 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-04-25 07:36 98,304 ----a-w C:\Windows\System32\DVM.dll
2008-04-25 04:23 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-04-25 04:23 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-04-25 04:23 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-04-25 04:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-04-14 11:01 765,952 ----a-w C:\Windows\System32\tx14.dll
2008-04-14 02:20 557,056 ----a-w C:\Windows\System32\tx14_rtf.dll
2008-04-13 23:05 331,776 ----a-w C:\Windows\System32\tx14_css.dll
2008-04-13 22:00 1,052,672 ----a-w C:\Windows\System32\tx14_dox.dll
2008-04-08 02:10 667,648 ----a-w C:\Windows\System32\tx14_doc.dll
2008-04-06 23:36 249,856 ----a-w C:\Windows\System32\tx14_htm.dll
2008-04-03 22:22 618,496 ----a-w C:\Windows\System32\tx14_pdf.dll
2008-01-14 19:49 32 ----a-w C:\Users\All Users\ezsid.dat
2008-01-14 19:49 32 ----a-w C:\ProgramData\ezsid.dat
2006-11-02 12:48 174 --sha-w C:\Program Files\desktop.ini
2008-02-13 22:10 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-02-13 22:10 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-02-13 22:10 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-09-20 00:32 171448]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 15:34 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-18 02:52 815104]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-11-15 21:08 98304]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-11-15 21:07 106496]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2006-11-15 21:07 81920]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-08-14 14:25 77824]
"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 08:11 303104 C:\Windows\sttray.exe]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2006-11-28 02:15 1540096]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 13:37 81920]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 13:50 17920]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-14 14:43 1862144]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-05-02 20:16 184320]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 12:45 222208]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 13:22 221184]
"atwtusb"="atwtusb.exe" [2001-08-20 18:48 167936 C:\Windows\System32\Atwtusb.exe]
"TrustInstaller"="E:\Setup.exe" [ ]
"400cab12"="C:\Windows\system32\pdibqvco.dll" [2008-06-30 15:21 91520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-08-14 14:31:19 50688]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-08-14 14:28:06 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{E55E1C86-434D-46F9-A253-2DE4AB3F9734}"= C:\Windows\system32\byXQICVm.dll [2008-06-30 00:18 28800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
--a------ 2008-02-12 10:06 262401 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus D78 Series]
--a------ 2006-02-23 07:00 131072 C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-06-16 11:52 167936 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-08-14 22:03 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{048426F8-E150-4961-AB22-8E0A05CE06E9}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{A257E848-CC60-4455-AAA0-788077BF8226}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{3C682671-8446-43F4-B083-93AE79DFE6B4}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{40E42404-C386-4B4D-8640-272338E69562}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay
"UDP Query User{D38A669F-77E3-4481-8738-6B0A1A36C4E6}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay
"TCP Query User{E92106CA-F4F8-44CB-B260-679E7FBCC7F1}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= UDP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"UDP Query User{1258D982-34E3-4406-BC60-460E413FA9EF}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= TCP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"TCP Query User{F56A1431-200D-4353-80E2-023B98AC1F43}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= UDP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"UDP Query User{80D23B9C-40B2-43E4-B795-9975683D338F}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= TCP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"TCP Query User{E4F3747E-90AD-40BF-AD47-2AC6481068EA}C:\\program files\\emule\\emule.exe"= Disabled:UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{1BBAEF6B-F15F-491C-A090-EF997E6C3FF0}C:\\program files\\emule\\emule.exe"= Disabled:TCP:C:\program files\emule\emule.exe:eMule
"{00BACF7D-3994-4888-B96D-FD4D5C612B9B}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{44F3FD94-3DEA-49DB-B645-B3BA1770AB3C}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{72C3719E-20E2-4A7E-BE36-046782C990A5}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B814D1D3-E11A-4EE8-B46D-4B343245F07C}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{392E828E-35E6-439F-8711-ED05CE6DEF21}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{E1DFCE81-887E-4E6F-918A-84B36E6D1D84}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-15 21:07]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 15:35:55
Windows 6.0.6000 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\BCMWLTRY.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\System32\drivers\XAudio.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-30 15:47:10 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-30 12:47:03

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Le texte du message associ‚ au num‚ro 0x2379 est introuvable dans le fichier de messages pour Application.

