SOS problème de Svchost.exe

Et désolé pour le retard !

le lien est celui du rapport

j'ai un avast familial gratuit . Donc pas besoin de désinstaller .
Par contre , dois-je le désactiver?

J'avais pas lu la suite :D
Effectivement je dois le désactiver ^^

te l'ai-je dit ?


__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

MBR::

------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

UC utilisé varie enter 10 et 20% !!!!!
Ma mémoire physique qui était de 59% est repassé à 45% !! =)

Merci infiniment Gen-Hackman !

Dois-je toujours procéder à ce que tu viens de me demander de faire? càd pour le SFCscript.txt ?

ceci est le log que j'ai obtenu au premier scan (avant d'avoir utilisé le CFScript.txt)

Voici le dernier .

ComboFix 10-12-26.01 - HP 29/12/2010 1:19.2.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3068.1818 [GMT 0:00]
Lancé depuis: c:\users\HP\Desktop\ACHRAF.exe.exe
Commutateurs utilisés :: c:\users\HP\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((( Fichiers créés du 2010-11-28 au 2010-12-29 ))))))))))))))))))))))))))))))))))))
.

2010-12-29 01:30 . 2010-12-29 01:34 -------- d-----w- c:\users\HP\AppData\Local\temp
2010-12-29 01:30 . 2010-12-29 01:30 -------- d-----w- c:\users\Invité\AppData\Local\temp
2010-12-29 01:30 . 2010-12-29 01:30 -------- d-----w- c:\users\HP3\AppData\Local\temp
2010-12-29 01:30 . 2010-12-29 01:30 -------- d-----w- c:\users\HP2\AppData\Local\temp
2010-12-29 01:30 . 2010-12-29 01:30 -------- d-----w- c:\users\ELHassan\AppData\Local\temp
2010-12-29 01:30 . 2010-12-29 01:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-29 00:46 . 2010-12-29 00:46 -------- d-----w- C:\ACHRAF.exe
2010-12-29 00:25 . 2009-06-07 16:25 77824 ----a-w- c:\windows\system32\xvid.ax
2010-12-29 00:25 . 2009-06-07 16:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-12-29 00:25 . 2009-06-07 16:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2010-12-29 00:25 . 2010-12-29 00:25 -------- d-----w- c:\program files\Xvid
2010-12-29 00:24 . 2010-12-29 00:24 652794 ----a-w- c:\temp\xvid-win32.exe
2010-12-28 21:53 . 2010-12-28 21:53 -------- d-----w- c:\users\ELHassan\AppData\Roaming\Malwarebytes
2010-12-28 17:11 . 2010-12-28 17:11 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2010-12-28 17:11 . 2010-12-20 18:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-28 17:11 . 2010-12-28 17:11 -------- d-----w- c:\programdata\Malwarebytes
2010-12-28 17:11 . 2010-12-28 17:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-28 17:11 . 2010-12-20 18:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-28 14:03 . 2010-12-28 14:24 -------- d-----w- C:\UsbFix
2010-12-28 00:37 . 2010-12-28 00:37 -------- d-----w- c:\users\HP\Tracing
2010-12-27 22:11 . 2010-12-27 22:42 -------- d-----w- c:\users\HP\AppData\Roaming\Registry Mechanic
2010-12-27 13:45 . 2010-12-27 13:45 -------- d-----w- c:\users\HP\AppData\Roaming\DriverCure
2010-12-27 13:45 . 2010-12-27 13:45 -------- d-----w- c:\users\HP\AppData\Roaming\ParetoLogic
2010-12-27 13:45 . 2010-12-27 19:31 -------- d-----w- c:\programdata\ParetoLogic
2010-12-26 23:29 . 2010-12-26 23:29 -------- d-----w- c:\program files\Electronic Arts
2010-12-25 12:14 . 2010-12-25 12:14 -------- d-----w- c:\programdata\ClearCookiesEasy
2010-12-25 12:14 . 2010-12-25 12:14 -------- d-----w- c:\program files\ClearCookiesEasy
2010-12-25 12:13 . 2010-12-25 12:13 -------- d-----w- c:\programdata\ClearHistoryEasy
2010-12-25 12:13 . 2010-12-25 12:13 -------- d-----w- c:\program files\ClearHistoryEasy
2010-12-25 11:44 . 2010-12-25 11:44 -------- d-----w- c:\users\HP\AppData\Roaming\Intel
2010-12-25 11:42 . 2010-12-25 11:42 -------- d-----w- c:\program files\Cisco
2010-12-25 11:41 . 2010-12-25 11:41 -------- d-----w- c:\programdata\Intel
2010-12-24 22:02 . 2010-12-27 15:13 -------- d-----w- c:\users\HP\JDOWNLOADER
2010-12-24 13:14 . 2010-12-24 13:14 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-12-24 13:12 . 2010-10-16 18:55 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2010-12-24 13:12 . 2010-10-16 18:55 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2010-12-24 13:12 . 2010-10-16 18:55 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2010-12-24 13:12 . 2010-10-16 18:55 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2010-12-24 13:12 . 2010-10-16 18:55 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-12-24 13:12 . 2010-10-16 18:55 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-12-24 13:12 . 2010-10-16 18:55 57960 ----a-w- c:\windows\system32\OpenCL.dll
2010-12-24 13:12 . 2010-10-16 18:55 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2010-12-24 13:12 . 2010-10-16 18:55 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2010-12-24 13:11 . 2010-12-24 13:17 -------- d-----w- c:\program files\NVIDIA Corporation
2010-12-24 13:11 . 2010-12-24 13:11 -------- d-----w- C:\NVIDIA
2010-12-24 11:16 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3FE61526-BF1E-4E80-9201-5642928D885C}\mpengine.dll
