Plus rien ne s'affiche si ce n'est mon fond d'écran A L'AIDE !!!

Bonjour à tous,

Voila mon pb vient du fait que j'ai installé un logiciel,une co***rie que j'ai téléchargé sur emule et qui s'appelle Babylon.c'est un traducteur.

Dès que je l'ai installé, mon ordi s'est figé et tout a disparu à l'écran pour qu'il ne reste que mon fond d'écran affiché.
Quelqu'un pourrait il me dire comment résoudre le pb ; j'ai Virusscan comme antivirus mais il ne trouve rien

Quelqu'un saurait il comment je pourrais supprimer ce virus ???

Merci d'avance

Bjr,

merci de ton aide Angeldark mais c'est la manip que je fais à chaque fois qu'arrive le phénomène, mais ce dernier se répète à chaque fois que je parcours des répertoires ou que j'ouvre l'explorateur windows.

J'ai remarqué qu'un icone M rouge apparait au niveau de la barre des tâches à chaque fois que je retombe sur le bureau

Merci pour votre aide

Re,

Si tu veux je peux t'envoyer une image l'icone qui apparait trés rapidement et disparait dans le barre des tâches, j'ai réussi à faire une capture dans le laps de temps où il apparaît.

voila le rapport :

*********************************************************************

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:42, on 13/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\VIRUSCAN\shstat.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Framework\UdaterUI.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Framework\McTray.exe
D:\Program Files\VMWare 6\vmware-tray.exe
D:\Program Files\VMWare 6\hqtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Avast\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System\w98eject.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\OEMCOM~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
D:\PROGRA~1\FREEDO~1\fdm.exe
D:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/y [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/y [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35ACC284-67CB-426D-9484-736F181692F5} - C:\Windows\system32\ljJASLDt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\VIRUSCAN\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\VIRUSCAN\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\Windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe
O4 - HKLM\..\Run: [SetupType] Portable
O4 - HKLM\..\Run: [NetAnalyse] D:\Program Files\Netanalyse(srcutationconec)\NetAnalyse\NetAnalyse.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [vmware-tray] D:\Program Files\VMWare 6\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "D:\Program Files\VMWare 6\hqtray.exe"
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\nnnnLCrQ.dll,#1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\Avast\ashDisp.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [NetAppel] "D:\Program Files\NetAppel(logiciel_permettant_de_tel_vers_fixes)\NetAppel.exe" -nosplash -minimized
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: NetAnalyse.lnk = D:\Program Files\Netanalyse(srcutationconec)\NetAnalyse\NetAnalyse.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: w98Eject.lnk = ?
O8 - Extra context menu item: &Download with &DAP - D:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Programajeter\WinHTTrack(aspiration_site)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Programajeter\WinHTTrack(aspiration_site)\WinHTTrackIEBar.dll
O13 - Gopher Prefix:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Avast\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - D:\Program Files\Détection config grâce au site maconfig.com\maconfservice.exe (file missing)
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\VIRUSCAN\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\VIRUSCAN\VsTskMgr.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe
O23 - Service: OracleServiceXE - Oracle Corporation - d:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE
O23 - Service: OracleXEClrAgent - Unknown owner - D:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe
O23 - Service: OracleXETNSListener - Unknown owner - D:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\Program Files\VMWare 6\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMWare 6\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11282 bytes


**************************************************************************************

euh, oué c normal qu'il m'ai supprimé des .dll ce log la ???

************************************************************************************

ComboFix 09-01-11.04 - OEMComputer 2009-01-13 14:23:20.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2046.954 [GMT 1:00]
Lancé depuis: d:\téléchargements\ComboFix.exe
AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Outdated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ddccdbcD.dll
c:\windows\system32\efCVLCSk.dll
c:\windows\system32\kSCLVCfe.ini
c:\windows\system32\kSCLVCfe.ini2
c:\windows\system32\ljJASLDt.dll
c:\windows\system32\tDLSAJjl.ini
c:\windows\system32\tDLSAJjl.ini2

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-13 au 2009-01-13 ))))))))))))))))))))))))))))))))))))
.

