Virus?

car si je fais copier/coller c'est toute la page qui bleuie

voilà ce que ça donne!!!

--
pupuce298ComboFix 09-02-11.01 - thalie 2009-02-11 23:35:19.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.894.199 [GMT 1:00]
Lancé depuis: c:\users\thalie\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\thalie\Desktop\CFScript.txt..txt
AV: Norton Internet Security *On-access scanning disabled* (Updated)
FW: Norton Internet Security *disabled*
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-01-11 au 2009-02-11 ))))))))))))))))))))))))))))))))))))
.

2009-02-11 19:13 . 2009-02-11 19:13 <REP> d-------- c:\program files\Windows Live Toolbar
2009-02-11 19:13 . 2009-02-11 19:13 <REP> d-------- c:\program files\Windows Live Favorites
2009-02-10 23:52 . 2009-02-10 23:52 <REP> d-------- c:\users\thalie\AppData\Roaming\Malwarebytes
2009-02-10 23:52 . 2009-02-10 23:52 <REP> d-------- c:\users\All Users\Malwarebytes
2009-02-10 23:52 . 2009-02-10 23:52 <REP> d-------- c:\programdata\Malwarebytes
2009-02-10 23:52 . 2009-02-10 23:52 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-10 23:52 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-10 23:52 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-10 23:24 . 2009-02-10 23:35 <REP> d-------- c:\program files\Ad-remover
2009-02-09 11:39 . 2009-02-09 11:39 <REP> d-------- c:\program files\Trend Micro
2009-01-31 16:39 . 2009-01-31 16:39 <REP> d-------- c:\program files\JRE
2009-01-17 22:47 . 2009-01-17 22:47 <REP> d-------- c:\program files\Common Files\Adobe AIR
2009-01-17 22:47 . 2009-01-17 22:47 <REP> d-------- c:\program files\Adobe Media Player
2009-01-14 17:38 . 2009-01-26 22:28 921,624 --a------ C:\img2-001.raw
2009-01-13 19:23 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-11 22:38 --------- d-----w c:\users\thalie\AppData\Roaming\LimeWire
2009-02-11 21:49 --------- d-----w c:\programdata\Symantec
2009-02-11 20:02 --------- d-----w c:\program files\Free Easy Burner
2009-02-11 18:16 --------- d-----w c:\program files\Windows Live
2009-02-11 18:09 --------- d-----w c:\programdata\WLInstaller
2009-02-08 16:36 --------- d-----w c:\users\thalie\AppData\Roaming\dvdcss
2009-01-31 15:39 --------- d-----w c:\program files\OpenOffice.org 3
2009-01-27 18:59 --------- d-----w c:\program files\Google
2009-01-14 02:03 --------- d-----w c:\program files\Windows Mail
2009-01-06 09:39 --------- d-----w c:\program files\Norton Internet Security
2009-01-06 09:34 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-06 09:34 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-06 09:34 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-06 09:34 --------- d-----w c:\program files\Symantec
2009-01-05 16:12 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-01-04 21:40 --------- d-----w c:\programdata\NOS
2009-01-04 21:40 --------- d-----w c:\program files\NOS
2009-01-04 15:39 --------- d-----w c:\program files\Common Files\Adobe
2009-01-04 15:25 --------- d-----w c:\users\thalie\AppData\Roaming\AdobeUM
2009-01-02 17:04 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-01 10:46 --------- d-----w c:\users\thalie\AppData\Roaming\FlySuite
2008-12-31 16:16 --------- d-----w c:\users\thalie\AppData\Roaming\HiYo
2008-12-30 22:06 --------- d-----w c:\program files\Full Pack Codecs
2008-12-30 21:41 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-30 21:38 --------- d-----w c:\programdata\PC Drivers HeadQuarters
2008-12-30 18:01 174 --sha-w c:\program files\desktop.ini
2008-12-30 17:50 --------- d-----w c:\program files\Windows Sidebar
2008-12-30 17:50 --------- d-----w c:\program files\Windows Photo Gallery
2008-12-30 17:50 --------- d-----w c:\program files\Windows Journal
2008-12-30 17:50 --------- d-----w c:\program files\Windows Collaboration
2008-12-30 17:50 --------- d-----w c:\program files\Windows Calendar
2008-12-30 17:49 --------- d-----w c:\program files\Windows Defender
2008-12-30 16:51 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-12-30 16:50 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-12-29 22:38 --------- d-----w c:\programdata\HP Product Assistant
2008-12-28 22:19 --------- d-----w c:\programdata\HP
2008-12-28 22:11 61,440 ----a-w c:\windows\System32\winipsec.dll
2008-12-28 22:11 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2008-12-28 22:11 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2008-12-28 22:11 272,896 ----a-w c:\windows\System32\polstore.dll
