Bonjour et merci de ton aide.

résultat donné

Fichier introuvable - LISTEPROCES.TXT
Fichier introuvable - LISTEPROCES.TXT
Fichier introuvable - LISTEPROCES.TXt

Dsl je viens de voir le reste

Rapport GenProc 2.604 [2] - 17/07/2009 à 14:53:04
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox (3.5) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


Fais scanner le(s) fichier(s) suivant(s) sur ce site http://www.virustotal.com/fr/ :


C:\WINDOWS\System32\hjgruidptaswuu.dat
C:\WINDOWS\System32\hjgruijwqjthve.dat


et poste le(s) rapport(s) obtenu(s) dans ta prochaine réponse.




~~~~ INFORMATION COMPLEMENTAIRE ~~~~


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:58:55, on 17/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Securite\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
C:\WINDOWS\System32\svchost.exe
D:\INTERNET\JAVA\JRE6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
D:\Utilitaires\Gravure\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Securite\Acronis\TrueImageHome\TrueImageMonitor.exe
D:\Securite\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\WINDOWS\DitExp.exe
D:\INTERNET\JAVA\JRE6\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
D:\Bureau\PaperPort\pptd40nt.exe
D:\Bureau\PDF Create 5\pdfcreate5hook.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
D:\Securite\Raxco\PD91Agent.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Utilitaires\vista\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
D:\Securite\Ecarte\ecbl-lcl.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
D:\Internet\MailWasher Pro\MailWasher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Documents and Settings\Gendy\Mes documents\Mes fichiers reçus\Nouveau dossier\avis_gmer\AVIS\AVIS\AVIS.exe
C:\DOCUME~1\Gendy\LOCALS~1\Temp\RoboForm\RoboTaskBarIcon.exe­
C:\Documents and Settings\Gendy\Mes documents\Mes fichiers reçus\Nouveau dossier\avis_gmer\gmer\gmer.exe
D:\Internet\Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\notepad.exe
C:\GenProc\outil\Gendy_GenProc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - D:\Utilitaires\vista\Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Securite\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\INTERNET\JAVA\JRE6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\INTERNET\JAVA\JRE6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand2526.dll
O3 - Toolbar: (no name) - {724d43a0-0d85-11d4-9908-00400523e39a} - (no file)
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MultiScreen] C:\Program Files\MagicTune Premium\Multiscreen\MultiScreen.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] D:\Securite\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] D:\Securite\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\INTERNET\JAVA\JRE6\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "D:\Bureau\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "D:\Bureau\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PDFHook] D:\Bureau\PDF Create 5\pdfcreate5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] D:\Bureau\PDF Create 5\RegistryController.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [SIDEBAR] "D:\Utilitaires\vista\Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [RocketDock] "D:\Utilitaires\vista\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PPScheduler] D:\Bureau\PaperPort\PPScheduler.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dragon NaturallySpeaking.lnk = D:\Bureau\NaturallySpeaking9\Program\natspeak.exe
O4 - Startup: MailWasherPro.lnk = D:\Internet\MailWasher Pro\MailWasher.exe
O4 - Startup: RocketDock.lnk = D:\Utilitaires\vista\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = D:\Utilitaires\vista\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Global Startup: e-Carte Bleue LCL.lnk = D:\Securite\Ecarte\ecbl-lcl.exe
O4 - Global Startup: GammaTray.lnk = ?
