Forum Clubic

Adware mysearchweb reste-t-il présent?

Bonsoir, je croyais m’être débarassé de ce spyware mais il m’est revenu… snif. Du coup j’ai besoin de votre aide.
Alors pour commencer (Vista, HP-pavillon), un petit log Hijackthis :

ANALYSIS: 2008-11-26 21:07:39
PROTECTIONS: 1
MALWARE: 3
SUSPECTS: 0
;************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;=============================================================================
Windows Defender 1.1.4104.0 No No
;===============================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Cookies\utilisateur@doubleclick[1].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexis@statse.webtrendslive[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Cookies\utilisateur@statse.webtrendslive[2].txt
00331070 Application/MotherboardMonitor.A HackTools No 0 Yes No C:\Tgl0beSCRIPT\Scripts\SystemInfo\moo.dll
;==================================================================================================
SUSPECTS
Sent Location ??nb??DC5
;=================================================================================================
;===============================================================================================
VULNERABILITIES
Id Severity Description ??nb??DC5
;=====================================================================================
;========================================================================

Je ne sais même pas à quoi ça correspond ! Je sais juste que Panda me trouve également des spyware.


Pour poursuivre, le véritable log de hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:34:55, on 26/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\jureg.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\system32\schtasks.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\COMODO\CBOClean\BOC425.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=
F3 - REG:win.ini: run=
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM…\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM…\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM…\Run: [SunJavaUpdateReg] “C:\Windows\system32\jureg.exe”
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKLM…\Run: [itype] “C:\Program Files\Microsoft IntelliType Pro\itype.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [COMODO SafeSurf] “C:\Program Files\COMODO\SafeSurf\cssurf.exe” -s
O4 - HKLM…\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKCU…\Run: [filehippo.com] “C:\Program Files\filehippo.com\UpdateChecker.exe” /background
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [Speech Recognition] “C:\Windows\Speech\Common\sapisvr.exe” -SpeechUX -Startup (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE…
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: www.orange.fr…
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - cdn.scan.onecare.live.com…
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - www.eset.eu…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - fpdownload2.macromedia.com…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\cssdll32.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe


End of file - 7533 bytes


Pour poursuivre, j'ai fait un scan complet avec MAM en mode sans échec. Voici le log :

Malwarebytes’ Anti-Malware 1.30
Version de la base de données: 1427
Windows 6.0.6001 Service Pack 1

26/11/2008 21:27:37
mbam-log-2008-11-26 (21-27-37).txt

Type de recherche: Examen complet (C:|D:|)
Eléments examinés: 166129
Temps écoulé: 16 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Une fois le spyware en quarantaine, je l’ai supprimé. J’ai fait le log HiJackThis ci-dessous, puis j’ai refait un scan complet en mode sans échec avec MAM dans lequel, il n’a rien trouvé.


Dernier log HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:46, on 26/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\jureg.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\COMODO\CBOClean\BOC425.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=
F3 - REG:win.ini: run=
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM…\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM…\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM…\Run: [SunJavaUpdateReg] “C:\Windows\system32\jureg.exe”
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKLM…\Run: [itype] “C:\Program Files\Microsoft IntelliType Pro\itype.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [COMODO SafeSurf] “C:\Program Files\COMODO\SafeSurf\cssurf.exe” -s
O4 - HKLM…\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKCU…\Run: [filehippo.com] “C:\Program Files\filehippo.com\UpdateChecker.exe” /background
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [Speech Recognition] “C:\Windows\Speech\Common\sapisvr.exe” -SpeechUX -Startup (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE…
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: www.orange.fr…
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - acs.pandasoftware.com…
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - cdn.scan.onecare.live.com…
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - www.eset.eu…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\cssdll32.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe


End of file - 8073 bytes

Voilà, je crois que je suis assez complet.

Et pour compléter le tout : j’ai mon nouveau DD externe qui a planté ! :@ :@

Salut,

on va regarder plus en profondeur:

==>Télécharge random’s system information tool (RSIT) et enregistre le sur ton bureau.

==>Double clique sur RSIT.exe pour lancer l’outil.

==>Clique sur ’ continue ’ à l’écran Disclaimer.

==>Si l’outil HIjackThis(version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.

==>Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Hello Goldorak59 !

Merci de ton aide, voici le premier rapport :

Logfile of random’s system information tool 1.04 (written by random/random)
Run by Utilisateur at 2008-11-26 22:59:08
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 238 GB (72%) free of 333 GB
Total RAM: 3071 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:59:12, on 26/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\jureg.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\system32\schtasks.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\COMODO\CBOClean\BOC425.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\WINDOWS\Speech\Common\sapisvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Alexis\Desktop\RSIT.exe
C:\Users\Utilisateur\Desktop\Utilisateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=
F3 - REG:win.ini: run=
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM…\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM…\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM…\Run: [SunJavaUpdateReg] “C:\Windows\system32\jureg.exe”
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKLM…\Run: [itype] “C:\Program Files\Microsoft IntelliType Pro\itype.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [COMODO SafeSurf] “C:\Program Files\COMODO\SafeSurf\cssurf.exe” -s
O4 - HKLM…\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKCU…\Run: [filehippo.com] “C:\Program Files\filehippo.com\UpdateChecker.exe” /background
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [Speech Recognition] “C:\Windows\Speech\Common\sapisvr.exe” -SpeechUX -Startup (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE…
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: www.orange.fr…
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - acs.pandasoftware.com…
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - cdn.scan.onecare.live.com…
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - www.eset.eu…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\cssdll32.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe


End of file - 8445 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\HPCeeScheduleForAlexis.job
C:\Windows\tasks\User_Feed_Synchronization-{3AA60397-4C53-45F3-B4EF-C1C596595925}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-24 34816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Windows Defender”=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
“hpsysdrv”=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
“KBD”=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
“IAAnotif”=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-09-12 182808]
“SunJavaUpdateReg”=C:\Windows\system32\jureg.exe [2008-11-19 54680]
“LogitechCommunicationsManager”=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-03-06 488984]
“avgnt”=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
“NvCplDaemon”=C:\Windows\system32\NvCpl.dll [2008-10-07 13584928]
“NvMediaCenter”=C:\Windows\system32\NvMcTray.dll [2008-10-07 92704]
“BOC-425”=C:\PROGRA~1\Comodo\CBOClean\BOC425.exe [2007-08-08 338432]
“itype”=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2007-08-31 988584]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-24 136600]
“COMODO SafeSurf”=C:\Program Files\COMODO\SafeSurf\cssurf.exe [2008-11-26 278264]
“COMODO Internet Security”=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2008-11-26 1796856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
filehippo.com”=C:\Program Files\filehippo.com\UpdateChecker.exe [2008-10-22 147968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=" C:\Windows\system32\cssdll32.dll"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“EnableShellExecuteHooks”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-11-26 22:59:08 ----D---- C:\rsit
2008-11-26 21:09:33 ----A---- C:\Windows\ntbtlog.txt
2008-11-26 19:37:57 ----D---- C:\Program Files\Panda Security
2008-11-26 19:17:57 ----D---- C:\Windows\BDOSCAN8
2008-11-26 16:51:15 ----D---- C:\ProgramData\comodo
2008-11-26 16:51:15 ----A---- C:\Windows\system32\guard32.dll
2008-11-26 10:27:54 ----D---- C:\Program Files\EsetOnlineScanner
2008-11-26 10:16:52 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 10:16:51 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 10:16:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-11-26 10:16:51 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 10:16:50 ----A---- C:\Windows\system32\connect.dll
2008-11-25 23:25:25 ----SHD---- C:\Config.Msi
2008-11-25 13:05:17 ----D---- C:\Users\Utilisateur\AppData\Roaming\Apple Computer
2008-11-25 13:04:09 ----D---- C:\Program Files\Bonjour
2008-11-25 13:04:02 ----D---- C:\ProgramData\Apple
2008-11-24 23:06:10 ----D---- C:\Users\Utilisateur\AppData\Roaming\vlc
2008-11-24 18:25:05 ----D---- C:\Program Files\OpenOffice.org 3
2008-11-24 18:14:55 ----D---- C:\Users\Utilisateur\AppData\Roaming\eMule
2008-11-24 18:04:19 ----D---- C:\Program Files\filehippo.com
2008-11-24 17:23:32 ----A---- C:\Windows\system32\javaws.exe
2008-11-24 17:23:32 ----A---- C:\Windows\system32\javaw.exe
2008-11-24 17:23:32 ----A---- C:\Windows\system32\java.exe
2008-11-24 17:23:19 ----D---- C:\Program Files\Java
2008-11-24 17:11:00 ----D---- C:\Program Files\Common Files\Adobe
2008-11-22 18:52:54 ----D---- C:\ubuntu
2008-11-20 19:18:58 ----D---- C:\Program Files\Microsoft IntelliType Pro
2008-11-19 13:36:46 ----A---- C:\Windows\UNBOC.EXE
2008-11-19 13:36:45 ----A---- C:\Windows\CMDLIC.DLL
2008-11-19 13:36:39 ----D---- C:\ProgramData\BOC425
2008-11-19 13:36:35 ----A---- C:\Windows\BOC425.INI
2008-11-18 23:24:08 ----D---- C:\Program Files\BHODemon 2
2008-11-18 22:23:54 ----D---- C:\Windows\Sun
2008-11-18 22:22:47 ----A---- C:\Windows\system32\deploytk.dll
2008-11-17 21:54:28 ----A---- C:\Windows\system32\imageres.dll
2008-11-17 21:26:24 ----D---- C:\ProgramData\Stardock
2008-11-17 21:26:11 ----A---- C:\Windows\system32\wbhelp2.dll
2008-11-17 21:18:49 ----A---- C:\Windows_MSRSTRT.EXE
2008-11-17 21:11:29 ----N---- C:\Windows\WB.ini
2008-11-17 21:09:05 ----N---- C:\Windows\system32\wbload.dll
2008-11-17 21:09:04 ----N---- C:\Windows\system32\wbsys.dll
2008-11-17 21:09:04 ----D---- C:\Program Files\Stardock
2008-11-17 00:49:52 ----D---- C:\Program Files\Adobe
2008-11-16 22:04:33 ----D---- C:\Users\Utilisateur\AppData\Roaming\Opera
2008-11-16 22:04:05 ----D---- C:\Program Files\Opera
2008-11-16 15:51:00 ----D---- C:\Program Files\SyllabiK
2008-11-15 19:50:51 ----D---- C:\Tgl0beSCRIPT
2008-11-14 17:18:19 ----D---- C:\Program Files\CCleaner
2008-11-14 17:08:06 ----D---- C:\Program Files\Glary Utilities
2008-11-14 11:33:39 ----A---- C:\Windows\system32\difxapi.dll
2008-11-14 11:33:14 ----D---- C:\Users\Utilisateur\AppData\Roaming\InstallShield
2008-11-14 11:27:22 ----A---- C:\Windows\system32\CSVer.dll
2008-11-14 11:26:33 ----D---- C:\Intel
2008-11-14 11:07:17 ----HD---- C:\Program Files\Temp
2008-11-14 10:56:42 ----D---- C:\Windows\system32\AGEIA
2008-11-14 10:56:41 ----D---- C:\Program Files\AGEIA Technologies
2008-11-14 10:56:24 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-14 10:53:16 ----D---- C:\NVIDIA
2008-11-14 10:43:52 ----D---- C:\Program Files\ma-config.com
2008-11-14 10:43:51 ----D---- C:\ProgramData\ma-config.com
2008-11-12 14:41:21 ----A---- C:\Windows\system32\msxml6.dll
2008-11-12 14:41:19 ----A---- C:\Windows\system32\msxml3.dll
2008-11-09 19:32:25 ----D---- C:\Program Files\Trend Micro
2008-11-09 18:58:59 ----D---- C:\Users\Utilisateur\AppData\Roaming\Comodo
2008-11-09 17:33:20 ----D---- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes
2008-11-09 17:33:10 ----D---- C:\ProgramData\Malwarebytes
2008-11-09 17:33:09 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2008-11-09 16:47:51 ----A---- C:\Windows\system32\cssdll32.dll
2008-11-09 16:45:09 ----D---- C:\Program Files\COMODO
2008-11-09 16:34:00 ----A---- C:\Windows\UNZIP.DLL
2008-11-09 16:34:00 ----A---- C:\Windows\TMUPDATE.DLL
2008-11-09 16:34:00 ----A---- C:\Windows\PATCH.EXE
2008-11-09 15:20:12 ----D---- C:\ProgramData\Avira
2008-11-09 15:20:12 ----D---- C:\Program Files\Avira
2008-11-03 15:03:23 ----D---- C:\ProgramData\WindowsSearch
2008-10-28 20:53:13 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 20:53:13 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 20:53:12 ----A---- C:\Windows\system32\win32spl.dll

======List of files/folders modified in the last 1 months======

2008-11-26 22:59:12 ----D---- C:\Windows\Temp
2008-11-26 22:59:12 ----D---- C:\Windows\Prefetch
2008-11-26 22:14:16 ----D---- C:\Windows\System32
2008-11-26 22:14:16 ----D---- C:\Windows\inf
2008-11-26 22:14:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-26 21:50:52 ----D---- C:\Windows\system32\catroot2
2008-11-26 21:09:33 ----D---- C:\WINDOWS
2008-11-26 19:39:56 ----D---- C:\Windows\system32\drivers
2008-11-26 19:37:57 ----RD---- C:\Program Files
2008-11-26 19:37:41 ----SD---- C:\Windows\Downloaded Program Files
2008-11-26 18:35:33 ----D---- C:\Windows\system32\Tasks
2008-11-26 18:34:17 ----D---- C:\Program Files\Mozilla Firefox
2008-11-26 17:00:34 ----SHD---- C:\System Volume Information
2008-11-26 16:51:15 ----HD---- C:\ProgramData
2008-11-26 11:52:10 ----D---- C:\Windows\winsxs
2008-11-26 10:16:47 ----D---- C:\Windows\system32\catroot
2008-11-25 23:25:31 ----SHD---- C:\Windows\Installer
2008-11-24 18:27:55 ----D---- C:\Users\Utilisateur\AppData\Roaming\Skype
2008-11-24 18:25:40 ----RSD---- C:\Windows\assembly
2008-11-24 18:25:15 ----RSD---- C:\Windows\Fonts
2008-11-24 18:24:44 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-11-24 18:16:09 ----D---- C:\Program Files\KeePass Password Safe
2008-11-24 17:11:40 ----D---- C:\ProgramData\Adobe
2008-11-24 17:11:00 ----D---- C:\Program Files\Common Files
2008-11-24 15:54:13 ----D---- C:\Users\Utilisateur\AppData\Roaming\OpenOffice.org2
2008-11-22 13:29:51 ----SD---- C:\ProgramData\Microsoft
2008-11-22 13:29:48 ----SD---- C:\Users\Utilisateur\AppData\Roaming\Microsoft
2008-11-21 18:15:35 ----D---- C:\Windows\system32\LogFiles
2008-11-21 17:43:21 ----D---- C:\Users\Utilisateur\AppData\Roaming\CyberLink
2008-11-21 13:15:14 ----D---- C:\Program Files\Windows Live Safety Center
2008-11-19 14:15:44 ----D---- C:\Windows\Tasks
2008-11-19 11:22:40 ----D---- C:\Windows\system32\Macromed
2008-11-19 00:32:01 ----A---- C:\Windows\system32\jusched.exe
2008-11-19 00:32:01 ----A---- C:\Windows\system32\jureg.exe
2008-11-19 00:32:01 ----A---- C:\Windows\system32\jucheck.exe
2008-11-14 11:33:15 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-14 11:27:22 ----D---- C:\Program Files\Intel
2008-11-14 11:07:55 ----A---- C:\Windows\DIFxAPI.dll
2008-11-14 11:00:40 ----D---- C:\ProgramData\NVIDIA
2008-11-13 19:10:09 ----D---- C:\Program Files\Orange
2008-11-13 18:22:51 ----RD---- C:\Program Files\Online Services
2008-11-12 21:02:19 ----D---- C:\Windows\Debug
2008-11-12 17:29:59 ----D---- C:\ProgramData\Microsoft Help
2008-11-04 18:19:22 ----D---- C:\Windows\system32\WDI
2008-11-04 01:10:25 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; ??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-25 75072]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2008-11-26 97808]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2008-11-26 25104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 avgntflt;avgntflt; ??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 BOCDRIVE;BOClean Kernel Monitor.; ??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [2007-04-17 15376]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys [2008-11-26 72720]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-03-06 41376]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-10-07 7380896]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-03-06 491168]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-10-03 99840]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 driverhardwarev2;driverhardwarev2; ??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-11-17 15360]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d’horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 BOCore;BOCore; C:\Program Files\Comodo\CBOClean\BOCORE.exe [2007-08-07 69632]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2008-11-26 618232]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-09-12 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-07 203296]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-11-17 195752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------