2008-12-28 22:10 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2008-12-28 22:10 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-12-28 22:10 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2008-12-28 22:09 269,312 ----a-w c:\windows\System32\es.dll
2008-12-28 21:58 --------- d-----w c:\users\thalie\AppData\Roaming\OpenOffice.org
2008-12-28 21:35 --------- d-----w c:\programdata\WEBREG
2008-12-28 21:34 --------- d-----w c:\users\thalie\AppData\Roaming\HP
2008-12-28 21:33 --------- d-----w c:\programdata\HPSSUPPLY
2008-12-28 21:33 --------- d-----w c:\program files\HP
2008-12-28 21:32 --------- d-----w c:\program files\Common Files\HP
2008-12-28 21:28 --------- d-----w c:\program files\Hewlett-Packard
2008-12-28 21:28 --------- d-----w c:\program files\Common Files\Hewlett-Packard
2008-12-28 21:25 --------- d-----w c:\programdata\Hewlett-Packard
2008-12-28 17:30 --------- d-----w c:\program files\Microsoft LifeCam
2008-12-28 17:19 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2008-12-28 17:08 --------- d-----w c:\program files\Free Audio Pack
2008-12-28 17:03 --------- d-----w c:\users\thalie\AppData\Roaming\vlc
2008-12-28 17:01 --------- d-----w c:\program files\VideoLAN
2008-12-28 16:44 --------- d-----w c:\program files\LimeWire
2008-12-28 16:36 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-12-28 16:36 --------- d-----w c:\program files\Java
2008-12-28 16:05 428,544 ----a-w c:\windows\System32\EncDec.dll
2008-12-28 16:05 293,376 ----a-w c:\windows\System32\psisdecd.dll
2008-12-28 16:00 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-12-28 15:55 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2008-12-28 15:52 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-12-28 15:52 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-12-28 15:52 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-12-28 15:52 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-28 15:52 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-12-28 15:52 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-12-28 15:52 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-12-28 15:52 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-12-28 15:52 1,695,744 ----a-w c:\windows\System32\gameux.dll
2008-12-28 15:50 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2008-12-28 15:48 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-12-28 15:48 --------- d-----w c:\program files\Common Files\Java
2008-12-28 15:47 2,048 ----a-w c:\windows\System32\msxml3r.dll
2008-12-28 15:47 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2008-12-28 15:42 2,048 ----a-w c:\windows\System32\tzres.dll
2008-12-28 15:36 2,927,104 ----a-w c:\windows\explorer.exe
2008-12-28 15:31 827,392 ----a-w c:\windows\System32\wininet.dll
2008-12-28 15:28 9,847,296 ----a-w c:\windows\System32\NlsData000a.dll
2008-12-28 15:26 988,216 ----a-w c:\windows\System32\winload.exe
2008-12-28 15:26 927,288 ----a-w c:\windows\System32\winresume.exe
2008-12-28 15:26 615,992 ----a-w c:\windows\System32\ci.dll
2008-12-28 15:26 6,656 ----a-w c:\windows\System32\kbd106n.dll
2008-12-28 15:26 46,592 ----a-w c:\windows\System32\setbcdlocale.dll
2008-12-28 15:26 40,960 ----a-w c:\windows\System32\srclient.dll
2008-12-28 15:26 378,368 ----a-w c:\windows\System32\srcore.dll
2008-12-28 15:26 318,464 ----a-w c:\windows\System32\rstrui.exe
2008-12-28 15:26 19,000 ----a-w c:\windows\System32\kd1394.dll
2008-12-28 15:26 14,848 ----a-w c:\windows\System32\srdelayed.exe
2008-12-28 15:23 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2008-12-28 15:23 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2008-12-28 15:23 347,136 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2008-12-28 15:21 443,392 ----a-w c:\windows\System32\win32spl.dll
2008-12-28 15:21 37,888 ----a-w c:\windows\System32\printcom.dll
2008-12-28 15:21 14,848 ----a-w c:\windows\System32\wshrm.dll
2008-12-28 15:21 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-02-11_11.59.00,18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-11 18:53:06 884,736 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b3a5c81e91bf9b1e63697e53a41ac0ed\AspNetMMCExt.ni.dll
+ 2009-02-11 18:50:21 425,984 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\7b38b32ba60b3eb9195c4e1fcc2c3b9d\BDATunePIA.ni.dll
+ 2009-02-11 18:50:27 503,808 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a29c71731e54f91d32ccc55d5493126d\ComSvcConfig.ni.exe