2009-01-13 13:06 . 2009-01-13 13:06 <REP> d-------- C:\RapportVscan
2009-01-13 12:56 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2009-01-13 12:56 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2009-01-13 12:56 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2009-01-13 12:56 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
2009-01-13 12:55 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2009-01-13 12:55 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2009-01-13 12:48 . 2009-01-13 14:26 36,352 --a------ c:\windows\System32\nnnnLCrQ.dll
2009-01-13 11:13 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2009-01-12 17:17 . 2009-01-12 17:17 46,080 --a------ c:\windows\System32\qommKdcb.dll
2009-01-09 21:51 . 2007-10-08 09:27 436,784 --a------ c:\windows\System32\vnetlib.dll
2009-01-09 21:51 . 2007-10-08 09:26 150,064 --a------ c:\windows\System32\vmnat.exe
2009-01-09 21:51 . 2007-10-08 09:26 121,392 --a------ c:\windows\System32\vmnetdhcp.exe
2009-01-09 21:51 . 2007-10-08 09:26 50,992 -ra------ c:\windows\System32\vmnetbridge.dll
2009-01-09 21:51 . 2007-10-08 09:26 28,592 -ra------ c:\windows\System32\drivers\vmnetbridge.sys
2009-01-09 21:51 . 2007-10-08 09:27 25,008 --a------ c:\windows\System32\drivers\vmnetuserif.sys
2009-01-09 21:51 . 2007-10-08 09:26 17,712 -ra------ c:\windows\System32\drivers\vmnet.sys
2009-01-09 21:51 . 2007-10-08 09:26 16,816 --a------ c:\windows\System32\drivers\vmnetadapter.sys
2009-01-09 21:51 . 2007-10-08 09:26 13,104 --a------ c:\windows\System32\vnetinst.dll
2009-01-09 21:49 . 2007-10-08 09:27 20,912 --a------ c:\windows\System32\drivers\VMkbd.sys
2009-01-09 21:46 . 2009-01-09 22:09 <REP> d-------- c:\program files\VMware
2009-01-09 21:46 . 2009-01-09 21:46 <REP> d-------- c:\program files\Common Files\VMware
2008-12-30 13:17 . 2009-01-13 14:30 <REP> d-------- c:\users\OEMComputer\AppData\Roaming\VMware
2008-12-30 13:09 . 2009-01-13 14:30 <REP> d-------- c:\users\All Users\VMware
2008-12-30 13:09 . 2009-01-13 14:30 <REP> d-------- c:\programdata\VMware
2008-12-30 13:09 . 2009-01-09 21:49 1,024 --a------ C:\.rnd
2008-12-27 20:42 . 2008-12-27 20:42 59 --a------ c:\windows\wininit.ini
2008-12-27 19:29 . 2008-12-27 19:33 <REP> d-------- c:\windows\System32\Samsung_USB_Drivers
2008-12-27 19:29 . 2005-08-28 20:51 766 --a------ c:\windows\System32\Uninstall.ico
2008-12-20 18:45 . 2009-01-11 20:04 69 --a------ c:\windows\NeroDigital.ini
2008-12-20 18:22 . 2008-12-20 18:22 <REP> d-------- c:\users\OEMComputer\AppData\Roaming\Nero
2008-12-20 18:19 . 2008-12-20 18:19 <REP> d-------- c:\users\All Users\Nero
2008-12-20 18:19 . 2008-12-20 18:19 <REP> d-------- c:\programdata\Nero
2008-12-20 18:19 . 2008-12-20 18:21 <REP> d-------- c:\program files\Common Files\Nero
2008-12-20 12:23 . 2008-12-20 16:59 <REP> d-------- c:\users\OEMComputer\AppData\Roaming\Orbit
2008-12-17 20:41 . 2009-01-11 20:04 <REP> d-------- C:\DOCUMENTAIRES
2008-12-16 18:12 . 2008-12-16 18:28 24 ---hs---- c:\windows\S8676C838.tmp
2008-12-16 16:20 . 2008-12-16 16:20 50 --a------ c:\windows\Winamp.ini
2008-12-16 16:19 . 2008-12-16 16:19 41 --a------ c:\windows\winampa.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-13 13:30 --------- d-----w c:\users\OEMComputer\AppData\Roaming\uTorrent
2009-01-13 13:26 --------- d-----w c:\users\OEMComputer\AppData\Roaming\Free Download Manager
2009-01-12 21:47 --------- d-----w c:\program files\Java
2009-01-12 21:18 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-12 17:16 --------- d-----w c:\programdata\eMule
2009-01-12 16:38 135,685 ----a-w c:\users\OEMComputer\AppData\Roaming\nvModes.dat
2009-01-12 08:26 --------- d-----w c:\users\OEMComputer\AppData\Roaming\OpenOffice.org2
2009-01-06 19:27 --------- d-----w c:\program files\Common Files\Adobe
2008-12-02 20:55 --------- d-----w c:\programdata\WindowsSearch
2008-11-30 22:00 --------- d-----w c:\users\OEMComputer\AppData\Roaming\InstallShield Installation Information
2008-11-30 16:43 --------- d-----w c:\users\OEMComputer\AppData\Roaming\Wireshark
2008-11-30 09:37 --------- d-----w c:\programdata\LightScribe
2008-11-29 20:41 --------- d-----w c:\program files\SystemRequirementsLab
2008-11-29 20:40 --------- d-----w c:\users\OEMComputer\AppData\Roaming\SystemRequirementsLab
2008-11-27 19:37 --------- d-----w c:\program files\OpenAL
2008-11-27 15:32 796,672 ----a-w c:\windows\GPInstall.exe
2008-11-21 20:10 93,776 ----a-w c:\windows\system32\drivers\VBoxDrv.sys
2008-11-21 20:10 47,184 ----a-w c:\windows\system32\drivers\VBoxTAP.sys
2008-11-21 20:10 41,744 ----a-w c:\windows\system32\drivers\VBoxUSBMon.sys
2008-11-21 20:10 31,824 ----a-w c:\windows\system32\drivers\VBoxUSB.sys
2008-11-20 14:22 --------- d-----w c:\program files\WinPcap
2008-11-17 19:19 --------- d-----w c:\program files\Windows Live
2008-11-14 08:30 --------- d-----w c:\programdata\Codemasters
2008-11-12 20:09 319,456 ----a-w c:\windows\DIFxAPI.dll
2008-08-04 11:35 174 --sha-w c:\program files\desktop.ini
2008-05-22 17:05 160 ----a-w c:\users\OEMComputer\AppData\Roaming\wklnhst.dat
2008-08-14 19:22 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-08-14 19:22 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-08-14 19:22 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2008-10-20 270128]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetupType"="Portable" [X]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-09 865840]
"ShStatEXE"="c:\program files\VIRUSCAN\SHSTAT.EXE" [2007-10-16 111952]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-25 45056]
"McAfeeUpdaterUI"="c:\program files\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2007-07-31 707080]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-01-11 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-11 8501792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-11 81920]
"CloneCDTray"="d:\program files\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"NBKeyScan"="d:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"vmware-tray"="d:\program files\VMWare 6\vmware-tray.exe" [2007-10-08 72240]
"VMware hqtray"="d:\program files\VMWare 6\hqtray.exe" [2007-10-08 55856]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]
"avast!"="d:\progra~1\Avast\ashDisp.exe" [2008-11-26 81000]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 c:\windows\RtHDVCpl.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-08-14 535336]
w98Eject.lnk - c:\windows\System\w98eject.exe [2008-08-24 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 c:\windows\system32\ljJASLDt