Le second:

info.txt logfile of random’s system information tool 1.04 2008-11-26 22:59:14

======Uninstall list======

–>“C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe”
–>“C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe”
–>“C:\Program Files\HP Games\Blasterball 3\Uninstall.exe”
–>“C:\Program Files\HP Games\Bricks of Egypt\Uninstall.exe”
–>“C:\Program Files\HP Games\Chicken Invaders 3 - Revenge of the Yolk\Uninstall.exe”
–>“C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe”
–>“C:\Program Files\HP Games\Crystal Maze\Uninstall.exe”
–>“C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe”
–>“C:\Program Files\HP Games\Diner Dash\Uninstall.exe”
–>“C:\Program Files\HP Games\FATE\Uninstall.exe”
–>“C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe”
–>“C:\Program Files\HP Games\Gem Shop\Uninstall.exe”
–>“C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe”
–>“C:\Program Files\HP Games\Jewel Quest\Uninstall.exe”
–>“C:\Program Files\HP Games\Magic Academy\Uninstall.exe”
–>“C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe”
–>“C:\Program Files\HP Games\My HP Game Console\Uninstall.exe”
–>“C:\Program Files\HP Games\Ocean Express\Uninstall.exe”
–>“C:\Program Files\HP Games\Peggle\Uninstall.exe”
–>“C:\Program Files\HP Games\Penguins!\Uninstall.exe”
–>“C:\Program Files\HP Games\Polar Bowler\Uninstall.exe”
–>“C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe”
–>“C:\Program Files\HP Games\Polar Golfer\Uninstall.exe”
–>“C:\Program Files\HP Games\Puzzle Express\Uninstall.exe”
–>“C:\Program Files\HP Games\Shooting Stars Pool\Uninstall.exe”
–>“C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe”
–>“C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe”
–>“C:\Program Files\HP Games\Super Granny\Uninstall.exe”
–>“C:\Program Files\HP Games\Tradewinds\Uninstall.exe”
–>“C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe”
–>“C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe”
–>MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites–>“C:\ProgramData{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}\Microsoft Office Activation Assistant.exe” REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX–>C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
ANPSEDIC–>MsiExec.exe /X{5A682D37-E093-40A0-BF74-A4A6D1861B92}
Assistant de connexion Windows Live–>MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Avira AntiVir Personal - Free Antivirus–>C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BOClean–>C:\Windows\UNBOC.EXE
Bonjour–>MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon MP150–>“C:\Windows\system32\CanonMP Uninstaller Information{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe” /U:{CA9A3609-3ECC-4574-8824-A8161A71A603} /L0x000c
CCleaner (remove only)–>“C:\Program Files\CCleaner\uninst.exe”
COMODO Internet Security–>C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -u
COMODO SafeSurf–>C:\Program Files\COMODO\SafeSurf\cssconfg.exe -u
CyberLink DVD Suite Deluxe–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe” -uninstall
eMule–>“C:\Program Files\eMule\Uninstall.exe”
ESET Online Scanner–>C:\Windows\system32\OnlineScannerUninstaller.exe
filehippo.com Update Checker–>“C:\Program Files\filehippo.com\uninstall.exe”
Glary Utilities 2.8.0.366–>“C:\Program Files\Glary Utilities\unins000.exe”
Grisbi 0.5.9–>C:\Program Files\Grisbi\uninstall.exe
Hewlett-Packard Active Check–>MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check–>MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2–>“C:\Program Files\Trend Micro\HijackThis\HijackThis.exe” /uninstall
HP Customer Experience Enhancements–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{C8D47273-7A1A-4614-A3D8-263632D8A5ED}\setup.exe” -l0x9 -removeonly
HP Customer Feedback–>MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Easy Setup - Frontend–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}\setup.exe” -l0x9 -removeonly
HP On-Screen Cap/Num/Scroll Lock Indicator–>C:\Windows\system32\OsdRemove.exe
HP Photosmart Essential 2.5–>C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Picasso Media Center Add-In–>MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
HP Total Care Advisor–>MsiExec.exe /X{fef8097e-662d-49b3-aa77-2919db3746d7}
HP Update–>MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Intel® Matrix Storage Manager–>C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java™ 6 Update 10–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
KeePass Password Safe 1.14–>“C:\Program Files\KeePass Password Safe\unins000.exe”
LabelPrint–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe” -uninstall
Labtec WebCam–>MsiExec.exe /X{995BF1A7-30E5-49E5-A0E4-AD3213D9E330}
LightScribe System Software 1.10.23.1–>MsiExec.exe /X{0E19A83E-F53B-40CF-8C91-96F32D955E6A}
Logitech Audio Echo Cancellation Component–>MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Video Enumerator–>MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
LogonStudio Vista–>C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\INSTALL.LOG
Ma-Config.com–>MsiExec.exe /X{3A4EE7A4-356E-43B7-A4A3-9C55B22A05B3}
Malwarebytes’ Anti-Malware–>“C:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
MaxiCompte–>“C:\Program Files\MaxiCompte\unins000.exe”
Microsoft Office Excel MUI (French) 2007–>MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007–>MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)–>msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007–>MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007–>MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)–>MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007–>MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007–>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007–>MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007–>MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007–>MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Reader Text-to-Speech pour le français–>MsiExec.exe /X{6F1547AA-8DA7-4FAC-BA11-BE1659E7086E}
Microsoft Reader–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe” -L0x40c
Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works–>MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Module de compatibilité pour Microsoft Office System 2007–>MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.4)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)–>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)–>MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 6.1–>C:\Program Files\InstallShield Installation Information{5115C036-C0D5-4E1B-81C9-542CA967478A}\muveesetup.exe -removeonly -runfromtemp
MVision–>MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
My HP Games–>“C:\Program Files\HP Games\Uninstall.exe”
NVIDIA Drivers–>C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04–>MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenOffice.org 3.0–>MsiExec.exe /I{92B79901-C57D-409F-8D2F-4E5337383569}
Opera 9.62–>MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Outils de diagnostic du matériel–>C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Panda ActiveScan 2.0–>C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Power2Go–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe” -uninstall
PowerDirector–>“C:\Program Files\InstallShield Installation Information{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe” /z-uninstall
Programme de gestion Camera de Labtec®–>“C:\Program Files\Common Files\Labtec\QCDRV\BIN\SETUP.EXE” UNINSTALL REMOVEPROMPT
Python 2.5–>MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA}
Security Update for 2007 Microsoft Office System (KB951550)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Skype™ 3.8–>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Solution de clavier multimédia amélioré–>C:\HP\KBD\Install.exe /u
Tgl0beSCRIPT 9.3–>C:\Tgl0beSCRIPT\uninst.exe
Ubuntu–>C:\ubuntu\Uninstall-Ubuntu.exe
Update for Microsoft Office Excel 2007 Help (KB957242)–>msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Version d’évaluation de Microsoft Office Home and Student 2007–>“C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall HOMESTUDENTR /dll OSETUP.DLL
VLC media player 0.9.6–>C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer–>MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger–>MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner–>“C:\Program Files\Windows Live Safety Center\UnInstall.exe”
Windows Live OneCare safety scanner–>MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}