O4 - Global Startup: PyGrenouille.lnk = D:\Internet\PyGrenouille\pygrenouille.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Barre RoboForm - file://I:\RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Créer fichier PDF - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\BUREAU\OFFICE\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://I:\RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://I:\RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://I:\RoboForm\RoboFormComFillForms.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Utilitaires\vista\Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Utilitaires\vista\Sidebar\sbhelp.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\BUREAU\OFFICE\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Securite\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Securite\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - D:\Bureau\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - D:\Bureau\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - D:\Bureau\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - D:\Securite\a-squared Free\a2service.exe
O23 - Service: a-squared Free Service a2freeAcrSch2Svc (a2freeAcrSch2Svc) - Unknown owner - C:\WINDOWS\TEMP\wmxufybwtx.exe (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c99408aa0950da) (gupdate1c99408aa0950da) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\INTERNET\JAVA\JRE6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Utilitaires\Gravure\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - D:\Securite\Raxco\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - D:\Securite\Raxco\PD91Engine.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
End of file - 17634 bytes

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 15:01:05 ~~

Suite redemarrage apres combofix, j'avais des doublons de mes cd et ceux ci ont disparu etle gestionnaire de disque windows refonctionne dèjà un progrès. merci pour cela deja. et voila le fichier generé

ComboFix 09-07-14.08 - Gendy 17/07/2009 15:27.1.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.251 [GMT 2:00]
Running from: c:\documents and settings\Gendy\Bureau\td.exe
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\146d2f.msi
c:\windows\Installer\1834138.msp
c:\windows\Installer\399004.msp
c:\windows\Installer\6d2d95.msp
c:\windows\patch.exe
c:\windows\system32\hjgruidptaswuu.dat
c:\windows\system32\hjgruijwqjthve.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_hjgruixcbpjyot


((((((((((((((((((((((((( Files Created from 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))))
.

2009-07-17 12:48 . 2009-07-17 12:52 -------- d-----w- C:\GenProc
2009-07-16 23:32 . 2009-07-16 23:32 -------- d-----w- c:\documents and settings\Gendy\Application Data\Malwarebytes
2009-07-16 23:32 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissar­my.sys
2009-07-16 23:32 . 2009-07-16 23:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-16 23:32 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-16 23:09 . 2009-07-16 23:09 -------- d-----w- c:\program files\Trend Micro
2009-07-16 19:51 . 2009-07-16 19:51 -------- d-----w- c:\program files\MSECache
2009-07-15 16:12 . 2009-07-15 16:12 -------- d-----w- c:\windows\system32\Adobe
2009-07-14 12:19 . 2009-07-14 12:19 -------- d-----w- c:\documents and settings\Gendy\Local Settings\Application Data\ACD Systems
2009-07-14 12:18 . 2009-07-14 12:18 -------- d-----w- c:\documents and settings\Gendy\Application Data\ACD Systems
2009-07-14 12:17 . 2009-07-14 12:17 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-07-14 12:16 . 2009-07-14 12:17 -------- d-----w- c:\program files\Fichiers communs\ACD Systems
2009-07-14 12:14 . 2009-07-14 12:14 -------- d-----w- c:\documents and settings\Gendy\Local Settings\Application Data\Downloaded Installations
2009-07-11 19:41 . 2009-07-11 19:41 -------- d-----w- c:\program files\Axon Data
2009-07-11 18:38 . 2008-04-10 10:08 71184 ----a-r- c:\windows\system32\drivers\DefragFS.sy­s
2009-07-11 18:38 . 2009-07-11 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Raxco
2009-07-11 11:55 . 2007-08-01 21:47 102664 ----a-w- c:\windows\system32\drivers\tmcomm.sys­
2009-07-11 08:14 . 2009-07-11 08:14 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-07-11 08:14 . 2008-12-11 11:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-07-11 08:13 . 2009-07-11 08:13 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-07-10 21:54 . 2009-07-11 21:05 -------- d-----w- c:\windows\system32\oodag
2009-07-09 20:55 . 2009-07-09 20:55 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\O&O
2009-06-26 12:52 . 2009-06-26 12:52 -------- d-----w- c:\documents and settings\Gendy\Application Data\NCH Software
2009-06-26 12:49 . 2009-06-26 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-06-26 12:49 . 2009-06-26 19:56 -------- d-----w- c:\program files\NCH Software