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
backup=c:\windows\pss\Acer VCM.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
--a------ 2007-05-22 14:49 151552 c:\acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
--a------ 2005-09-06 14:45 820736 c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
--a------ 2007-06-11 13:54 1286144 c:\acer\Empowering Technology\eAudio\eAudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
--a------ 2007-04-25 15:33 457216 c:\acer\Empowering Technology\eDataSecurity\eDSLoader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2005-06-29 15:29 176128 d:\program files\Nokia Logiciel\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
--a------ 2005-08-26 15:49 860160 d:\program files\Nokia Logiciel\Nokia PC Suite 6\PcSync2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
--------- 2007-05-24 12:38 206952 c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-19 08:38 1008184 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4020847278-694547403-3925728826-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CDC7112E-6A12-49E6-B564-839CC7CF348F}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{34EAE660-6D25-452C-AA00-B243496DCCCF}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{9EB7BD2B-824C-40D8-B735-BFFC3D6A1596}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{8CB48207-3F7B-458F-A593-2640FB8D7108}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exeV Wizard
"{FAF30FFB-AD74-4B68-A6F6-0AB3B796B885}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exeVDivine
"{00FFF3E2-9C55-42D7-B39D-825EB1816014}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exelay Movie
"{84F57BAB-12D0-4746-BA6C-9344696DB7EC}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exelay Movie Resident Program
"{0E85B7A7-90A5-428D-8FB6-C9477A9BE9AB}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM
"{F3D3F2D8-513F-43B6-8687-0E8286606C88}"= UDP:c:\program files\Common Framework\FrameworkService.exe:McAfee Framework Service
"{6469E584-D27A-4CFC-A6AB-A51AC4A2FDCA}"= TCP:c:\program files\Common Framework\FrameworkService.exe:McAfee Framework Service
"{8ACB953F-9AF2-4999-A048-BA4CFA4E67CC}"= UDP:\program files\DAP(permet de télécharger+vite)\DAP.exeownload Accelerator Plus (DAP)
"{F48A0868-FC66-4A53-9F8D-930C9205F9D0}"= TCP:\program files\DAP(permet de télécharger+vite)\DAP.exeownload Accelerator Plus (DAP)
"{BD169541-6788-4543-B224-0D0005546971}"= UDP:\program files\DAP(permet de télécharger+vite)\DAP.exeownload Accelerator Plus (DAP)
"{7D6D0D0C-3E20-4E46-8074-063EBEEE1BF2}"= TCP:\program files\DAP(permet de télécharger+vite)\DAP.exeownload Accelerator Plus (DAP)
"{5F088E67-8A04-4A98-8C52-FCA42006ED51}"= UDP:\program files\DAP\DAP.exeownload Accelerator Plus (DAP)
"{B80BB12B-DD4D-45FC-AD88-5989C1747032}"= TCP:\program files\DAP\DAP.exeownload Accelerator Plus (DAP)
"{F4ACA0F7-31FF-4DDF-90BB-57B39B675AE6}"= UDP:c:\program files\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{AB0E300C-F4AE-45F6-BD4E-835BB3DE0C66}"= TCP:c:\program files\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{A78D46F7-1B27-413C-8C2E-01BE412B2575}"= UDP:c:\program files\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{6104FE4E-2CD6-4370-889E-6EEC86709196}"= TCP:c:\program files\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"TCP Query User{6C229D0E-EC43-4BA9-A36D-853E27F0BDD3}d:\\program files\\wormsarm\\wa.exe"= UDP:\program files\wormsarm\wa.exe:Worms Armageddon
"UDP Query User{CAC6C617-292C-49AC-9920-7B991EE12C60}d:\\program files\\wormsarm\\wa.exe"= TCP:\program files\wormsarm\wa.exe:Worms Armageddon
"TCP Query User{C28CC3FB-C749-460D-8EC3-380024F3FACA}c:\\program files\\ea games\\battlefield 2\\bf2.exe"= UDP:c:\program files\ea games\battlefield 2\bf2.exe:BF2
"UDP Query User{80CF8D6D-17AA-4F8A-A566-FB62FF9F3657}c:\\program files\\ea games\\battlefield 2\\bf2.exe"= TCP:c:\program files\ea games\battlefield 2\bf2.exe:BF2
"{80AC773D-20EC-4262-B168-B3EB7A789D83}"= UDP:\program files\Les sims 2\TSBin\Sims2.exe:Les Sims 2
"{87BB3722-B403-4121-8E14-5D080D7C66B2}"= TCP:\program files\Les sims 2\TSBin\Sims2.exe:Les Sims 2