======Security center information======

FW: COMODO Firewall
AS: Windows Defender (disabled)

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
“PROCESSOR_ARCHITECTURE”=x86
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“USERNAME”=SYSTEM
“windir”=%SystemRoot%
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 15 Stepping 13, GenuineIntel
“PROCESSOR_REVISION”=0f0d
“NUMBER_OF_PROCESSORS”=2
“PLATFORM”=HPD
“PCBRAND”=Pavilion
“OnlineServices”=Online Services

-----------------EOF-----------------

Re,

Télécharge JavaRa.zip sur ton Bureau

* Crée un dossier sur ton Bureau nommé JavaRa
* Extrait le contenu de JavaRa.exe et gpl-2.0.txt dans le dossier JavaRa crée précédemment
* Execute JavaRa, séléctionne English dans la fenêtre Languages puis clique sur "Select"
* Clique sur Search For Updates puis, dans la fenêtre qui apparaît sélectionne Updates Using jucheck.exe, clique sur "Search"
* Une fenêtre pour installer Java apparaît, suis les instructions en évitant d'installer Yahoo! Toolbar
* Quand cela est fait, clique sur "Remove older versions" pour supprimer les anciennes version de Java

Aide: Le tutoriel sur Libellules.ch

Effectue un scan de vulnérabilité : Scan

Re,

Concernant JavaRa au niveau de Using jucheck.exe , j’ai le message m’informant que je dispose de la plateforme la plus récente.


Concernant secunia, perso, j'utilise filehippo.com Update Checker (avant j'utilisais secunia) et j'ai fait un test avec filehippo un peu plus tôt dans la journée.
Quoi qu'il en soit, le test secunia est bon : tout ce qui a été évalué est de couleur verte.

Re,

Tu passe cette étape .pas trop grave.

COMBOFIX

Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts…

Fais exactement ce qui suit :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :

Fais un clic droit sur ce lien et choisis “enregistrer la cible sous …” : dans la fenêtre qui s’ouvre tape C-Fix, choisis le bureau comme destination et valide :

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis…)

—> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre…

Tuto ici : TUTO

Ensuite :

Double-clique sur C-Fix.exe (= combofix.exe ) .

Appuie sur une touche pour démarrer le scan .

Attention : n’utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l’ordi —> si un message d’erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer[/color]

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

Ensuite tu refait un RSIT tout neuf.

Detection Statistics:
11 Applications Detected in Total
0 Insecure Versions Detected
11 Patched Versions Detected

Errors with the scan:
0 Errors Detected, scan result should be correct

Status / Currently Processing:
Detection completed successfully

Re,

Aussi tu as combien d’antivirus?

@+

1 seul antivirus : Antivir
Comodo : parefeu + BOClean + SafeSurf
Antispyware : MAM + Windows Defender

Je sais pas si c’est important mais je suis en compte limité. Dois-je passer sur le compte administrateur ou est-ce que je peux tout lancer à partir de mon compte limité ?

Re,

Tu as eu ou fait un scan avec panda.

Tu le lance du compte administrateur.

@+

Oui, j’ai fait un scan avec panda qui m’a trouvé les spyware cités dans mon premier message.

Je quitte et reviens à la fin de la procédure.

C’est fait ! Rapport ComboFix :

ComboFix 08-11-26.03 - Utilisateur 2008-11-26 23:52:06.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2154 [GMT 1:00]
Lancé depuis: c:\users\Utilisateur\Desktop\C-Fix.exe

  • Un nouveau point de restauration a été créé
    .

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-26 au 2008-11-26 ))))))))))))))))))))))))))))))))))))
.