2009-06-26 12:49 . 2009-06-26 12:49 -------- d-----w- c:\documents and settings\Gendy\Application Data\NCH Swift Sound
2009-06-26 12:44 . 2009-06-24 19:02 299008 ----a-w- c:\windows\system32\TubeFinder.exe
2009-06-26 12:44 . 2009-06-19 17:51 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2009-06-24 19:52 . 2009-06-26 11:54 190848 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-06-24 19:25 . 2009-06-24 19:25 8854 ----a-r- c:\documents and settings\Gendy\Application Data\Microsoft\Installer\{D374F8CD-E0F3-4810-A48F-3C96E86AF6B4}\UNINST_Uninstall_C_A37A26D584444862933B478371D0299D.exe
2009-06-24 19:25 . 2009-06-24 19:25 53248 ----a-r- c:\documents and settings\Gendy\Application Data\Microsoft\Installer\{D374F8CD-E0F3-4810-A48F-3C96E86AF6B4}\NewShortcut11_A37A26D584444862933B478371D0299D.exe
2009-06-24 19:25 . 2009-06-24 19:25 53248 ----a-r- c:\documents and settings\Gendy\Application Data\Microsoft\Installer\{D374F8CD-E0F3-4810-A48F-3C96E86AF6B4}\NewShortcut1_A37A26D584444862933B478371D0299D.exe
2009-06-24 19:25 . 2009-06-24 19:25 10134 ----a-r- c:\documents and settings\Gendy\Application Data\Microsoft\Installer\{D374F8CD-E0F3-4810-A48F-3C96E86AF6B4}\ARPPRODUCTICON.exe
2009-06-24 19:24 . 2009-06-24 19:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Micro Application

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-17 13:44 . 2008-12-13 22:08 -------- d-----w- c:\documents and settings\Gendy\Application Data\Desktop Sidebar
2009-07-17 13:41 . 2008-12-24 14:50 -------- d-----w- c:\documents and settings\Gendy\Application Data\MailWasherPro
2009-07-17 13:40 . 2009-06-04 17:37 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-17 04:44 . 2009-01-19 18:34 81984 ----a-w- c:\windows\system32\bdod.bin
2009-07-16 19:37 . 2009-01-03 22:14 -------- d-----w- c:\documents and settings\Gendy\Application Data\GrabIt
2009-07-15 20:05 . 2009-06-04 17:00 -------- d-----w- c:\documents and settings\Gendy\Application Data\.oit
2009-07-15 16:44 . 2008-12-24 16:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-15 16:36 . 2008-12-13 21:20 2035 ----a-w- c:\documents and settings\Gendy\Application Data\SAS7_000.DAT
2009-07-14 12:14 . 2008-12-13 23:19 -------- d-----w- c:\documents and settings\Gendy\Application Data\Azureus
2009-07-14 11:20 . 2009-02-08 12:56 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2009-07-11 08:14 . 2009-01-12 21:04 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-07-10 21:26 . 2008-12-13 13:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-10 18:57 . 2008-12-29 17:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-10 12:59 . 2008-12-13 13:38 65536 ----a-w- c:\windows\DUMP856c.tmp
2009-07-09 19:59 . 2009-05-14 19:24 -------- d-----w- c:\program files\ma-config.com
2009-07-09 19:59 . 2008-12-13 17:31 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-07-04 20:06 . 2009-02-22 11:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-07-04 19:26 . 2009-02-22 11:01 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-07-02 12:14 . 2009-05-21 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-06-26 12:01 . 2003-04-24 12:00 82256 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-26 12:01 . 2003-04-24 12:00 504788 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-16 17:31 . 2008-12-13 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-06-16 17:31 . 2008-12-13 19:42 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2009-06-16 14:40 . 2003-04-24 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2003-04-24 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-09 18:50 . 2009-06-09 18:50 59256 ---ha-w- c:\windows\system32\mlfcache.dat
2009-06-09 18:23 . 2009-02-22 11:05 -------- d-----w- c:\documents and settings\Gendy\Application Data\Nero
2009-06-09 17:52 . 2008-12-29 01:33 -------- d-----w- c:\program files\Google
2009-06-08 18:26 . 2008-12-17 23:06 -------- d-----w- c:\documents and settings\Gendy\Application Data\COWON
2009-06-08 18:26 . 2009-06-08 18:25 -------- d-----w- c:\program files\Fichiers communs\COWON
2009-06-04 18:45 . 2008-12-13 13:15 81784 ----a-w- c:\documents and settings\Gendy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-04 18:45 . 2009-06-04 17:08 8224 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-04 18:29 . 2009-06-04 18:29 -------- d-----w- c:\documents and settings\Gendy\Application Data\FLEXnet