"{F7D49F6B-6947-4196-BB72-ED74E72D6A44}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{3E555C0E-8E4F-4F3C-8949-C982A0D3D71F}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"TCP Query User{2728D822-F3F6-44EE-B261-A9BF890349DD}d:\\program files\\eclipse\\eclipse.exe"= UDP:\program files\eclipse\eclipse.exe:eclipse
"UDP Query User{D0B032E0-EDC2-4451-8F2E-F291C81DDC0C}d:\\program files\\eclipse\\eclipse.exe"= TCP:\program files\eclipse\eclipse.exe:eclipse
"{DF4FE6DF-78CE-45AA-B625-8E83653D097E}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{5C593B3A-6BFA-4A3D-8CF1-502E443AA01A}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{54A43197-A2BC-4B59-ABD9-BC06569330A6}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{5B46D145-E20D-4764-BE4E-DCEBF2B025A5}d:\\program files\\free download manager\\fdm.exe"= UDP:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{4A27858C-DB32-41BC-8981-3E796D6BBFE1}d:\\program files\\free download manager\\fdm.exe"= TCP:\program files\free download manager\fdm.exe:Free Download Manager
"{30F71D37-B006-4DD2-9047-EDC8FF5F5A84}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{359F1EFE-62D7-42F1-8B5B-CA203A592D5A}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{FCA7ECEB-2431-4505-BD0C-CB3CCB66115B}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{0B2352EB-1CB8-4A33-A137-632910B9B3EF}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{D4458BF8-66BE-4157-8E37-8D2C3C4EBED1}"= UDP:\program files\Détection config grâce au site maconfig.com\maconfservice.exe:maconfservice
"{503C679D-D995-4D95-A40D-33A52BAB4AEB}"= TCP:\program files\Détection config grâce au site maconfig.com\maconfservice.exe:maconfservice
"{68FDE288-CF11-4E96-AE64-153EBD2FB0A2}"= UDP:\program files\Grid\GRID.exe:GRID
"{AE2C850E-E6A8-458B-B801-702908BA9C0D}"= TCP:\program files\Grid\GRID.exe:GRID
"{A93E4730-6587-4AAC-8CB3-DCBF0E0B24C4}"= UDP:\program files\Rise of nations\thrones.exe:Rise of Nations
"{5C35EB7E-61E0-464E-A7C7-3A3E3F4C14A7}"= TCP:\program files\Rise of nations\thrones.exe:Rise of Nations
"{EB5E5D18-505D-4728-8E51-4F820B36EF01}"= UDP:\program files\NetAppel(logiciel_permettant_de_tel_vers_fixes)\NetAppel.exe:NetAppel
"{4F0D6BBD-C96E-4D02-93EE-780748828CAC}"= TCP:\program files\NetAppel(logiciel_permettant_de_tel_vers_fixes)\NetAppel.exe:NetAppel
"TCP Query User{0FF3B4AE-0D65-4946-A3AB-B4F69799152D}d:\\program files\\emule\\emule.exe"= UDP:d:\program files\emule\emule.exe:eMule
"UDP Query User{037AD08E-3E97-4E71-BA1E-BA5395EE6ED2}d:\\program files\\emule\\emule.exe"= TCP:d:\program files\emule\emule.exe:eMule
"TCP Query User{0611AB57-A9E5-46C4-8D40-A2E756B5CCA1}d:\\program files\\arma\\arma.exe"= UDP:d:\program files\arma\arma.exe:ArmA
"UDP Query User{1516A592-EABE-4F72-96CE-42CA25607B8D}d:\\program files\\arma\\arma.exe"= TCP:d:\program files\arma\arma.exe:ArmA
"TCP Query User{0FAE19A9-4F55-4C54-9E9D-011215EB79BB}c:\\program files\\orbitdownloader(log similaire a free downloadmanager permettant de récup les videos)\\orbitnet.exe"= UDP:c:\program files\orbitdownloader(log similaire a free downloadmanager permettant de récup les videos)\orbitnet.exe2P service of Orbit Downloader
"UDP Query User{4980B0C9-D000-416A-9836-28993AC9FE2E}c:\\program files\\orbitdownloader(log similaire a free downloadmanager permettant de récup les videos)\\orbitnet.exe"= TCP:c:\program files\orbitdownloader(log similaire a free downloadmanager permettant de récup les videos)\orbitnet.exe2P service of Orbit Downloader
"TCP Query User{EBB09606-73CD-4D26-8A69-646F506AC573}d:\\program files\\xampp\\apache\\bin\\apache.exe"= UDP:d:\program files\xampp\apache\bin\apache.exe:Apache HTTP Server
"UDP Query User{6CBA4621-FCC6-4124-A295-DD71CC148F8E}d:\\program files\\xampp\\apache\\bin\\apache.exe"= TCP:d:\program files\xampp\apache\bin\apache.exe:Apache HTTP Server
"TCP Query User{76503120-0E96-400F-AFC7-F91C91673DDE}d:\\program files\\emule\\emule.exe"= UDP:d:\program files\emule\emule.exe:eMule
"UDP Query User{95458CBD-3EA1-48E6-9AC2-A18DC198167C}d:\\program files\\emule\\emule.exe"= TCP:d:\program files\emule\emule.exe:eMule