190 --- E O F --- 2008-06-26 12:12:13



et le rapport Hijackthis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:42, on 30/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\Atwtusb.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Users\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [TrustInstaller] E:\Setup.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [EPSON Stylus D78 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\Windows\TEMP\E_S3B5A.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C1538A8-A1FA-4D89-81B3-6E0304E49140}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8324 bytes

done

rapport combofix :

ComboFix 08-06-20.4 - Elsa 2008-06-30 19:13:52.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.1.1036.18.1416 [GMT 3:00]
Endroit: C:\Users\\Desktop\ComboFix.exe
Command switches used :: C:\Users\Desktop\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
C:\Windows\pntqkflv.dll
C:\Windows\qegbdmwf.dll
C:\Windows\System32\byXQICVm.dll
C:\Windows\System32\khfGwUmn.dll
C:\Windows\System32\pdibqvco.dll
C:\Windows\System32\tuvTmKee.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\pntqkflv.dll
C:\Windows\qegbdmwf.dll
C:\Windows\System32\byXQICVm.dll
C:\Windows\System32\khfGwUmn.dll
C:\Windows\System32\tuvTmKee.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-29 22:42 --------- d-----w C:\ProgramData\Avira
2008-06-29 22:42 --------- d-----w C:\Program Files\Avira
2008-06-29 21:03 --------- d-----w C:\Users\AppData\Roaming\Azureus
2008-06-29 20:26 --------- d-----w C:\ProgramData\FLEXnet
2008-06-29 20:07 --------- d-----w C:\ProgramData\ALM
2008-06-29 20:05 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-29 20:05 --------- d-----w C:\Program Files\Bonjour
2008-06-29 19:49 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-06-29 19:07 --------- d-----w C:\Program Files\PowerISO
2008-06-29 16:00 --------- d-----w C:\Program Files\Azureus
2008-06-29 15:48 --------- d-----w C:\ProgramData\Azureus
2008-06-18 13:20 --------- d-----w C:\Program Files\USB Tablet
2008-06-18 04:07 --------- d--h--w C:\ProgramData\CanonBJ
2008-06-17 20:13 --------- d-----w C:\Program Files\Softinterface, Inc
2008-06-12 06:28 56,108 ----a-w C:\Windows\system32\drivers\scdemu.sys
2008-06-09 01:46 --------- d-----w C:\ProgramData\Roxio
2008-06-02 15:48 --------- d-----w C:\Users\AppData\Roaming\Samsung
2008-06-02 15:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 14:01 --------- d-----w C:\Program Files\Samsung
2008-06-02 12:15 1,650,688 ----a-w C:\Windows\System32\beconvlib.dll
2008-05-23 08:45 126,976 ----a-w C:\Windows\System32\beconv.dll
2008-05-16 14:45 558 ----a-w C:\Users\AppData\Roaming\wklnhst.dat
2008-05-15 13:32 --------- d-----w C:\ProgramData\Macrovision
2008-05-15 13:10 --------- d-----w C:\Program Files\CyberLink
2008-05-15 13:08 --------- d-----w C:\Program Files\EPSON
2008-05-15 12:59 --------- d-----w C:\ProgramData\Skype
2008-05-15 12:49 --------- d-----w C:\ProgramData\eMule
2008-05-15 12:31 --------- d-----w C:\Users\AppData\Roaming\skypePM
2008-05-10 03:30 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-05-10 01:21 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-04-26 08:02 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-04-25 07:36 98,304 ----a-w C:\Windows\System32\DVM.dll
2008-04-25 04:23 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-04-25 04:23 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-04-25 04:23 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-04-25 04:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-04-14 11:01 765,952 ----a-w C:\Windows\System32\tx14.dll
2008-04-14 02:20 557,056 ----a-w C:\Windows\System32\tx14_rtf.dll
2008-04-13 23:05 331,776 ----a-w C:\Windows\System32\tx14_css.dll
2008-04-13 22:00 1,052,672 ----a-w C:\Windows\System32\tx14_dox.dll
2008-04-08 02:10 667,648 ----a-w C:\Windows\System32\tx14_doc.dll
2008-04-06 23:36 249,856 ----a-w C:\Windows\System32\tx14_htm.dll
2008-04-03 22:22 618,496 ----a-w C:\Windows\System32\tx14_pdf.dll
2008-01-14 19:49 32 ----a-w C:\Users\All Users\ezsid.dat
2008-01-14 19:49 32 ----a-w C:\ProgramData\ezsid.dat
2006-11-02 12:48 174 --sha-w C:\Program Files\desktop.ini
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.


---- C:\Windows\System32\ieUnatt.exe ----
Company: Microsoft Corporation
File Description: IE 7.0 Unattended Install Utility
File Version: 7.00.6000.16681 (vista_gdr.080424-1548)
Product Name: Windows© Internet Explorer
Copyright: ¸ Microsoft Corporation. All rights reserved.
Original file name: IEUNATT.EXE
MD5: 9e17b707ca096d35e1f768dc6b7612f8