+ 2009-02-11 18:53:41 237,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\8b7076d09705567c6431176b693597ab\CustomMarshalers.ni.dll
+ 2009-02-11 18:53:41 15,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\314a2a2c7ac434889e2478150e910adf\dfsvc.ni.exe
+ 2009-02-11 18:53:42 249,856 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehCIR\56309ef1e57faa5e1c01a04a7e3aefc2\ehCIR.ni.dll
+ 2009-02-11 18:51:34 2,428,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehepg\3cdca1e5ca98fe7c3f4ab8acd32e8c1c\ehepg.ni.dll
+ 2009-02-11 18:51:45 360,448 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\507f31ea7666854edb2752be04453c54\ehepgdat.ni.dll
+ 2009-02-11 18:53:43 44,544 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\71f21fd19fc743332713e929b7f466ba\ehExtCOM.ni.dll
+ 2009-02-11 18:51:46 270,336 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\ca3894e7058fbb4133c887b8f967c5f0\ehExtHost.ni.exe
+ 2009-02-11 18:52:23 24,576 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtCOM\9690acf6b16810061de6ed44368980a9\ehiExtCOM.ni.dll
+ 2009-02-11 18:51:47 188,416 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\52610279dc1c7658eafbf00b8d197bf9\ehiExtens.ni.dll
+ 2009-02-11 18:51:49 610,304 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiPlay\6c123aa14560b7dff4968bcfbcc48ba6\ehiPlay.ni.dll
+ 2009-02-11 18:51:35 983,040 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\5f8aee18344b9910bbec6af974c074d5\ehiProxy.ni.dll
+ 2009-02-11 18:51:48 77,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiReplay\[u]0/ub31398ed7a071f087b271393a522038\ehiReplay.ni.dll
+ 2009-02-11 18:51:43 58,368 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\ca15bb63e13565d7b8b168403a0dbf37\ehiUserXp.ni.dll
+ 2009-02-11 18:51:50 839,680 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\b8a0ab267c97a1e2a3a554e8f4f3b7df\ehiVidCtl.ni.dll
+ 2009-02-11 18:51:51 376,832 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiwmp\54da10294f5f71396a622da622c8c820\ehiwmp.ni.dll
+ 2009-02-11 18:51:56 122,880 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehiWUapi\9a8dbbf00820151502bf5886759bd9ff\ehiWUapi.ni.dll
+ 2009-02-11 18:51:55 1,949,696 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\d7fd9d0533242d48d6914a1bf993aadb\ehRecObj.ni.dll
+ 2009-02-11 18:52:23 12,742,656 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\bc7c35ef31af1909c89cb067da0e0970\ehshell.ni.dll
+ 2009-02-11 18:52:26 577,536 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\368debb045e28955b65910779050eccc\EventViewer.ni.dll
+ 2009-02-11 18:52:24 86,016 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\loadmxf\91672362ea8e76d7800c6d3176364d0b\loadmxf.ni.exe
+ 2009-02-11 18:51:59 737,280 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\26383f385450d35ef11998a1c60e6c45\mcstore.ni.dll
+ 2009-02-11 18:52:00 315,392 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\6aa5747fb711f9d478b1b943fddf2b61\mcstoredb.ni.dll
+ 2009-02-11 18:52:39 274,432 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\5ffe0057899c1579c865c000554b239b\mcupdate.ni.exe
+ 2009-02-11 18:52:24 258,048 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\81d064c3c21181a4a5ec456becbbef4c\Mcx2Dvcs.ni.dll
+ 2009-02-11 18:53:46 876,544 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e24c7a7e58f9b3432df623710b9c5e01\Microsoft.Build.Engine.ni.dll
+ 2009-02-11 18:53:46 81,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\6dc26698fcb3f0f93759f3c38a6207d5\Microsoft.Build.Framework.ni.dll
+ 2009-02-11 18:53:49 1,695,744 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\87407c2d9c2530f716841b6d6ebdf563\Microsoft.Build.Tasks.ni.dll
+ 2009-02-11 18:53:50 167,936 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\bdd6a68dce3ff4146b24afdf9759402b\Microsoft.Build.Utilities.ni.dll
+ 2009-02-11 18:52:41 1,441,792 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\d521fc6793855857df18b7cb9ab0acaa\Microsoft.Ink.ni.dll
+ 2009-02-11 18:52:28 614,400 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\b059345a9c2a126e320e17c2090dd354\Microsoft.ManagementConsole.ni.dll
+ 2009-02-11 18:51:43 5,861,376 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\32c2ab90485e11277b825ec8260de0dc\Microsoft.MediaCenter.UI.ni.dll
+ 2009-02-11 18:52:01 704,512 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\5978cf38d967c9ec0ab694134129b82c\Microsoft.MediaCenter.Sports.ni.dll
+ 2009-02-11 18:51:47 618,496 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\a859b69e0f608b63f6ec8b4dbfa8966a\Microsoft.MediaCenter.ni.dll