2008-11-26 22:59 . 2008-11-26 22:59 d-------- C:\rsit
2008-11-26 19:38 . 2008-06-19 17:24 28,544 --a------ c:\windows\System32\drivers\pavboot.sys
2008-11-26 19:37 . 2008-11-26 19:37 d-------- c:\program files\Panda Security
2008-11-26 19:17 . 2008-11-26 19:31 d-------- c:\windows\BDOSCAN8
2008-11-26 16:51 . 2008-11-26 17:52 d-------- c:\users\All Users\comodo
2008-11-26 16:51 . 2008-11-26 17:52 d-------- c:\programdata\comodo
2008-11-26 16:51 . 2008-11-26 16:58 143,096 --a------ c:\windows\System32\guard32.dll
2008-11-26 16:51 . 2008-11-26 16:58 97,808 --a------ c:\windows\System32\drivers\cmdguard.sys
2008-11-26 16:51 . 2008-11-26 16:58 25,104 --a------ c:\windows\System32\drivers\cmdhlp.sys
2008-11-26 10:27 . 2008-11-26 11:49 d-------- c:\program files\EsetOnlineScanner
2008-11-26 10:16 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-26 10:16 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-26 10:16 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-26 10:16 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-26 10:16 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-25 18:47 . 2008-11-25 23:33 d-------- c:\users\Alexis\AppData\Roaming\dvdcss
2008-11-25 13:05 . 2008-11-25 13:05 d-------- c:\users\Utilisateur\AppData\Roaming\Apple Computer
2008-11-25 13:04 . 2008-11-25 13:04 d-------- c:\users\All Users\Apple
2008-11-25 13:04 . 2008-11-25 13:04 d-------- c:\programdata\Apple
2008-11-25 13:04 . 2008-11-25 13:04 d-------- c:\program files\Bonjour
2008-11-24 23:14 . 2008-11-24 23:15 d-------- c:\users\Alexis\AppData\Roaming\vlc
2008-11-24 23:06 . 2008-11-24 23:14 d-------- c:\users\Utilisateur\AppData\Roaming\vlc
2008-11-24 18:45 . 2008-11-24 18:45 d-------- c:\users\Alexis\AppData\Roaming\OpenOffice.org
2008-11-24 18:36 . 2008-11-24 18:36 d-------- c:\users\Alexis\AppData\Roaming\KeePass
2008-11-24 18:25 . 2008-11-24 18:25 d-------- c:\program files\OpenOffice.org 3
2008-11-24 18:14 . 2008-11-24 18:14 d-------- c:\users\Utilisateur\AppData\Roaming\eMule
2008-11-24 18:04 . 2008-11-24 18:04 d-------- c:\program files\filehippo.com
2008-11-24 17:23 . 2008-11-24 17:23 d-------- c:\program files\Java
2008-11-24 17:11 . 2008-11-24 17:11 d-------- c:\program files\Common Files\Adobe
2008-11-22 18:58 . 2008-10-27 18:37 192,307 --a------ C:\wubildr
2008-11-22 18:58 . 2008-10-27 18:37 8,192 --a------ C:\wubildr.mbr
2008-11-22 18:52 . 2008-11-22 18:52 d-------- C:\ubuntu
2008-11-20 19:18 . 2008-11-20 19:19 d-------- c:\program files\Microsoft IntelliType Pro
2008-11-19 15:05 . 2008-11-19 15:06 d-------- c:\users\Alexis.housecall6.6
2008-11-19 13:36 . 2008-11-26 17:49 d-------- c:\users\All Users\BOC425
2008-11-19 13:36 . 2008-11-26 17:49 d-------- c:\programdata\BOC425
2008-11-19 13:36 . 2007-08-08 20:02 235,008 --a------ c:\windows\UNBOC.EXE
2008-11-19 13:36 . 2007-05-08 17:01 208,896 --a------ c:\windows\CMDLIC.DLL
2008-11-19 13:36 . 2008-01-19 08:37 15,360 --a------ c:\windows\System32\wsock32.dlb
2008-11-19 13:36 . 2008-11-26 11:51 383 --a------ c:\windows\BOC425.INI
2008-11-18 23:24 . 2008-11-19 13:21 d-------- c:\program files\BHODemon 2
2008-11-18 22:23 . 2008-11-18 22:23 d-------- c:\windows\Sun
2008-11-18 22:22 . 2008-11-24 17:23 410,976 --a------ c:\windows\System32\deploytk.dll
2008-11-17 21:54 . 2008-11-17 21:54 28,812,800 --a------ c:\windows\System32\imageres.dll
2008-11-17 21:26 . 2008-11-17 21:26 d-------- c:\users\All Users\Stardock
2008-11-17 21:26 . 2008-11-17 21:26 d-------- c:\programdata\Stardock
2008-11-17 21:26 . 2007-06-05 11:26 567,040 --a------ c:\windows\System32\wbocx.ocx
2008-11-17 21:26 . 2007-06-05 11:26 56,496 --a------ c:\windows\System32\wbhelp2.dll
2008-11-17 21:18 . 2008-11-17 21:18 2,560 --a------ c:\windows_MSRSTRT.EXE
2008-11-17 21:11 . 2008-11-17 21:11 0 --------- c:\windows\WB.ini
2008-11-17 21:10 . 2008-11-17 21:10 29 --a------ c:\windows.wb4
2008-11-17 21:09 . 2008-11-17 21:09 d-------- c:\program files\Stardock
2008-11-17 21:09 . 2008-04-26 16:14 58,792 --------- c:\windows\System32\wbload.dll
2008-11-17 21:09 . 2008-04-26 16:14 42,672 --------- c:\windows\System32\wbsys.dll
2008-11-17 21:00 . 2008-11-24 22:44 d-------- c:\users\Alexis\AppData\Roaming\Vista Start Menu
2008-11-16 22:04 . 2008-11-16 22:04 d-------- c:\program files\Opera
2008-11-16 15:51 . 2008-11-26 17:49 d-------- c:\program files\SyllabiK
2008-11-15 19:50 . 2008-11-25 22:22 d-------- C:\Tgl0beSCRIPT
2008-11-14 17:18 . 2008-11-18 16:53 d-------- c:\program files\CCleaner
2008-11-14 17:08 . 2008-11-14 17:08 d-------- c:\program files\Glary Utilities
2008-11-14 11:33 . 2008-11-14 11:33 d-------- c:\users\Utilisateur\AppData\Roaming\InstallShield
2008-11-14 11:33 . 2008-09-12 13:32 327,192 --a------ c:\windows\System32\drivers\iaStor.sys
2008-11-14 11:33 . 2006-11-10 09:25 319,456 --a------ c:\windows\System32\difxapi.dll
2008-11-14 11:27 . 2008-05-01 16:35 53,248 --a------ c:\windows\System32\CSVer.dll
2008-11-14 11:26 . 2008-11-14 11:26 d-------- C:\Intel
2008-11-14 11:07 . 2008-11-14 11:16 d–h----- c:\program files\Temp
2008-11-14 10:56 . 2008-11-14 10:56 d-------- c:\windows\System32\AGEIA
2008-11-14 10:56 . 2008-11-14 10:56 d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-14 10:56 . 2008-11-14 10:56 d-------- c:\program files\AGEIA Technologies
2008-11-14 10:53 . 2008-11-14 10:53 d-------- C:\NVIDIA
2008-11-14 10:43 . 2008-11-24 19:41 d-------- c:\users\All Users\ma-config.com
2008-11-14 10:43 . 2008-11-24 19:41 d-------- c:\programdata\ma-config.com
2008-11-14 10:43 . 2008-11-24 19:41 d-------- c:\program files\ma-config.com
2008-11-12 14:41 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-12 14:41 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-12 14:41 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-09 19:39 . 2008-11-09 19:39 d-------- c:\users\Alexis\AppData\Roaming\Malwarebytes
2008-11-09 19:32 . 2008-11-09 19:32 d-------- c:\program files\Trend Micro
2008-11-09 19:19 . 2008-11-09 19:19 d-------- c:\users\Alexis\AppData\Roaming\Comodo
2008-11-09 19:12 . 2008-11-19 13:19 d-------- c:\users\Alexis\AppData\Roaming\Spyware Terminator
2008-11-09 18:58 . 2008-11-24 15:51 d-------- c:\users\Utilisateur\AppData\Roaming\Comodo
2008-11-09 17:33 . 2008-11-09 17:33 d-------- c:\users\Utilisateur\AppData\Roaming\Malwarebytes
2008-11-09 17:33 . 2008-11-09 17:33 d-------- c:\users\All Users\Malwarebytes
2008-11-09 17:33 . 2008-11-09 17:33 d-------- c:\programdata\Malwarebytes
2008-11-09 17:33 . 2008-11-13 15:01 d-------- c:\program files\Malwarebytes’ Anti-Malware
2008-11-09 17:33 . 2008-10-22 16:10 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-11-09 17:33 . 2008-10-22 16:10 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-11-09 16:47 . 2008-11-26 17:01 249,592 --a------ c:\windows\System32\cssdll32.dll
2008-11-09 16:45 . 2008-11-26 17:01 d-------- c:\program files\COMODO
2008-11-09 16:34 . 2008-11-09 16:34 507,904 --a------ c:\windows\TMUPDATE.DLL
2008-11-09 16:34 . 2008-11-09 16:34 286,720 --a------ c:\windows\PATCH.EXE
2008-11-09 16:34 . 2008-11-09 16:34 69,689 --a------ c:\windows\UNZIP.DLL
2008-11-09 15:20 . 2008-11-09 15:20 d-------- c:\users\All Users\Avira
2008-11-09 15:20 . 2008-11-09 15:20 d-------- c:\programdata\Avira
2008-11-09 15:20 . 2008-11-09 15:20 d-------- c:\program files\Avira
2008-11-03 15:03 . 2008-11-03 15:03 d-------- c:\users\All Users\WindowsSearch
2008-11-03 15:03 . 2008-11-03 15:03 d-------- c:\programdata\WindowsSearch
2008-10-28 20:53 . 2008-08-12 04:39 443,392 --a------ c:\windows\System32\win32spl.dll
2008-10-28 20:53 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-10-28 20:53 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-24 17:27 --------- d-----w c:\users\Utilisateur\AppData\Roaming\Skype
2008-11-24 17:24 --------- d-----w c:\program files\OpenOffice.org 2.4
2008-11-24 17:16 --------- d-----w c:\program files\KeePass Password Safe
2008-11-24 14:54 --------- d-----w c:\users\Utilisateur\AppData\Roaming\OpenOffice.org2
2008-11-22 15:32 --------- d-----w c:\users\Alexis\AppData\Roaming\OpenOffice.org2
2008-11-21 21:25 --------- d-----w c:\users\Alexis\AppData\Roaming\Skype
2008-11-21 20:22 --------- d-----w c:\users\Alexis\AppData\Roaming\skypePM
2008-11-21 16:43 --------- d-----w c:\users\Utilisateur\AppData\Roaming\CyberLink
2008-11-21 12:15 --------- d-----w c:\program files\Windows Live Safety Center
2008-11-18 23:32 54,680 ----a-w c:\windows\System32\jureg.exe
2008-11-18 23:32 382,384 ----a-w c:\windows\System32\jucheck.exe
2008-11-18 23:32 136,600 ----a-w c:\windows\System32\jusched.exe
2008-11-14 10:33 --------- d–h--w c:\program files\InstallShield Installation Information
2008-11-14 10:27 --------- d-----w c:\program files\Intel
2008-11-14 10:07 319,456 ----a-w c:\windows\DIFxAPI.dll
2008-11-14 10:00 --------- d-----w c:\programdata\NVIDIA
2008-11-13 18:10 --------- d-----w c:\program files\Orange
2008-11-12 16:29 --------- d-----w c:\programdata\Microsoft Help
2008-10-24 11:54 --------- d-----w c:\program files\Common Files\L&H
2008-10-24 11:53 --------- d-----w c:\program files\Microsoft Reader
2008-10-23 14:59 --------- d-----w c:\programdata\Skype
2008-10-23 14:59 --------- d-----w c:\program files\Skype
2008-10-23 14:59 --------- d-----w c:\program files\Common Files\Skype
2008-10-22 01:03 --------- d-----w c:\program files\MSXML 4.0
2008-10-21 17:19 56 —ha-w c:\users\All Users\ezsidmv.dat
2008-10-21 17:19 56 —ha-w c:\programdata\ezsidmv.dat
2008-10-21 16:53 --------- d-----w c:\program files\Labtec
2008-10-21 16:53 --------- d-----w c:\program files\Common Files\LogiShrd
2008-10-21 16:53 --------- d-----w c:\program files\Common Files\Labtec
2008-10-20 22:01 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-17 01:02 --------- d-----w c:\program files\Windows Mail
2008-10-02 09:07 453,152 ----a-w c:\windows\System32\nvuninst.exe
2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-09-04 12:25 170 ----a-w c:\users\Alexis\AppData\Roaming\wklnhst.dat
2008-09-04 08:31 288,024 ----a-w c:\windows\System32\PhysXCplUI.exe
2008-08-29 09:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-08-29 08:53 65,536 ----a-w c:\windows\System32\jdns_sd.dll
2008-08-29 08:53 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-08-29 07:57 70,936 ----a-w c:\windows\System32\PhysXLoader.dll
2008-08-01 20:30 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
filehippo.com”=“c:\program files\filehippo.com\UpdateChecker.exe” [2008-10-22 147968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“hpsysdrv”=“c:\hp\support\hpsysdrv.exe” [2007-04-18 65536]
“KBD”=“c:\hp\KBD\KbdStub.EXE” [2006-12-08 65536]
“IAAnotif”=“c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe” [2008-09-12 182808]
“SunJavaUpdateReg”=“c:\windows\system32\jureg.exe” [2008-11-19 54680]
“LogitechCommunicationsManager”=“c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe” [2007-03-06 488984]
“avgnt”=“c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” [2008-06-12 266497]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2008-10-07 13584928]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2008-10-07 92704]
“BOC-425”=“c:\progra~1\Comodo\CBOClean\BOC425.exe” [2007-08-08 338432]
“itype”=“c:\program files\Microsoft IntelliType Pro\itype.exe” [2007-08-31 988584]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2008-06-12 34672]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2008-11-24 136600]
“COMODO SafeSurf”=“c:\program files\COMODO\SafeSurf\cssurf.exe” [2008-11-26 278264]
“COMODO Internet Security”=“c:\program files\COMODO\COMODO Internet Security\cfp.exe” [2008-11-26 1796856]