((((((((((((((((((((((((((((( snapshot@2008-06-30_15.46.15.86 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-30 12:34:37 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-06-30 16:08:11 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-06-30 16:08:12 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-06-30 16:08:12 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-02-13 22:10:04 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-06-30 13:37:43 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-02-13 22:10:04 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-30 13:37:43 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-02-13 22:10:04 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-06-30 13:37:43 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-06-30 12:35:05 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-06-30 16:10:30 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-06-30 16:10:30 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-06-30 12:35:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-06-30 16:18:31 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-06-30 16:18:31 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-06-30 12:22:06 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-06-30 15:58:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-06-30 12:22:06 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-30 15:58:51 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-06-30 12:22:06 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-06-30 15:58:51 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-06-25 08:26:19 100,232 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-06-30 13:33:44 103,924 ----a-w C:\Windows\System32\perfc009.dat
- 2008-06-25 08:26:19 117,572 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-06-30 13:33:44 117,572 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-06-25 08:26:19 606,450 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-06-30 13:33:44 610,142 ----a-w C:\Windows\System32\perfh009.dat
- 2008-06-25 08:26:19 690,832 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-06-30 13:33:44 690,832 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-06-30 12:18:39 11,162 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1854201790-3337289503-2259318210-1000_UserData.bin
+ 2008-06-30 16:10:46 11,806 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1854201790-3337289503-2259318210-1000_UserData.bin
- 2008-06-30 12:18:39 62,380 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-06-30 16:10:45 62,922 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-06-30 12:18:36 49,428 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-06-30 16:10:43 49,770 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-09-20 00:32 171448]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 15:34 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-18 02:52 815104]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-11-15 21:08 98304]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-11-15 21:07 106496]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2006-11-15 21:07 81920]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-08-14 14:25 77824]
"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 08:11 303104 C:\Windows\sttray.exe]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2006-11-28 02:15 1540096]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 13:37 81920]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 13:50 17920]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-14 14:43 1862144]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-05-02 20:16 184320]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 13:22 221184]
"atwtusb"="atwtusb.exe" [2001-08-20 18:48 167936 C:\Windows\System32\Atwtusb.exe]
"TrustInstaller"="E:\Setup.exe" [ ]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 12:45 222208]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-08-14 14:31:19 50688]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-08-14 14:28:06 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
--a------ 2008-02-12 10:06 262401 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus D78 Series]
--a------ 2006-02-23 07:00 131072 C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-06-16 11:52 167936 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-08-14 22:03 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{048426F8-E150-4961-AB22-8E0A05CE06E9}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{A257E848-CC60-4455-AAA0-788077BF8226}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{3C682671-8446-43F4-B083-93AE79DFE6B4}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{40E42404-C386-4B4D-8640-272338E69562}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay
"UDP Query User{D38A669F-77E3-4481-8738-6B0A1A36C4E6}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay
"TCP Query User{E92106CA-F4F8-44CB-B260-679E7FBCC7F1}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= UDP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"UDP Query User{1258D982-34E3-4406-BC60-460E413FA9EF}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= TCP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"TCP Query User{F56A1431-200D-4353-80E2-023B98AC1F43}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= UDP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"UDP Query User{80D23B9C-40B2-43E4-B795-9975683D338F}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= TCP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II
"TCP Query User{E4F3747E-90AD-40BF-AD47-2AC6481068EA}C:\\program files\\emule\\emule.exe"= Disabled:UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{1BBAEF6B-F15F-491C-A090-EF997E6C3FF0}C:\\program files\\emule\\emule.exe"= Disabled:TCP:C:\program files\emule\emule.exe:eMule
"{00BACF7D-3994-4888-B96D-FD4D5C612B9B}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{44F3FD94-3DEA-49DB-B645-B3BA1770AB3C}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{72C3719E-20E2-4A7E-BE36-046782C990A5}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B814D1D3-E11A-4EE8-B46D-4B343245F07C}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{392E828E-35E6-439F-8711-ED05CE6DEF21}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{E1DFCE81-887E-4E6F-918A-84B36E6D1D84}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"{9955594B-8DB8-4BFF-838E-CC33423F9C02}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{E59B06A8-0122-4B0A-B5A3-BEACCCCE2106}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-15 21:07]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 10:36]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 11:11]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 11:11]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 11:11]
S3 utblfilt;utblfilt;C:\Windows\system32\drivers\utblfilt.sys [2001-05-23 11:42]
S3 wampapache;wampapache;"C:\Program Files\wamp\apache2\bin\httpd.exe" -k runservice []
S3 wampmysqld;wampmysqld;"C:\Program Files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\wamp\mysql\my.ini" wampmysqld []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 19:18:49
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...


**************************************************************************
.
Temps d'accomplissement: 2008-06-30 19:21:14
ComboFix-quarantined-files.txt 2008-06-30 16:20:09

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

212 --- E O F --- 2008-06-26 12:12:13




rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:35, on 30/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [TrustInstaller] E:\Setup.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C1538A8-A1FA-4D89-81B3-6E0304E49140}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7497 bytes

hop le rapport :


Malwarebytes' Anti-Malware 1.19
Version de la base de données: 899
Windows 6.0.6000

21:07:32 30/06/2008
mbam-log-6-30-2008 (21-07-32).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 145895
Temps écoulé: 34 minute(s), 21 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\Windows\pntqkflv.dll.vir (Trojan.Zlob) -> Quarantined and deleted successfully.

hey beh ça en fait des lignes

main.txt :

Deckard's System Scanner v20071014.68
Run on 2008-06-30 23:30:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 3 Restore Point(s) --
3: 2008-06-30 16:13:02 UTC - RP300 - ComboFix created restore point
2: 2008-06-30 12:22:06 UTC - RP299 - ComboFix created restore point
1: 2008-06-29 22:48:38 UTC - RP298 - Last known good configuration


Backed up registry hives.
Performed disk cleanup.