+ 2009-02-11 18:51:57 253,952 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\fe6a1bdca6598998fd80b3ee04053741\Microsoft.MediaCenter.Shell.ni.dll
+ 2009-02-11 18:51:29 1,232,896 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\198b25c569e8a6fbb78092fe9c697600\Microsoft.Transactions.Bridge.ni.dll
+ 2009-02-11 18:52:45 401,408 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\b0da39820e35eb3821e69ac8ace491a1\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-02-11 18:53:52 1,740,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a96c6b0c75f8ea3eb133018ba3b49f3f\Microsoft.VisualBasic.ni.dll
+ 2009-02-11 18:52:36 6,443,008 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\66ad568e1ea098a2099364bf66bdaed8\MIGUIControls.ni.dll
+ 2009-02-11 18:52:49 1,691,648 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\f5934f1b89f7c8fb3f0bab1c21045f1c\MMCEx.ni.dll
+ 2009-02-11 18:52:29 319,488 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\a3d6cbb5a1efbd314e7080bbbd78d1cd\MMCFxCommon.ni.dll
+ 2009-02-11 18:52:50 102,400 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\29d0ab81098806db3b769de45054ea13\napcrypt.ni.dll
+ 2009-02-11 18:52:51 139,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\65fba2f3c000945397537d9646148f6c\naphlpr.ni.dll
+ 2009-02-11 18:52:51 126,976 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\ad70802a13332254382fd4bddbfbc8b3\napinit.ni.dll
+ 2009-02-11 18:52:53 737,280 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\ae9a564a6dd8814ba0ec381fd07be4bb\napsnap.ni.dll
+ 2009-02-11 18:53:57 2,641,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\1b896bbb7ed678902995f5a2479962e8\Narrator.ni.exe
+ 2009-02-11 18:54:00 1,581,056 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\7c78c24952fad7252c7ff7f739fd6198\PresentationBuildTasks.ni.dll
+ 2009-02-11 18:54:06 2,035,712 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fa8522105eb716eed71e99bb9bfe06ee\PresentationUI.ni.dll
+ 2009-02-11 18:54:14 2,416,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\99836ab309902e40176dc5ca0854f7b2\ReachFramework.ni.dll
+ 2009-02-11 18:52:53 139,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\b682f5929b1f3f2a0b585cbc999df489\ServiceModelReg.ni.exe
+ 2009-02-11 18:51:16 303,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ee487a5b3e62f510183f68538f583135\SMDiagnostics.ni.dll
+ 2009-02-11 18:52:55 323,584 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\470e3064a09dc8107667143d09811786\SMSvcHost.ni.exe
+ 2009-02-11 18:54:22 262,144 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\811305f0e9b3729e5a6a991b6645de92\sysglobl.ni.dll
+ 2009-02-11 18:51:27 241,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\5ff73b37102042c3e28f22106dde8ad4\System.IdentityModel.Selectors.ni.dll
+ 2009-02-11 18:51:24 1,118,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\44573dbcf8c8046c8d4b9ba8109d90e7\System.IdentityModel.ni.dll
+ 2009-02-11 18:52:57 417,792 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\28b40aac039323938aa010da90240207\System.IO.Log.ni.dll
+ 2009-02-11 18:51:26 655,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\1bb37d7286f4cd22de1b1e7f6d2950b2\System.Messaging.ni.dll
+ 2009-02-11 18:54:09 1,134,592 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d82ee3d7910c5dab8c97c4e7973d7bbc\System.Printing.ni.dll
+ 2009-02-11 18:51:22 2,445,312 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\529360b58964fe947006d8669aea62f3\System.Runtime.Serialization.ni.dll
+ 2009-02-11 18:51:13 18,071,552 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\cfcba8cb539cb3dc5e92c544bd6d9dc5\System.ServiceModel.ni.dll
+ 2009-02-11 18:54:22 2,039,808 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\b75eb02af4a4a29474726c41641ac18e\System.Speech.ni.dll
+ 2009-02-11 18:54:27 2,342,912 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\7185958cf25ae6673e828dd1e7ac65ed\System.Web.Mobile.ni.dll
+ 2009-02-11 18:52:59 258,048 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\[u]0/ua7389d61536c156ce0485a0a14d1c3f\TaskScheduler.ni.dll
+ 2009-02-11 18:54:29 483,328 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\247502ab3842b4a61f36dc4e0279f354\UIAutomationClient.ni.dll
+ 2009-02-11 18:54:31 1,118,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94bf31eac9cf2d253b451e225669e91c\UIAutomationClientsideProviders.ni.dll