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-01-13 111184]
R1 VBoxDrv;VirtualBox Service;c:\windows\System32\drivers\VBoxDrv.sys [2008-12-01 93776]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\System32\drivers\VBoxUSBMon.sys [2008-12-01 41744]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2007-08-14 179712]
R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [2007-08-14 43008]
R4 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2007-09-11 06:16:45 13560]
R4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-01-13 20560]
R4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-01-13 51792]
S3 maconfservice;Ma-Config Service;"d:\program files\Détection config grâce au site maconfig.com\maconfservice.exe" --> d:\program files\Détection config grâce au site maconfig.com\maconfservice.exe [?]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\System32\drivers\npf.sys [2007-11-06 34064]
S3 OracleServiceXE;OracleServiceXE;d:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE --> d:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [?]
S3 OracleXETNSListener;OracleXETNSListener;d:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE [2006-02-01 204800]
S3 VBoxTAP;VirtualBox TAP Adapter;c:\windows\System32\drivers\VBoxTAP.sys [2008-11-21 47184]
S3 VBoxUSB;VirtualBox USB;c:\windows\System32\drivers\VBoxUSB.sys [2008-11-21 31824]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE;d:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE --> d:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - sptd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02a0503e-8c7d-11dd-8a52-001b2490aae0}]
\shell\Auto\command - cmd /C launch.bat
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80ade61a-ae5c-11dc-a4ca-0013e8971c17}]
\shell\AutoRun\command - F:\install.exe /autorun
\shell\setup\command - F:\install.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{acfe8227-daf8-11dc-aa07-001b2490aae0}]
\shell\AutoRun\command - G:\_RG.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{acfe8228-daf8-11dc-aa07-001b2490aae0}]
\shell\AutoRun\command - I:\AutoRun.exe TMM50
.
Contenu du dossier 'Tâches planifiées'