-- HijackThis ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:32:51, on 30/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\Atwtusb.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Desktop\dss.exe
C:\Windows\system32\conime.exe
C:\Users\Desktop\Elsa.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [TrustInstaller] E:\Setup.exe
O4 - HKLM\..\Run: [EPSON Stylus D78 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\Windows\TEMP\E_S3B5A.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C1538A8-A1FA-4D89-81B3-6E0304E49140}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7527 bytes

-- HijackThis Fixed Entries (C:\Users\Desktop\backups\) -------------------

backup-20080630-221546-859 O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

-- File Associations -----------------------------------------------------------

[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].reg - regfile - shell\open\command - regedit.exe "%1" %*[/COLOR]
[COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 StarOpen - c:\windows\system32\drivers\staropen.sys

S3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys
S3 utblfilt - c:\windows\system32\drivers\utblfilt.sys <Not Verified; Aiptek; >


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>

S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>
S3 wampapache - "c:\program files\wamp\apache2\bin\httpd.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>
S3 wampmysqld - "c:\program files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=c:\program files\wamp\mysql\my.ini" wampmysqld
S4 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-05-30 and 2008-06-30 -----------------------------

2008-06-30 20:31:25 0 d-------- C:\Users\All Users\Malwarebytes
2008-06-30 20:31:24 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-30 15:21:38 68096 --a------ C:\Windows\zip.exe
2008-06-30 15:21:38 49152 --a------ C:\Windows\VFind.exe
2008-06-30 15:21:38 212480 --a------ C:\Windows\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-30 15:21:38 136704 --a------ C:\Windows\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-30 15:21:38 161792 --a------ C:\Windows\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-30 15:21:38 98816 --a------ C:\Windows\sed.exe
2008-06-30 15:21:38 80412 --a------ C:\Windows\grep.exe
2008-06-30 15:21:38 89504 --a------ C:\Windows\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-30 15:02:55 0 d-------- C:\327882R2FWJFW
2008-06-30 14:36:01 0 d-------- C:\Windows\pss
2008-06-30 01:42:40 0 d-------- C:\Users\All Users\Avira
2008-06-30 01:42:40 0 d-------- C:\Program Files\Avira
2008-06-30 00:42:02 0 d-------- C:\VundoFix Backups
2008-06-29 23:26:31 0 d-------- C:\Users\All Users\FLEXnet
2008-06-29 23:07:22 0 d-------- C:\Users\All Users\ALM
2008-06-29 23:05:20 0 d-------- C:\Program Files\Bonjour
2008-06-29 22:49:36 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-29 22:07:53 0 d-------- C:\Program Files\PowerISO
2008-06-29 18:48:33 0 d-------- C:\Users\All Users\Azureus
2008-06-29 18:39:43 0 d-------- C:\Program Files\Azureus
2008-06-18 17:35:20 49152 --a------ C:\Windows\system32\tblmouse.exe <Not Verified; ; Tblmouse>
2008-06-18 17:35:16 167936 --a------ C:\Windows\system32\Atwtusb.exe <Not Verified; Aiptek; Tablet HID>
2008-06-18 16:20:36 57344 --a------ C:\Windows\system32\wintab32.dll <Not Verified; Aiptek; Aiptek wintab32>
2008-06-18 16:20:36 12084 --a------ C:\Windows\system32\drivers\UTBLFILT.sys <Not Verified; Aiptek; >
2008-06-18 16:20:35 36864 --a------ C:\Windows\system32\utblfilt.dll <Not Verified; Aiptek; USB Tablet>
2008-06-18 16:20:35 860160 --a------ C:\Windows\system32\TblRes.dll <Not Verified; Aiptek; Aiptek TblRes>
2008-06-18 16:20:35 45056 --a------ C:\Windows\system32\Tblfunc.dll <Not Verified; aiptek; aiptek tblfunc>
2008-06-18 16:20:35 49152 --a------ C:\Windows\system32\Funckey.dll <Not Verified; ; Funckey>
2008-06-18 16:20:35 0 d-------- C:\Program Files\USB Tablet
2008-06-18 07:07:32 0 d--h----- C:\Users\All Users\CanonBJ
2008-06-17 23:13:38 0 d-------- C:\Windows\system32\Resource
2008-06-17 23:13:37 131072 --a------ C:\Windows\system32\CSVSpecialProcessing.dll
2008-06-17 23:13:37 204800 --a------ C:\Windows\system32\bprgcomm.dll <Not Verified; ; bprgcomm Dynamic Link Library>
2008-06-17 23:13:37 1650688 --a------ C:\Windows\system32\beconvlib.dll <Not Verified; ; easyConverter Dynamic Link Library>
2008-06-17 23:13:37 126976 --a------ C:\Windows\system32\beconv.dll <Not Verified; BCL Technologies; BCL easyConverter SDK>
2008-06-17 23:13:36 618496 --a------ C:\Windows\system32\tx14_pdf.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:36 1052672 --a------ C:\Windows\system32\tx14_dox.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:36 667648 --a------ C:\Windows\system32\tx14_doc.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:36 331776 --a------ C:\Windows\system32\tx14_css.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 65536 --a------ C:\Windows\system32\tx14_wnd.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 557056 --a------ C:\Windows\system32\tx14_rtf.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 327680 --a------ C:\Windows\system32\tx14_obj.dll <Not Verified; The Imaging Source Europe GmbH; TX Text-Control>
2008-06-17 23:13:35 131072 --a------ C:\Windows\system32\tx14_ic.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 249856 --a------ C:\Windows\system32\tx14_htm.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:34 217088 --a------ C:\Windows\system32\tx14_tls.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:34 765952 --a------ C:\Windows\system32\tx14.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:34 221184 --a------ C:\Windows\system32\SII_PDF.dll
2008-06-17 23:13:34 102400 --a------ C:\Windows\system32\SARzilla.dll
2008-06-17 23:13:34 98304 --a------ C:\Windows\system32\DVM.dll
2008-06-17 23:13:33 53248 --a------ C:\Windows\system32\RegisterExe.exe <Not Verified; ; RegisterExe Application>
2008-06-17 23:13:29 0 d-------- C:\Program Files\Softinterface, Inc
2008-06-16 21:20:15 304128 --a------ C:\Windows\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-06-16 21:20:07 0 -rahs---- C:\MSDOS.SYS
2008-06-16 21:20:07 0 -rahs---- C:\IO.SYS
2008-06-12 09:28:49 56108 --a------ C:\Windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
2008-06-02 21:33:30 16384 --a------ C:\Windows\system32\FileOps.exe
2008-06-02 21:33:14 0 d-------- C:\Windows\system32\Adobe
2008-06-02 18:47:25 174592 --a------ C:\Windows\system32\framedyn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-02 18:46:25 5632 --a------ C:\Windows\system32\drivers\StarOpen.sys
2008-06-02 17:02:00 0 d-------- C:\Windows\system32\Samsung_USB_Drivers
2008-06-02 17:01:48 0 d-------- C:\Program Files\Samsung