2010-12-23 19:44 . 2010-12-23 19:44 -------- d-----w- c:\users\ELHassan\AppData\Roaming\Thinstall
2010-12-23 19:44 . 2010-12-23 19:44 -------- d-----w- c:\users\ELHassan\AppData\Roaming\HideIPEasy
2010-12-23 19:44 . 2010-12-23 19:44 -------- d-----w- c:\users\ELHassan\AppData\Local\Thinstall
2010-12-23 09:49 . 2010-12-23 09:49 -------- d-----w- c:\users\HP\AppData\Roaming\Sierra
2010-12-23 08:39 . 2010-12-23 08:39 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-12-23 08:35 . 2010-12-23 10:55 -------- d-----w- c:\program files\Sierra
2010-12-23 08:34 . 2010-12-23 08:34 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2010-12-23 08:34 . 2004-04-18 23:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2010-12-23 08:34 . 2004-04-18 23:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2010-12-23 08:34 . 2004-04-18 23:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2010-12-23 08:34 . 2004-04-18 23:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2010-12-23 08:34 . 2004-04-18 23:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2010-12-23 08:34 . 2010-12-23 08:34 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2010-12-22 18:24 . 2010-12-22 18:24 -------- d-----w- C:\Boot
2010-12-22 01:17 . 2010-12-22 01:17 -------- d-----w- c:\users\HP\AppData\Local\Activision
2010-12-22 01:10 . 2009-09-04 17:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-12-22 01:09 . 2006-11-29 13:06 440080 ----a-w- c:\windows\system32\d3dx10.dll
2010-12-22 01:09 . 2007-03-05 12:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2010-12-22 00:43 . 2010-12-22 00:43 -------- d-----w- c:\program files\Activision
2010-12-21 13:08 . 2010-12-21 13:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-12-21 13:07 . 2010-12-21 13:18 -------- d-----w- c:\users\HP\AppData\Roaming\DAEMON Tools Lite
2010-12-21 13:05 . 2010-12-21 13:07 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-12-20 20:14 . 2010-12-20 20:14 -------- d-----w- c:\program files\Internet Cyclone
2010-12-20 14:08 . 2010-12-20 14:08 47328 ----a-r- c:\users\HP\AppData\Roaming\Microsoft\Installer\{D416E000-D999-470A-BCAC-98E717CC1AFC}\ARPPRODUCTICON.exe
2010-12-20 14:08 . 2010-12-20 14:08 334048 ----a-r- c:\users\HP\AppData\Roaming\Microsoft\Installer\{D416E000-D999-470A-BCAC-98E717CC1AFC}\NewShortcut2_439CCEF89767436AB00754ACFDCFF417.exe
2010-12-20 14:07 . 2010-12-20 14:07 -------- d-----w- c:\program files\VirginMega
2010-12-20 11:25 . 2010-10-20 17:47 27080 ----a-w- c:\windows\system32\drivers\unlocker.sys
2010-12-20 11:22 . 2010-12-21 08:35 -------- d-----w- c:\users\HP\AppData\Roaming\neobe Backup
2010-12-20 11:21 . 2010-12-20 11:22 -------- d-----w- c:\program files\neobe Backup
2010-12-20 11:21 . 2010-12-20 11:21 -------- d-----w- c:\programdata\Tarma Installer
2010-12-19 18:14 . 2010-12-26 16:45 -------- d-----w- c:\program files\JDownloader
2010-12-19 11:39 . 2010-12-29 00:24 -------- d-----w- C:\Temp
2010-12-16 22:03 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-12-16 22:03 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-12-16 22:03 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-12-16 22:03 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-12-16 22:03 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-12-16 22:02 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-16 21:14 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2010-12-16 21:14 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2010-12-16 21:14 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-16 21:07 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-12-16 21:06 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2010-12-16 21:06 . 2010-10-28 15:44 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-12-16 21:06 . 2010-10-28 13:27 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-16 21:06 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-12-16 20:21 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-12-16 14:22 . 2010-12-16 14:22 -------- d-----w- c:\users\Invité\AppData\Roaming\HP
2010-12-12 14:15 . 2010-12-26 16:56 -------- d-----w- c:\users\HP\AppData\Roaming\HpUpdate
2010-12-11 16:24 . 2010-12-11 16:24 -------- d-----w- c:\users\ELHassan\AppData\Roaming\CyberLink
2010-12-11 16:14 . 2010-12-11 16:14 -------- d-----w- c:\users\HP\AppData\Roaming\HideIPEasy
2010-12-11 16:14 . 2010-12-11 16:14 -------- d-----w- c:\programdata\HideIPEasy
2010-12-11 16:14 . 2010-12-11 16:14 -------- d-----w- c:\users\HP\AppData\Roaming\Thinstall
2010-12-11 16:14 . 2010-12-11 16:14 -------- d-----w- c:\users\HP\AppData\Local\Thinstall
2010-12-11 16:06 . 2010-12-11 16:06 -------- d-----w- c:\users\Public\CyberLink
2010-12-11 16:04 . 2010-12-26 16:45 -------- d-----w- c:\program files\Hide My IP 2009
2010-12-09 19:40 . 2010-12-26 16:45 -------- d-----w- c:\program files\RAR Password Unlocker
2010-12-04 22:30 . 2010-12-09 23:28 -------- d-----w- c:\users\ELHassan\AppData\Roaming\HP