+ 2009-02-11 18:54:33 270,336 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\32372878e4291ce171ce9eb482d9188a\WindowsFormsIntegration.ni.dll
+ 2009-02-11 18:53:35 131,072 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\83f175ac2f35cc404f7024e85fcca1fb\WindowsLive.Client.ni.dll
+ 2009-02-11 18:53:32 1,105,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\[u]0/u8215c95244c1641cc3e4faf88d2e88d\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2009-02-11 18:53:29 118,784 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\126ba2067f929a9638dc4dc45e812027\WindowsLive.Writer.Extensibility.ni.dll
+ 2009-02-11 18:53:36 577,536 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\21034fc3daf5e91eb318df85fc8dd8ec\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2009-02-11 18:53:22 1,867,776 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2b51f848b3321ac4fd9b697f8dcc4fa7\WindowsLive.Writer.CoreServices.ni.dll
+ 2009-02-11 18:53:24 204,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6a9d625944361fce51125c18c21e6f81\WindowsLive.Writer.BrowserControl.ni.dll
+ 2009-02-11 18:53:38 155,648 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6d16bb7fb6b48d18860b4da671f43cae\WindowsLive.Writer.FileDestinations.ni.dll
+ 2009-02-11 18:53:23 516,096 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6dc97c49301004c536aca5df430592d8\WindowsLive.Writer.Localization.ni.dll
+ 2009-02-11 18:53:17 5,464,064 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7619bf112da465b27df165f8f00740b1\WindowsLive.Writer.PostEditor.ni.dll
+ 2009-02-11 18:53:22 352,256 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\795eface60915e95c73b6940ec687da4\WindowsLive.Writer.Interop.ni.dll
+ 2009-02-11 18:53:27 139,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c24975c89e076d4f3f58ce7c88b3017\WindowsLive.Writer.Passport.ni.dll
+ 2009-02-11 18:53:25 335,872 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7e84a2fbbe66e4349ab87bc485d43aaf\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2009-02-11 18:53:30 102,400 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8cda0a6b2bda2c542668cd25f2279915\WindowsLive.Writer.Api.ni.dll
+ 2009-02-11 18:53:34 827,392 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\de6cef2d5b1f5800e4f2d131e65e9db3\WindowsLive.Writer.BlogClient.ni.dll
+ 2009-02-11 18:53:38 221,184 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\def72d87eeb0373e2819f0dd1cf24698\WindowsLive.Writer.SpellChecker.ni.dll
+ 2009-02-11 18:53:28 278,528 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dfb8da097f8ff583eebc91da13ce427a\WindowsLive.Writer.Mshtml.ni.dll
+ 2009-02-11 18:53:25 348,160 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e340fd213043cf00b61dd2d0c999404e\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2009-02-11 18:53:26 184,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e363e1ed9064848c357f79e31033d87c\WindowsLive.Writer.HtmlParser.ni.dll
+ 2009-02-11 18:53:19 589,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f707e5dba04dc23fed79cd186349acea\WindowsLive.Writer.Controls.ni.dll
+ 2009-02-11 18:53:40 651,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\438d2cbbb5169ba638eac23b1be667cc\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2009-02-11 18:53:11 40,960 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\6bf7406271b10705d7e6f5181f4e5185\WindowsLiveWriter.ni.exe
+ 2009-02-11 18:53:00 380,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\[u]0/uecb8c2a9fa7b6c5e7c9d77b44ff6eb1\WsatConfig.ni.exe
- 2009-01-02 17:01:29 29,926 ----a-r c:\windows\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2009-02-11 18:15:10 29,926 ----a-r c:\windows\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2009-02-11 18:12:40 86,746 ----a-r c:\windows\Installer\{C514C594-23AA-4F13-A070-DB8BDB27594F}\wlmail.exe
- 2009-02-11 10:15:14 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-02-11 16:20:47 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-02-11 10:15:14 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-02-11 16:20:47 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-11 10:58:20 151,552 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-11 16:22:37 151,552 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-02-11 10:16:22 151,552 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-11 16:22:42 151,552 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2009-02-11 10:33:24 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-11 21:33:51 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-11 10:33:24 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-11 21:33:51 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-11 10:33:24 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-11 21:33:51 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-11 10:54:41 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-02-11 22:34:40 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