2009-01-13 c:\windows\Tasks\hnsgrefg.job
- c:\windows\system32\rundll32.exe [2006-11-02 10:45]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{35ACC284-67CB-426D-9484-736F181692F5} - c:\windows\system32\ljJASLDt.dll
HKCU-Run-NetAppel - d:\program files\NetAppel(logiciel_permettant_de_tel_vers_fixes)\NetAppel.exe
HKCU-Run-Acer Tour Reminder - (no file)
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-ALaunch - c:\acer\ALaunch\AlaunchClient.exe
HKLM-Run-HPAIO_PrintFolderMgr - c:\windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe
HKLM-Run-NetAnalyse - d:\program files\Netanalyse(srcutationconec)\NetAnalyse\NetAnalyse.exe
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
MSConfigStartUp-DownloadAccelerator - d:\program files\DAP(permet de télécharger+vite)\DAP.EXE
MSConfigStartUp-SuperCopier - d:\program files\SuperCopier\SuperCopier.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
IE: &Download with &DAP - d:\program files\DAP\dapextie.htm
IE: Download &all with DAP - d:\program files\DAP\dapextie2.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - file://d:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://d:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://d:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://d:\program files\Free Download Manager\dlfvideo.htm
FF - ProfilePath - c:\users\OEMComputer\AppData\Roaming\Mozilla\Firefox\Profiles\io8ynf2f.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/firefox?http://id.orange.fr/auth_user/bin/auth_user.cgi?service=communiquer&url=http://webmail1b.orange.fr/webmail/fr_FR/inbox.htmlclient=firefox-a&rls=org.mozilla:frfficial|http://id.orange.fr/auth_user/bin/auth_user.cgi?service=communiquer&url=http://webmail26.orange.fr/webmail/fr_FR/inbox.html
FF - component: d:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-13 14:30:20
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
d:\program files\Avast\aswUpdSv.exe
d:\program files\Avast\ashServ.exe
c:\windows\System32\conime.exe
c:\program files\Launch Manager\QtZgAcer.EXE
c:\program files\Common Framework\Mctray.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Framework\FrameworkService.exe
c:\program files\VIRUSCAN\Mcshield.exe
c:\program files\VIRUSCAN\VsTskMgr.exe
c:\users\OEMCOM~1\AppData\Local\Temp\RtkBtMnt.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Common Framework\naPrdMgr.exe
d:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\System32\IoctlSvc.exe
d:\program files\Avast\ashDisp.exe
c:\program files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
c:\windows\System32\vmnat.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\drivers\XAudio.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
d:\program files\VMWare 6\vmware-authd.exe
c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
c:\windows\System32\vmnetdhcp.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\wbem\WMIADAP.exe
c:\acer\Empowering Technology\ePower\ePower_DMC.exe
c:\program files\VIRUSCAN\mcupdate.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2009-01-13 14:35:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-13 13:35:05