2010-12-04 22:28 . 2009-04-16 14:08 312832 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp70v.dll
2010-12-04 22:24 . 2010-12-04 22:29 -------- d-----w- c:\users\ELHassan\AppData\Roaming\HpUpdate
2010-12-04 22:22 . 2010-12-04 22:22 -------- d-----w- c:\programdata\HP Product Assistant
2010-12-04 22:14 . 2009-02-10 19:03 966656 ----a-w- c:\windows\system32\hpost_p02c.dll
2010-12-04 22:14 . 2009-02-10 19:03 712704 ----a-w- c:\windows\system32\hposwia_p02c.dll
2010-12-04 22:14 . 2009-02-10 19:03 315392 ----a-w- c:\windows\system32\hposc_p02a.dll
2010-12-04 22:14 . 2008-10-28 09:27 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2010-12-04 22:14 . 2009-04-15 20:53 452408 ----a-w- c:\windows\system32\hpzids01.dll
2010-12-04 22:14 . 2009-04-16 14:08 123904 ----a-w- c:\windows\system32\hpf3l70v.dll
2010-12-02 21:14 . 2009-12-08 20:19 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-12-02 21:14 . 2009-12-07 19:53 103168 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-12-02 21:14 . 2009-10-12 15:22 101120 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2010-12-02 21:14 . 2007-08-09 04:06 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51 . 2009-10-04 18:48 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-16 18:55 . 2010-12-24 13:12 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-10-16 18:55 . 2009-10-03 06:02 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-10-16 18:55 . 2008-05-23 03:29 1719912 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 18:55 . 2008-05-23 03:29 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2010-10-16 12:42 . 2010-10-16 12:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe
2010-10-16 12:42 . 2010-10-16 12:42 279144 ----a-w- c:\windows\system32\nvhotkey.dll
2010-10-16 12:42 . 2010-10-16 12:42 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-10-16 12:42 . 2010-10-16 12:42 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-16 12:42 . 2010-10-16 12:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 12:42 . 2010-10-16 12:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll
2010-10-10 14:16 . 2010-10-10 14:16 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-10-05 23:56 . 2007-10-25 15:26 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-23 4240760]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-04-23 468264]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-18 08:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2010-10-05 23:56 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 16:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-03-26 01:10 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-09-23 00:47 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 21:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2009-03-06 09:50 552960 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-03-17 11:48 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9edd4675be15f;Service Google Update (gupdate1c9edd4675be15f);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-15 133104]
R2 PTWsvc;PCTimeWatch;c:\program files\MainSoft\PC TimeWatch\PTWsvc.exe [2007-10-10 937984]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
R3 dump_wmimmc;dump_wmimmc;c:\program files\gPotato.eu\Dragonica\FR\Release\GameGuard\dump_wmimmc.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-12-08 113664]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
R3 PTWDrv;PTW - Process monitoring driver;c:\program files\MainSoft\PC TimeWatch\PTWatch.sys [x]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-04-06 23064]
R3 UsbEvdomAtc;LGE EVDOM USB Serial Port;c:\windows\system32\DRIVERS\lgevdomatc.sys [x]
R3 usbevdombus;LGE EVDOM Composite USB Device;c:\windows\system32\DRIVERS\lgevdombus.sys [x]
R3 UsbEvdomDiag;LGE EVDOM USB Serial DM Port;c:\windows\system32\DRIVERS\lgevdomdiag.sys [x]
R3 USBEVDOmModem;LGE EVDOM USB Modem;c:\windows\system32\DRIVERS\lgevdommodem.sys [x]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-04-07 233472]
R4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-07-02 3219320]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-13 691696]
S1 aswSP;aswSP; [x]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\unlocker.sys [2010-10-20 27080]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-02 81920]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-08-07 24880]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-03-26 341328]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-03 5120]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-03-26 595248]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-04-17 114528]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-06-26 66080]
S3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-03-26 40752]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPService REG_MULTI_SZ HPSLPSVC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'