-- Find3M Report ---------------------------------------------------------------

2008-06-30 20:31:27 0 d-------- C:\Users\AppData\Roaming\Malwarebytes
2008-06-30 20:01:03 0 d-------- C:\Users\AppData\Roaming\Adobe
2008-06-30 16:33:44 690832 --a------ C:\Windows\system32\perfh00C.dat
2008-06-30 16:33:44 117572 --a------ C:\Windows\system32\perfc00C.dat
2008-06-30 00:03:32 0 d-------- C:\Users\Elsa\AppData\Roaming\Azureus
2008-06-29 23:05:13 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-29 22:49:36 0 d-------- C:\Program Files\Common Files
2008-06-02 18:48:42 0 d-------- C:\Users\AppData\Roaming\Samsung
2008-06-02 18:45:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-16 17:45:28 558 --a------ C:\Users\AppData\Roaming\wklnhst.dat
2008-05-15 16:10:18 0 d-------- C:\Program Files\CyberLink
2008-05-15 16:08:46 0 d-------- C:\Program Files\EPSON
2008-05-15 15:31:46 0 d-------- C:\Users\AppData\Roaming\skypePM


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [18/11/2006 02:52]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [15/11/2006 21:08]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [15/11/2006 21:07]
"Persistence"="C:\Windows\system32\igfxpers.exe" [15/11/2006 21:07]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [14/08/2007 14:25]
"SigmatelSysTrayApp"="sttray.exe" [08/02/2007 08:11 C:\Windows\sttray.exe]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [28/11/2006 02:15]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [03/10/2006 13:37]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [16/03/2007 13:50]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [14/08/2007 14:43]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [02/05/2007 20:16]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [19/10/2007 21:16]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [05/11/2006 13:22]
"atwtusb"="atwtusb.exe" [20/08/2001 18:48 C:\Windows\System32\Atwtusb.exe]
"TrustInstaller"="E:\Setup.exe" []
"EPSON Stylus D78 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.exe" [23/02/2006 07:00]
"MSConfig"="C:\Windows\system32\msconfig.exe" [02/11/2006 12:45]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [20/09/2007 00:32]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 15:34]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [14/08/2007 14:31:19]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 23:05:26]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [14/08/2007 14:28:06]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-06-30 23:37:59 ------------




extra.txt


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Édition Familiale Basique (build 6000)
Architecture: X86; Language: French

CPU 0: Genuine Intel(R) CPU T2080 @ 1.73GHz
Percentage of Memory in Use: 29%
Physical Memory (total/avail): 2037.82 MiB / 1427.21 MiB
Pagefile Memory (total/avail): 4291.94 MiB / 3592.24 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.12 MiB

C: is Fixed (NTFS) - 99.7 GiB total, 29.6 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 6.88 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST9120822AS ATA Device - 111.79 GiB - 4 partitions
\PARTITION0 - Unknown - 86.26 MiB
\PARTITION1 - Système de fichiers installable - 10 GiB - D:
\PARTITION2 (bootable) - Système de fichiers installable - 99.7 GiB - C:
\PARTITION3 - Étendu avec Inter. 13 étendue - 2048 MiB



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is enabled.

AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) [COLOR=RED]Disabled[/COLOR]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users
LOCALAPPDATA=C:\Users\AppData\Local
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 12, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e0c
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\AppData\Local\Temp
TMP=C:\Users\AppData\Local\Temp
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

[I](admin)[/I]


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3 --> C:\Program Files\Common Files\Adobe\Installers\a04a925a57548091300ada368235fc6\Setup.exe
Adobe Illustrator CS3 --> MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Premiere Pro 1.5 --> RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{A14F7508-B784-40B8-B11A-E0E2EEB7229F}\setup.exe" -l0x040c
Adobe Reader 7.0.8 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Adobe Setup --> MsiExec.exe /I{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
Assistant Personnalisation du systéme Dell --> MsiExec.exe /I{9954484F-6EE4-4040-94E3-4B380646F867}
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
Canon ScanGear Starter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x40c anything
CanoScan Toolbox Ver4.9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\setup.exe" -l0x40c anything
Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf
Convert Doc --> "C:\Program Files\Softinterface, Inc\Convert Doc\unins000.exe"
Dell Support Center --> MsiExec.exe /I{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}
Dell Wireless WLAN Card --> "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EPSON Printer Software --> C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Guide de l'utilisateur --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
HijackThis 2.0.2 --> "C:\Users\Desktop\HijackThis.exe" /uninstall
Intel(R) Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Macromedia Flash MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x40c UNINSTALL
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manual CanoScan LiDE 25 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C45EB9E5-7165-4FB0-8C31-77FC4743362F}\setup.exe" -l0x40c
MediaDirect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x40c -cluninstall
Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nero Digital --> C:\Windows\UNNeroVision.exe /UNINSTALL
NET Installation Assistance for VB6 App (Runtime Only) --> MsiExec.exe /I{66333C41-085E-4DA1-8273-E2BCA382D766}
NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
Notepad++ --> C:\Program Files\Notepad++\uninstall.exe
Outil de diagnostic de modem --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
QuickSet --> MsiExec.exe /I{7F0C4457-8E64-491B-8D7B-991504365D1E}
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SAMSUNG Mobile Modem Driver Set --> C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software --> C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software --> C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software --> C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 --> "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3 USB Driver Installer --> "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
WAMP5 1.7.0 --> "C:\Program Files\wamp\unins000.exe"
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WIRELESS DESIGN & WORK TABLET 100/200/400 --> C:\Windows\IsUninst.exe -f"C:\Program Files\USB Tablet\USB Tablet Driver\Uninst.isu"
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
ZSoft Uninstaller 2.4.1 --> C:\Program Files\ZSoft\Uninstaller\uninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type17398 / Success
Event Submitted/Written: 06/30/2008 11:25:14 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type17397 / Success
Event Submitted/Written: 06/30/2008 11:25:13 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type17391 / Success
Event Submitted/Written: 06/30/2008 11:24:56 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Le service de gestion des licences du logiciel a démarré.

Event Record #/Type17381 / Warning
Event Submitted/Written: 06/30/2008 11:23:17 PM
Event ID/Source: 1530 / profsvc
Event Description:
Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1854201790-3337289503-2259318210-1000_Classes:
Process 968 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1854201790-3337289503-2259318210-1000_CLASSES

Event Record #/Type17380 / Warning
Event Submitted/Written: 06/30/2008 11:23:15 PM
Event ID/Source: 1530 / profsvc
Event Description:
Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1854201790-3337289503-2259318210-1000:
Process 968 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1854201790-3337289503-2259318210-1000



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type77751 / Error
Event Submitted/Written: 06/30/2008 11:30:27 PM
Event ID/Source: 8032 / BROWSER
Event Description:
Le service Explorateur d'ordinateur a rencontré un nombre d'échecs trop important en essayant de retrouver la copie de sauvegarde de la liste sur le transport \Device\NetBT_Tcpip_{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}.
L'explorateur secondaire s'arrête.

Event Record #/Type77746 / Warning
Event Submitted/Written: 06/30/2008 11:28:35 PM
Event ID/Source: 8021 / BROWSER
Event Description:
Le service Explorateur n'a pas pu retrouver la liste des serveurs du maître explorateur \\V-BUREAU sur le réseau \Device\NetBT_Tcpip_{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}.



Maître explorateur : \\V-BUREAU

Réseau : \Device\NetBT_Tcpip_{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}



Cet événement peut être causé par une perte temporaire de connectivité réseau. Si ce message apparaît à nouveau, vérifiez que le serveur est toujours connecté au réseau. Le code renvoyé est dans la boîte de texte Données.