c:\users\Alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“EnableUIADesktopToggle”= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
“EnableShellExecuteHooks”= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”= c:\windows\system32\cssdll32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“msacm.l3codecp”= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe”

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
“DisableMonitoring”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
“{CF04EFCF-974A-4373-983A-FE10CDBBB393}”= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
“{C45D3B7E-968C-4E97-86CC-FB9EBC70141D}”= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
“TCP Query User{E7429429-198E-4AA0-8B04-2FBB99061FD5}c:\program files\emule\emule.exe”= UDP:c:\program files\emule\emule.exe:eMule
“UDP Query User{471D95DB-0CA3-4398-9DB6-CEBA287294AD}c:\program files\emule\emule.exe”= TCP:c:\program files\emule\emule.exe:eMule
“{9AF44E97-9416-4CCD-B328-ABF8BCA3DD32}”= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
“{5D11B9C5-FC29-4F8B-A794-C020637C4F0D}”= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
“{BA43B452-C8A0-4B51-8267-422907A73D7D}”= c:\program files\Skype\Phone\Skype.exe:Skype
“{6422C8C7-108C-485A-8B4B-4AAB7D4527E0}”= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
“{3D0C7757-863B-4352-BC19-58907804917A}”= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
“TCP Query User{68D269F3-94FA-4FE3-871F-F03D6CA7E43D}c:\program files\syllabik\mirc.exe”= UDP:c:\program files\syllabik\mirc.exe:mIRC
“UDP Query User{E66027FB-1A92-4830-96A5-66D5A30254E0}c:\program files\syllabik\mirc.exe”= TCP:c:\program files\syllabik\mirc.exe:mIRC
“{345CD8B9-4F12-4F98-B034-EDD50EFE4395}”= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
“{F52330EC-B972-49DA-88D6-DC8613DA8575}”= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
“{AE169F67-FC0A-4677-839E-5865F7488005}”= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
“{7D56DE26-389B-4729-8825-2F22EE9E59CB}”= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

[HKLM~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
“EnableFirewall”= 0 (0x0)

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-11-26 28544]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-11-26 97808]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-11-26 25104]
S3 maconfservice;Ma-Config Service;“c:\program files\ma-config.com\maconfservice.exe” [2008-11-17 195752]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2008-08-01 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCASp50.sys [2008-08-01 27072]

Newly Created Service - PROCEXP90
.
Contenu du dossier ‘Tâches planifiées’

2008-11-26 c:\windows\Tasks\GlaryInitialize.job

  • c:\program files\Glary Utilities\initialize.exe [2008-10-29 17:58]

2008-11-20 c:\windows\Tasks\HPCeeScheduleForAlexis.job

  • c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-12-06 12:10]

2008-11-26 c:\windows\Tasks\User_Feed_Synchronization-{3AA60397-4C53-45F3-B4EF-C1C596595925}.job

  • c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]
    .
    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\erqhfpww.default
    FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
    FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
    FF -: plugin - c:\program files\ma-config.com\nphardwaredetection.dll
    FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
    FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
    .

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2008-11-26 23:53:41
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0


.
--------------------- DLLs chargées dans les processus actifs ---------------------

              • ‘winlogon.exe’(864)
                c:\windows\system32\cssdll32.dll

              • ‘lsass.exe’(696)
                c:\windows\system32\cssdll32.dll
                .
                Heure de fin: 2008-11-26 23:54:28
                ComboFix-quarantined-files.txt 2008-11-26 22:54:25

Avant-CF: 249 156 177 920 octets libres
Après-CF: 249,125,515,264 octets libres

260 — E O F — 2008-11-26 10:52:22


Et celui de RIST :

Logfile of random’s system information tool 1.04 (written by random/random)
Run by Utilisateur at 2008-11-27 00:10:32
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 238 GB (71%) free of 333 GB
Total RAM: 3071 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:10:34, on 27/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\jureg.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\COMODO\CBOClean\BOC425.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\WINDOWS\Speech\Common\sapisvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Internet Explorer\IEUser.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Alexis\Desktop\RSIT.exe
C:\Users\Utilisateur\Desktop\Utilisateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM…\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM…\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM…\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM…\Run: [SunJavaUpdateReg] “C:\Windows\system32\jureg.exe”
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKLM…\Run: [itype] “C:\Program Files\Microsoft IntelliType Pro\itype.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [COMODO SafeSurf] “C:\Program Files\COMODO\SafeSurf\cssurf.exe” -s
O4 - HKLM…\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKCU…\Run: [filehippo.com] “C:\Program Files\filehippo.com\UpdateChecker.exe” /background
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [Speech Recognition] “C:\Windows\Speech\Common\sapisvr.exe” -SpeechUX -Startup (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [MsnMsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User ‘Alexis’)
O4 - HKUS\S-1-5-21-4116081982-3728781140-3913541649-1001…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O4 - S-1-5-21-4116081982-3728781140-3913541649-1001 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User ‘Alexis’)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE…
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: www.orange.fr…
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - acs.pandasoftware.com…
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - cdn.scan.onecare.live.com…
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - www.eset.eu…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\cssdll32.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe


End of file - 8596 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\HPCeeScheduleForAlexis.job
C:\Windows\tasks\User_Feed_Synchronization-{3AA60397-4C53-45F3-B4EF-C1C596595925}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-24 34816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“hpsysdrv”=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
“KBD”=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
“IAAnotif”=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-09-12 182808]
“SunJavaUpdateReg”=C:\Windows\system32\jureg.exe [2008-11-19 54680]
“LogitechCommunicationsManager”=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-03-06 488984]
“avgnt”=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
“NvCplDaemon”=C:\Windows\system32\NvCpl.dll [2008-10-07 13584928]
“NvMediaCenter”=C:\Windows\system32\NvMcTray.dll [2008-10-07 92704]
“BOC-425”=C:\PROGRA~1\Comodo\CBOClean\BOC425.exe [2007-08-08 338432]
“itype”=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2007-08-31 988584]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-24 136600]
“COMODO SafeSurf”=C:\Program Files\COMODO\SafeSurf\cssurf.exe [2008-11-26 278264]
“COMODO Internet Security”=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2008-11-26 1796856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
filehippo.com”=C:\Program Files\filehippo.com\UpdateChecker.exe [2008-10-22 147968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=" C:\Windows\system32\cssdll32.dll"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“EnableShellExecuteHooks”=
“NoDriveTypeAutoRun”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-11-26 23:54:30 ----D---- C:\Windows\temp
2008-11-26 23:54:29 ----A---- C:\ComboFix.txt
2008-11-26 23:50:33 ----A---- C:\Windows\zip.exe
2008-11-26 23:50:33 ----A---- C:\Windows\VFIND.exe
2008-11-26 23:50:33 ----A---- C:\Windows\SWXCACLS.exe
2008-11-26 23:50:33 ----A---- C:\Windows\SWSC.exe
2008-11-26 23:50:33 ----A---- C:\Windows\SWREG.exe
2008-11-26 23:50:33 ----A---- C:\Windows\sed.exe
2008-11-26 23:50:33 ----A---- C:\Windows\NIRCMD.exe
2008-11-26 23:50:33 ----A---- C:\Windows\grep.exe
2008-11-26 23:50:33 ----A---- C:\Windows\fdsv.exe
2008-11-26 23:50:31 ----D---- C:\Windows\ERDNT
2008-11-26 23:50:31 ----D---- C:\Qoobox
2008-11-26 23:50:31 ----D---- C:\C-Fix
2008-11-26 22:59:08 ----D---- C:\rsit
2008-11-26 19:37:57 ----D---- C:\Program Files\Panda Security
2008-11-26 19:17:57 ----D---- C:\Windows\BDOSCAN8
2008-11-26 16:51:15 ----D---- C:\ProgramData\comodo
2008-11-26 16:51:15 ----A---- C:\Windows\system32\guard32.dll
2008-11-26 10:27:54 ----D---- C:\Program Files\EsetOnlineScanner
2008-11-26 10:16:52 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 10:16:51 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 10:16:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-11-26 10:16:51 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 10:16:50 ----A---- C:\Windows\system32\connect.dll
2008-11-25 23:25:25 ----SHD---- C:\Config.Msi
2008-11-25 13:05:17 ----D---- C:\Users\Utilisateur\AppData\Roaming\Apple Computer
2008-11-25 13:04:09 ----D---- C:\Program Files\Bonjour
2008-11-25 13:04:02 ----D---- C:\ProgramData\Apple
2008-11-24 23:06:10 ----D---- C:\Users\Utilisateur\AppData\Roaming\vlc
2008-11-24 18:25:05 ----D---- C:\Program Files\OpenOffice.org 3
2008-11-24 18:14:55 ----D---- C:\Users\Utilisateur\AppData\Roaming\eMule
2008-11-24 18:04:19 ----D---- C:\Program Files\filehippo.com
2008-11-24 17:23:32 ----A---- C:\Windows\system32\javaws.exe
2008-11-24 17:23:32 ----A---- C:\Windows\system32\javaw.exe
2008-11-24 17:23:32 ----A---- C:\Windows\system32\java.exe
2008-11-24 17:23:19 ----D---- C:\Program Files\Java
2008-11-24 17:11:00 ----D---- C:\Program Files\Common Files\Adobe
2008-11-22 18:52:54 ----D---- C:\ubuntu
2008-11-20 19:18:58 ----D---- C:\Program Files\Microsoft IntelliType Pro
2008-11-19 13:36:46 ----A---- C:\Windows\UNBOC.EXE
2008-11-19 13:36:45 ----A---- C:\Windows\CMDLIC.DLL
2008-11-19 13:36:39 ----D---- C:\ProgramData\BOC425
2008-11-19 13:36:35 ----A---- C:\Windows\BOC425.INI
2008-11-18 23:24:08 ----D---- C:\Program Files\BHODemon 2
2008-11-18 22:23:54 ----D---- C:\Windows\Sun
2008-11-18 22:22:47 ----A---- C:\Windows\system32\deploytk.dll
2008-11-17 21:54:28 ----A---- C:\Windows\system32\imageres.dll
2008-11-17 21:26:24 ----D---- C:\ProgramData\Stardock
2008-11-17 21:26:11 ----A---- C:\Windows\system32\wbhelp2.dll
2008-11-17 21:18:49 ----A---- C:\Windows_MSRSTRT.EXE
2008-11-17 21:11:29 ----N---- C:\Windows\WB.ini
2008-11-17 21:09:05 ----N---- C:\Windows\system32\wbload.dll
2008-11-17 21:09:04 ----N---- C:\Windows\system32\wbsys.dll
2008-11-17 21:09:04 ----D---- C:\Program Files\Stardock
2008-11-17 00:49:52 ----D---- C:\Program Files\Adobe
2008-11-16 22:04:33 ----D---- C:\Users\Utilisateur\AppData\Roaming\Opera
2008-11-16 22:04:05 ----D---- C:\Program Files\Opera
2008-11-16 15:51:00 ----D---- C:\Program Files\SyllabiK
2008-11-15 19:50:51 ----D---- C:\Tgl0beSCRIPT
2008-11-14 17:18:19 ----D---- C:\Program Files\CCleaner
2008-11-14 17:08:06 ----D---- C:\Program Files\Glary Utilities
2008-11-14 11:33:39 ----A---- C:\Windows\system32\difxapi.dll
2008-11-14 11:33:14 ----D---- C:\Users\Utilisateur\AppData\Roaming\InstallShield
2008-11-14 11:27:22 ----A---- C:\Windows\system32\CSVer.dll
2008-11-14 11:26:33 ----D---- C:\Intel
2008-11-14 11:07:17 ----HD---- C:\Program Files\Temp
2008-11-14 10:56:42 ----D---- C:\Windows\system32\AGEIA
2008-11-14 10:56:41 ----D---- C:\Program Files\AGEIA Technologies
2008-11-14 10:56:24 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-14 10:53:16 ----D---- C:\NVIDIA
2008-11-14 10:43:52 ----D---- C:\Program Files\ma-config.com
2008-11-14 10:43:51 ----D---- C:\ProgramData\ma-config.com
2008-11-12 14:41:21 ----A---- C:\Windows\system32\msxml6.dll
2008-11-12 14:41:19 ----A---- C:\Windows\system32\msxml3.dll
2008-11-09 19:32:25 ----D---- C:\Program Files\Trend Micro
2008-11-09 18:58:59 ----D---- C:\Users\Utilisateur\AppData\Roaming\Comodo
2008-11-09 17:33:20 ----D---- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes
2008-11-09 17:33:10 ----D---- C:\ProgramData\Malwarebytes
2008-11-09 17:33:09 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2008-11-09 16:47:51 ----A---- C:\Windows\system32\cssdll32.dll
2008-11-09 16:45:09 ----D---- C:\Program Files\COMODO
2008-11-09 16:34:00 ----A---- C:\Windows\UNZIP.DLL
2008-11-09 16:34:00 ----A---- C:\Windows\TMUPDATE.DLL
2008-11-09 16:34:00 ----A---- C:\Windows\PATCH.EXE
2008-11-09 15:20:12 ----D---- C:\ProgramData\Avira
2008-11-09 15:20:12 ----D---- C:\Program Files\Avira
2008-11-03 15:03:23 ----D---- C:\ProgramData\WindowsSearch
2008-10-28 20:53:13 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 20:53:13 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 20:53:12 ----A---- C:\Windows\system32\win32spl.dll