2010-12-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-07 18:38]

2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-15 16:14]

2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-15 16:14]

2010-12-29 c:\windows\Tasks\User_Feed_Synchronization-{5C94ADF9-E471-4DFE-A06A-837F6469D8A8}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]

2010-12-29 c:\windows\Tasks\User_Feed_Synchronization-{B0B88CFF-CCD2-4501-8C54-35FFC1CFB768}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]

2010-12-29 c:\windows\Tasks\User_Feed_Synchronization-{B326600C-51E7-4651-A08B-C19B09C62D50}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: SmarThru4 Capture Selection - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: localhost
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\d0p975dk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2032792&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - IMBooster4web-en Customized Web Search
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: <![CDATA[1-ClickWeather]]>: {DCBD1271-D228-4082-9FBC-36D9B7660B03} - %profile%\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.

**************************************************************************
Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés:

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(748)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2010-12-29 01:44:41 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-12-29 01:44
ComboFix2.txt 2010-12-29 00:02

Avant-CF: 108 407 136 256 octets libres
Après-CF: 108 253 204 480 octets libres

Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 2704F8D2EF2979EA2974D378C1CCF5C5

j'ai mis le second ^^

J'ai du arrêter hier car j'avais cours à 8h ^^
Je reprend le scan de l'ordinateur à cet instant.

Merci beaucoup pour ton soutien!

Re

BitDefender bloque au niveau de la mise à jour des signature virus et ce à 100% .. il est à ce stade depuis 2 heures..

"Updating Bitdefender Online Scanner"... 100%

Déjà 7 fichiers infectés! ?

L'outil de nettoyage a pris fin mais ne m'a pas donné de rapport.
Là je lance le scan systeme

C'est fini mais je ne sais pas où se trouve le rapport /
Il y' a toujours un fichier qu'il n'a pas pu supprimer (je pense contenant un cheval de Troie)

Dommage je n'ai pas pris de screen .
Mais il y'a une application (BlackopsMO.exe) où apparement il y'a un trojan ou cheval de troie qu'il ne peut supprimer ) C'est écrit Delete Failed

il est ou ce fichier ?

je lance un 3 eme scan et je prend un screen ?
J'ai cherché sur le disque dur mais je ne trouve pas cette application ( jeu que j'avais telechargé d'internet).

Maintenant que je me rend compte que le fichier qu'il detect suspect je l'avais supprimé au paravant (j'en suis sur maintenant)

Tu ne sais pas où je peux le trouver ? (la corbeille est vide)

oui

http://www.virustotal.com/file-scan/compact.html?id=64bd74f36bc61a5ef27665023c9622769b63fd3ca2455ca5ccac576fc6fbdd26-1293643132

Désolé j'ai jamais compris comment faire pour virustotal

tu me colles le lien de la page , l'analyse terminée....

^^" C'est ce que j'ai fait
======> http://www.virustotal.com/file-scan/compact.html?id=64bd74f36bc61a5ef27665023c9622769b63fd3ca2455ca5ccac576fc6fbdd26-1293643132 ===<