Avant-CF: 8 497 106 944 octets libres
Après-CF: 9,101,500,416 octets libres

339 --- E O F --- 2008-08-04 10:07:28


***************************************************************************

Re je n'ai pas pu installer le malware car g un mega gro probleme maintenant, faut absolument que tu m'aide ; MON ORDI N'ARRIVE PLUS A DEMARER !!!


Je texplique, des mises à jours Vista se sont téléchargées et quand je redémare mon PC, il est écrit "Installation des mises à jour étape 3/3 0 % effectué" et après une minute un truc comme ca, MON ORDI SE REDEMARE TOUT SEUL et le truc se répete indéfiniment.Pareil quand je redémare en mode sans échec sauf qu'il se redémare encore plus rapidement puisque l'installation des mises à jour ne se fait pas

J'espere que tu poura vite me répondre parce que j'ai absolument besoin de mon ordi pour des exams et jespere ke tu poura maider Angeldark

Merci d'avance

Le pb est réglé g formaté

Par contre je voudrais que tu maide à régler Virusscan 8.7i entreprise car lorsque la mise à jour se lance, elle ne se termine jamais !!

J'aimerais aussi que tu m'aide à le régler si tu sais comment faire.

Merci davance

ouai mais en fait j'ai lu qu'il était pas bien donc je vais mettre Avast pro é pui basta

Par contre jvoudrai ktu maide pr un autre probleme si tu pe,

(Toujours des pb avec vista vive l'antiprogré de chez microsoft)

Bref, maintenant que j'ai réinstallé vista ,au démarage ya une petite fenetre toute anodine ki me di que le fichier C:\Windows\system32\yngcyyma.dll n'a pas été trouvé et que c'est pas normal biensur

Saurais tu comment remédier à ca ???