Event Record #/Type77665 / Warning
Event Submitted/Written: 06/30/2008 11:24:09 PM
Event ID/Source: 4 / bcm4sbxp
Event Description:
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.

Event Record #/Type77623 / Warning
Event Submitted/Written: 06/30/2008 11:17:36 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type77520 / Warning
Event Submitted/Written: 06/30/2008 10:21:31 PM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing a déterminé que ce package KB938979_4(Update) n’est pas applicable à ce système.



-- End of Deckard's System Scanner: finished at 2008-06-30 23:37:59 ------------

le rapport daft (qui me parrait bien petit, après les autres postes) serait-ce la fin d'un long tunel??
:

DAFT Log saved on 2008-07-01 20:40:31
-----------------------------------------------------------------------
All associations okay!

Aaaah non plus de problème pour le momment !



voici le "dernier?" rapport :

Deckard's System Scanner v20071014.68
Run on 2008-07-02 14:10:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:10:25, on 02/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\Atwtusb.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Desktop\dss.exe
C:\Windows\system32\conime.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [TrustInstaller] E:\Setup.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C1538A8-A1FA-4D89-81B3-6E0304E49140}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D1BE6EF-0B55-437D-91D4-EC41CB4DA99E}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7395 bytes

-- Files created between 2008-06-02 and 2008-07-02 -----------------------------

2008-06-30 20:31:25 0 d-------- C:\Users\All Users\Malwarebytes
2008-06-30 20:31:24 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-30 15:21:38 68096 --a------ C:\Windows\zip.exe
2008-06-30 15:21:38 49152 --a------ C:\Windows\VFind.exe
2008-06-30 15:21:38 212480 --a------ C:\Windows\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-30 15:21:38 136704 --a------ C:\Windows\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-30 15:21:38 161792 --a------ C:\Windows\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-30 15:21:38 98816 --a------ C:\Windows\sed.exe
2008-06-30 15:21:38 80412 --a------ C:\Windows\grep.exe
2008-06-30 15:21:38 89504 --a------ C:\Windows\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-30 15:02:55 0 d-------- C:\327882R2FWJFW
2008-06-30 14:36:01 0 d-------- C:\Windows\pss
2008-06-30 01:42:40 0 d-------- C:\Users\All Users\Avira
2008-06-30 01:42:40 0 d-------- C:\Program Files\Avira
2008-06-30 00:42:02 0 d-------- C:\VundoFix Backups
2008-06-29 23:26:31 0 d-------- C:\Users\All Users\FLEXnet
2008-06-29 23:07:22 0 d-------- C:\Users\All Users\ALM
2008-06-29 23:05:20 0 d-------- C:\Program Files\Bonjour
2008-06-29 22:49:36 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-29 22:07:53 0 d-------- C:\Program Files\PowerISO
2008-06-29 18:48:33 0 d-------- C:\Users\All Users\Azureus
2008-06-29 18:39:43 0 d-------- C:\Program Files\Azureus
2008-06-18 17:35:20 49152 --a------ C:\Windows\system32\tblmouse.exe <Not Verified; ; Tblmouse>
2008-06-18 17:35:16 167936 --a------ C:\Windows\system32\Atwtusb.exe <Not Verified; Aiptek; Tablet HID>
2008-06-18 16:20:36 57344 --a------ C:\Windows\system32\wintab32.dll <Not Verified; Aiptek; Aiptek wintab32>
2008-06-18 16:20:36 12084 --a------ C:\Windows\system32\drivers\UTBLFILT.sys <Not Verified; Aiptek; >
2008-06-18 16:20:35 36864 --a------ C:\Windows\system32\utblfilt.dll <Not Verified; Aiptek; USB Tablet>
2008-06-18 16:20:35 860160 --a------ C:\Windows\system32\TblRes.dll <Not Verified; Aiptek; Aiptek TblRes>
2008-06-18 16:20:35 45056 --a------ C:\Windows\system32\Tblfunc.dll <Not Verified; aiptek; aiptek tblfunc>
2008-06-18 16:20:35 49152 --a------ C:\Windows\system32\Funckey.dll <Not Verified; ; Funckey>
2008-06-18 16:20:35 0 d-------- C:\Program Files\USB Tablet
2008-06-18 07:07:32 0 d--h----- C:\Users\All Users\CanonBJ
2008-06-17 23:13:38 0 d-------- C:\Windows\system32\Resource
2008-06-17 23:13:37 131072 --a------ C:\Windows\system32\CSVSpecialProcessing.dll
2008-06-17 23:13:37 204800 --a------ C:\Windows\system32\bprgcomm.dll <Not Verified; ; bprgcomm Dynamic Link Library>
2008-06-17 23:13:37 1650688 --a------ C:\Windows\system32\beconvlib.dll <Not Verified; ; easyConverter Dynamic Link Library>
2008-06-17 23:13:37 126976 --a------ C:\Windows\system32\beconv.dll <Not Verified; BCL Technologies; BCL easyConverter SDK>
2008-06-17 23:13:36 618496 --a------ C:\Windows\system32\tx14_pdf.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:36 1052672 --a------ C:\Windows\system32\tx14_dox.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:36 667648 --a------ C:\Windows\system32\tx14_doc.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:36 331776 --a------ C:\Windows\system32\tx14_css.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 65536 --a------ C:\Windows\system32\tx14_wnd.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 557056 --a------ C:\Windows\system32\tx14_rtf.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 327680 --a------ C:\Windows\system32\tx14_obj.dll <Not Verified; The Imaging Source Europe GmbH; TX Text-Control>
2008-06-17 23:13:35 131072 --a------ C:\Windows\system32\tx14_ic.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:35 249856 --a------ C:\Windows\system32\tx14_htm.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:34 217088 --a------ C:\Windows\system32\tx14_tls.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:34 765952 --a------ C:\Windows\system32\tx14.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-06-17 23:13:34 221184 --a------ C:\Windows\system32\SII_PDF.dll
2008-06-17 23:13:34 102400 --a------ C:\Windows\system32\SARzilla.dll
2008-06-17 23:13:34 98304 --a------ C:\Windows\system32\DVM.dll
2008-06-17 23:13:33 53248 --a------ C:\Windows\system32\RegisterExe.exe <Not Verified; ; RegisterExe Application>
2008-06-17 23:13:29 0 d-------- C:\Program Files\Softinterface, Inc
2008-06-16 21:20:15 304128 --a------ C:\Windows\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-06-16 21:20:07 0 -rahs---- C:\MSDOS.SYS
2008-06-16 21:20:07 0 -rahs---- C:\IO.SYS
2008-06-12 09:28:49 56108 --a------ C:\Windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
2008-06-02 21:33:30 16384 --a------ C:\Windows\system32\FileOps.exe
2008-06-02 21:33:14 0 d-------- C:\Windows\system32\Adobe
2008-06-02 18:47:25 174592 --a------ C:\Windows\system32\framedyn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-02 18:46:25 5632 --a------ C:\Windows\system32\drivers\StarOpen.sys
2008-06-02 17:02:00 0 d-------- C:\Windows\system32\Samsung_USB_Drivers
2008-06-02 17:01:48 0 d-------- C:\Program Files\Samsung