======List of files/folders modified in the last 1 months======

2008-11-27 00:09:40 ----D---- C:\Windows\System32
2008-11-27 00:09:40 ----D---- C:\Windows\inf
2008-11-27 00:09:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-27 00:06:20 ----D---- C:\Windows\Prefetch
2008-11-27 00:02:18 ----D---- C:\WINDOWS
2008-11-26 23:54:31 ----D---- C:\Windows\system32\fr-FR
2008-11-26 23:53:43 ----A---- C:\Windows\system.ini
2008-11-26 23:53:13 ----D---- C:\Windows\system32\drivers
2008-11-26 23:53:12 ----D---- C:\Windows\AppPatch
2008-11-26 23:53:12 ----D---- C:\Program Files\Common Files
2008-11-26 23:51:34 ----SHD---- C:\System Volume Information
2008-11-26 21:50:52 ----D---- C:\Windows\system32\catroot2
2008-11-26 19:37:57 ----RD---- C:\Program Files
2008-11-26 19:37:41 ----SD---- C:\Windows\Downloaded Program Files
2008-11-26 18:35:33 ----D---- C:\Windows\system32\Tasks
2008-11-26 18:34:17 ----D---- C:\Program Files\Mozilla Firefox
2008-11-26 16:51:15 ----HD---- C:\ProgramData
2008-11-26 11:52:10 ----D---- C:\Windows\winsxs
2008-11-26 10:16:47 ----D---- C:\Windows\system32\catroot
2008-11-25 23:25:31 ----SHD---- C:\Windows\Installer
2008-11-24 18:27:55 ----D---- C:\Users\Utilisateur\AppData\Roaming\Skype
2008-11-24 18:25:40 ----RSD---- C:\Windows\assembly
2008-11-24 18:25:15 ----RSD---- C:\Windows\Fonts
2008-11-24 18:24:44 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-11-24 18:16:09 ----D---- C:\Program Files\KeePass Password Safe
2008-11-24 17:11:40 ----D---- C:\ProgramData\Adobe
2008-11-24 15:54:13 ----D---- C:\Users\Utilisateur\AppData\Roaming\OpenOffice.org2
2008-11-22 13:29:51 ----SD---- C:\ProgramData\Microsoft
2008-11-22 13:29:48 ----SD---- C:\Users\Utilisateur\AppData\Roaming\Microsoft
2008-11-21 18:15:35 ----D---- C:\Windows\system32\LogFiles
2008-11-21 17:43:21 ----D---- C:\Users\Utilisateur\AppData\Roaming\CyberLink
2008-11-21 13:15:14 ----D---- C:\Program Files\Windows Live Safety Center
2008-11-19 14:15:44 ----D---- C:\Windows\Tasks
2008-11-19 11:22:40 ----D---- C:\Windows\system32\Macromed
2008-11-19 00:32:01 ----A---- C:\Windows\system32\jusched.exe
2008-11-19 00:32:01 ----A---- C:\Windows\system32\jureg.exe
2008-11-19 00:32:01 ----A---- C:\Windows\system32\jucheck.exe
2008-11-14 11:33:15 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-14 11:27:22 ----D---- C:\Program Files\Intel
2008-11-14 11:07:55 ----A---- C:\Windows\DIFxAPI.dll
2008-11-14 11:00:40 ----D---- C:\ProgramData\NVIDIA
2008-11-13 19:10:09 ----D---- C:\Program Files\Orange
2008-11-13 18:22:51 ----RD---- C:\Program Files\Online Services
2008-11-12 21:02:19 ----D---- C:\Windows\Debug
2008-11-12 17:29:59 ----D---- C:\ProgramData\Microsoft Help
2008-11-04 18:19:22 ----D---- C:\Windows\system32\WDI
2008-11-04 01:10:25 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; ??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-25 75072]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2008-11-26 97808]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2008-11-26 25104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 avgntflt;avgntflt; ??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 BOCDRIVE;BOClean Kernel Monitor.; ??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [2007-04-17 15376]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys [2008-11-26 72720]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-03-06 41376]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-10-07 7380896]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-03-06 491168]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-10-03 99840]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 catchme;catchme; ??\C:\C-Fix\catchme.sys []
S3 driverhardwarev2;driverhardwarev2; ??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-11-17 15360]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d’horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 BOCore;BOCore; C:\Program Files\Comodo\CBOClean\BOCORE.exe [2007-08-07 69632]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2008-11-26 618232]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-09-12 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-07 203296]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-11-17 195752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------


J'ai eu aucun problème, merci de tes explications très claires :)

Re,

Desinstalle java et lance le topic n°2 et ensuite tu refait un rsit.

Java est désinstallé, mais JavaRa ne veut rien télécharger.

Re,

Essai la=>http://raproducts.org/

@+

Re,

J’ai effacer les vieilles versions avec JavaRa :

JavaRa 1.11 Removal Log.

Report follows after line.


The JavaRa removal process was started on Thu Nov 27 01:19:08 2008

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}


Finished reporting.

Avec Update Using jucheck.exe, rien ne se passe. Ou peut-être suis-je impatient puisque j’ai la petite lumière du DD qui clignote sans arrêt.


Ou alors je vais directement sur le site de java sun
Non rien ne se passe : le DD ne tourne plus.

Re,

Passe ceci maintenant:

–> Télécharge UsbFix (de Chiquitine29) sur ton Bureau :

–> Lance l’installation avec les paramètres par défaut.

–> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc…) sans les ouvrir.

–> Double-clique sur le raccourci UsbFix sur ton Bureau.

–> Le PC va redémarrer.

–> Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet “Fichier”, “Nouvelle tâche”, tape explorer.exe et valide)

Alors, l’installation s’est faite et j’ai lancé le logiciel à partir de “tous les programmes”. J’ai une fenêtre de BOClean me disant qu’il y a un trojant à l’adresse

C:\USERs\ALEXIS\APPDATA\LOCAL\TEMP\1517.TMP\B2E.EXE

Par ailleurs, UsbFix m’a ouvert une invite de commande me laissant le choix entre 1) Nettoyage, 2) Vaccination, 2) Désinstallation de usbfix et 3) Quitter.

Que fais-je ?

Re,

Fait l’option 1 nettoyage.

Ensuite tu installe sa et met le a jour et fait un scan complet et supprime tout et refait un rsit.
download4.emsisoft.com…

En fait c’est cela qui te pose problème.=>2008-11-19 00:32:01 ----A---- C:\Windows\system32\jusched.exe

@+