- 2009-02-11 10:17:45 5,418 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1832075816-3645299247-3322294753-1000_UserData.bin
+ 2009-02-11 16:23:21 5,434 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1832075816-3645299247-3322294753-1000_UserData.bin
- 2009-02-11 10:17:45 47,438 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-11 16:23:20 47,438 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-11 10:17:36 43,706 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-11 16:23:12 44,146 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"="" [?]
"?????????"="??????????????e" [?]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-27 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-11-21 22696]
"Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-11-23 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-11-17 453120]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-28 136600]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-01-13 275800]
"VX1000"="c:\windows\vVX1000.exe" [2006-12-06 707360]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-13 528384]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Windows Live Messenger803"=c:\program files\Windows Live\Messenger\msnmsgr.exe
"Windows Live Messenger"=c:\program files\Windows Live\Messenger\msnmsgr.exe
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"Windows Live Messenger48"=c:\program files\Windows Live\Messenger\msnmsgr.exe
"Windows Mail"=c:\program files\Windows Mail\WinMail.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{755DDF93-2A40-464C-8E19-14D57FDFE54C}"= UDP:c:\program files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{9E139F13-729C-48A3-A542-F8D1B9041878}"= TCP:c:\program files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{083C222B-2E43-435E-A4FA-69B43D170DBD}"= UDP:c:\program files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess
"{CCAC3715-6F13-4B05-AFE8-9CB066D07D09}"= TCP:c:\program files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess
"{7A11D0DC-4B4D-4D6B-9395-1FB0BB02F739}"= UDP:c:\program files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess
"{CAEDC0A9-FA60-4B8B-8EB7-4679892F69D7}"= TCP:c:\program files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess
"{3CF0A38F-BDCA-4850-B9CC-79DA144B0CA6}"= UDP:c:\program files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess
"{801EC1BA-4EA4-4830-8FE6-B53B0271F818}"= TCP:c:\program files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess
"{25C8D0F9-7579-488A-9363-C9EC507F3255}"= UDP:c:\program files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA
"{8C209F36-3196-43EF-AEA2-F7691A219A8D}"= TCP:c:\program files\Acer Zone\Acer Zone SoftDMA\SoftDMA.exe:CyberLink SoftDMA
"{E34853DF-1AA7-43F9-93FF-43825A6980DC}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{AED0F478-08B1-4151-ACB5-EEBB58B9E895}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{EBCF35D6-6042-457C-B135-81AD990E3EE6}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{22099A16-220F-4DDB-B938-800157135E22}"= UDP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{0364A7FC-E2CE-4FA4-9B4E-32A993D10799}"= TCP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{93D11F8F-9E55-4D72-8495-D3EEFBEE5066}"= UDP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{310B0F76-A13C-4E87-BE77-8FEE053F4514}"= TCP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{681F342B-0670-46F3-AEF8-CFF014245080}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{23FAE572-03E8-4328-849B-12AFA904EDBF}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{FD3BCAB7-D94C-4BA6-B72D-5C6F93C97C63}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20090129.001\IDSvix86.sys [2009-01-30 270384]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-28 99376]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2008-10-03 37936]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b23453c-d4fc-11dd-b965-0019db33997e}]
\shell\AutoRun\command - K:\ClickMe.exe
.
Contenu du dossier 'Tâches planifiées'