-- Find3M Report ---------------------------------------------------------------

2008-07-02 14:01:50 690832 --a------ C:\Windows\system32\perfh00C.dat
2008-07-02 14:01:50 117572 --a------ C:\Windows\system32\perfc00C.dat
2008-07-01 05:47:50 174 --ahs---- C:\Program Files\desktop.ini
2008-07-01 05:44:26 0 d-------- C:\Program Files\Windows Calendar
2008-07-01 05:44:22 0 d-------- C:\Program Files\Windows Mail
2008-06-30 20:31:27 0 d-------- C:\Users\Elsa\AppData\Roaming\Malwarebytes
2008-06-30 20:01:03 0 d-------- C:\Users\Elsa\AppData\Roaming\Adobe
2008-06-30 00:03:32 0 d-------- C:\Users\Elsa\AppData\Roaming\Azureus
2008-06-29 23:05:13 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-29 22:49:36 0 d-------- C:\Program Files\Common Files
2008-06-02 18:48:42 0 d-------- C:\Users\Elsa\AppData\Roaming\Samsung
2008-06-02 18:45:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-16 17:45:28 558 --a------ C:\Users\Elsa\AppData\Roaming\wklnhst.dat
2008-05-15 16:10:18 0 d-------- C:\Program Files\CyberLink
2008-05-15 16:08:46 0 d-------- C:\Program Files\EPSON
2008-05-15 15:31:46 0 d-------- C:\Users\Elsa\AppData\Roaming\skypePM


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [18/11/2006 02:52]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [15/11/2006 21:08]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [15/11/2006 21:07]
"Persistence"="C:\Windows\system32\igfxpers.exe" [15/11/2006 21:07]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [14/08/2007 14:25]
"SigmatelSysTrayApp"="sttray.exe" [08/02/2007 08:11 C:\Windows\sttray.exe]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [28/11/2006 02:15]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [03/10/2006 13:37]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [16/03/2007 13:50]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [14/08/2007 14:43]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [02/05/2007 20:16]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [19/10/2007 21:16]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [05/11/2006 13:22]
"atwtusb"="atwtusb.exe" [20/08/2001 18:48 C:\Windows\System32\Atwtusb.exe]
"TrustInstaller"="E:\Setup.exe" []
"MSConfig"="C:\Windows\system32\msconfig.exe" [02/11/2006 12:45]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [20/09/2007 00:32]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 15:34]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [14/08/2007 14:31:19]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 23:05:26]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [14/08/2007 14:28:06]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus D78 Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\Windows\TEMP\E_S3B5A.tmp" /EF "HKLM"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-07-02 14:11:04 ------------





[ est ce que je peut enlever le programme "bonjour" ? ]

ouep

en tout cas merci beauuuucoup

je n'aurais été capable de rien toute seule !

bonne nuit!

Tu as d'autres soucis ?

Je pense que oui

Bon surf