2009-02-11 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]

2009-02-06 c:\windows\Tasks\Norton Internet Security - Analyse système complète - thalie.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-21 05:30]

2009-02-11 c:\windows\Tasks\User_Feed_Synchronization-{62A5334B-7F93-477E-9A5F-8BC6A15143C9}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]

2009-02-11 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mWindow Title =
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-11 23:38:24
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(2296)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\ShowErrMsg.dll
.
Heure de fin: 2009-02-11 23:41:16
ComboFix-quarantined-files.txt 2009-02-11 22:41:09
ComboFix2.txt 2009-02-11 11:00:48

Avant-CF: 78 293 590 016 octets libres
Après-CF: 78,062,030,848 octets libres

379 --- E O F --- 2009-02-10 08:40:49

--
pupuce298Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:45:16, on 11/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

je n'y arrive pas ! ne comprend pas ! peux tu détailler stp merci

--le message que je reçois est impossible d'importer C:/Users... le fichier n'est pas un script du Registre
pupuce298

j'ai tapé msconfig dans executer et je vois un petit ecran de pc avec msconfix.exe

c'est quand j'ai cherché dans démarer rechercher : msconfig comme tu me l'avais demandé il y était bien mais il y avait un petit ecran sur la meme ligne

bonjour, je n'ai pas de "nouveaux fichiers" ce sont des nouveaux dossiers

on me dit que fix.reg exciste déjà

là je viens de cliquer sur fix.reg et on m'a donné ce message :voulez vous vraiment ajouter les informations ....j'ai dis oui et on me dit : les clés et valeurs contenues dans C:Users\thalie\ ... ont été correctement ajoutées au Registre

dis moi c'est normal que je ne puisse plus ouvrir windows live messenger ?

oui mais je n'aime pas la version 2009 est-ce que tu pense que je peux aller le telecharcher sur 01.com?

je peux l'instaler par dessus l'autre
ou il faut que je le désinstale non ?!!!

--
pupuce298Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:10, on 12/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\vVX1000.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\regedit.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

et ça me dit windows live messenger a cessé de fonctionner toujours et encore je ne comprend pas

dans démarrer j'ai tapé dans la recherche msconfig et là en haut à gauche il y avait écrit en dessous de programmes
un croquis d'1 petit écran et juste à coté msconfig

non je ne vois aucun point d'interrogation par contre je vois des écritures chinoises
et toutes les cases sont déjà cochés

fallait il désactiver Norton? si non le scan a échoué

mais le nouvel anti virus me demande si je veux commencer l'analyse dois je dire oui ?

oui j'ai accepté

--oui
pupuce298

il me dit qu'il est impossible d'analyser l'ordinateur contre les virus !!!
est-ce que je dois désactiver Norton??

une fois Norton désactivé l'analyse c'est lancée

j'ai désinstalé messenger 2008 pour mettre la version 2009 il ne veut pas s'ouvrir non plus
quelle poisse!!!

l'analyse est terminée aucun problème n'a été trouvé

bonjour Geoffrey
tu en pense quoi si je te dis formater mon pc, prendre en bon antivirus et ne pas ouvrir les messages intitulés RE: FW:
si tu pense que je peux le faire dis le moi stp car là j'ai vraiment l'impression de t'ennuyer. en tout cas merci de t'être penché sur mon problème . bien à toi pupuce
--

il se comporte pas trop mal mais je n'ai pas réussi à t'envoyer le rapport de BitDefender je ne le trouve pas dans C:

--
pupuce298Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:39, on 14/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\vVX1000.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

voilà le rapport de BitDefender

et un nouveau rappot HijackThis

bonsoir geoffrey, comme je ne peux pas reinstaler windows live messenger. et que apparement il n'y a pas de fichier infesté . penses tu que je peux formater. j'ai envoyé tous mes programmes sur mon disque dur externe. je n'attend que ton feu vert . bien à toi