2009-06-04 17:46 . 2008-12-14 00:45 -------- d-----w- c:\documents and settings\Gendy\Application Data\ScanSoft
2009-06-04 17:38 . 2008-12-13 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Nuance
2009-06-04 17:37 . 2009-06-04 17:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision
2009-06-04 17:37 . 2008-12-13 19:44 -------- d-----w- c:\documents and settings\Gendy\Application Data\Nuance
2009-06-04 17:35 . 2009-06-04 17:35 -------- d-----w- c:\program files\Nuance
2009-06-04 17:35 . 2008-12-13 16:26 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-06-04 17:28 . 2008-12-14 00:44 -------- d-----w- c:\program files\ScanSoft
2009-06-04 17:07 . 2009-02-18 20:50 8224 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-06-03 19:10 . 2003-04-24 12:00 1297408 ----a-w- c:\windows\system32\quartz.dll
2009-06-01 21:49 . 2009-06-01 21:49 -------- d-----w- c:\program files\Garmin GPS Plugin
2009-05-31 08:55 . 2009-05-31 08:51 -------- d-----w- c:\documents and settings\Gendy\Application Data\U3
2009-05-25 18:32 . 2009-03-17 20:19 1801 ----a-w- c:\documents and settings\All Users\Application Data\xml12D.tmp
2009-05-25 18:32 . 2009-03-17 20:19 13432 ----a-w- c:\documents and settings\All Users\Application Data\xml12B.tmp
2009-05-22 09:32 . 2008-12-13 17:53 1 ----a-w- c:\documents and settings\Gendy\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-05-20 18:59 . 2008-12-24 16:19 -------- d-----w- c:\program files\Microsoft Works
2009-05-15 06:02 . 2009-05-15 06:02 2373416 ----a-w- c:\documents and settings\All Users\Application Data\Nero\Nero\DrWeb\DrWeb32.dll
2009-05-14 13:20 . 2009-05-14 18:48 2645832 ----a-w- c:\documents and settings\Gendy\Application Data\Mozilla\Firefox\Profiles\rr8glrr7.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\maconfsetup.exe
2009-05-07 15:33 . 2003-04-24 12:00 348672 ----a-w- c:\windows\system32\localspl.dll
2009-05-06 20:14 . 2009-02-08 12:58 49152 ----a-r- c:\documents and settings\Gendy\Application Data\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
2009-05-06 20:13 . 2009-02-08 12:58 335872 ----a-r- c:\documents and settings\Gendy\Application Data\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
2009-05-03 17:15 . 2009-05-03 17:15 165376 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-05-03 17:14 . 2009-05-03 17:14 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-04-29 04:45 . 2003-04-24 12:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:45 . 2008-12-13 13:12 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-21 20:21 . 2009-04-21 20:21 8673792 ----a-w- c:\documents and settings\All Users\Application Data\atscie.msi
2009-04-19 19:50 . 2003-04-24 12:00 1847296 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SIDEBAR"="d:\utilitaires\vista\Sidebar\dsidebar.exe" [2006-07-09 1777664]
"msnmsgr"="c:\progra~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2007-10-18 5724184]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"RocketDock"="d:\utilitaires\vista\RocketDock\RocketDock.exe" [2007-09-02 495616]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
"PPScheduler"="d:\bureau\PaperPort\PPScheduler.exe" [2008-05-09 98304]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2009\MemOptimizer.exe" [2008-12-12 156416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"MultiScreen"="c:\program files\MagicTune Premium\Multiscreen\MultiScreen.exe" [2008-02-22 114688]
"TrueImageMonitor.exe"="d:\securite\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-07 2620336]
"AcronisTimounterMonitor"="d:\securite\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-07 904880]
"Acronis Scheduler2 Service"="c:\program files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-10-07 140568]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-29 196608]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2008-08-21 267296]
"Nikon Transfer Monitor"="c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe" [2008-12-16 479232]
"SunJavaUpdateSched"="d:\internet\JAVA\JRE6\bin\jusched.exe" [2009-03-09 148888]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-04-16 778240]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-04-16 69632]
"PaperPort PTD"="d:\bureau\PaperPort\pptd40nt.exe" [2008-05-10 29984]
"IndexSearch"="d:\bureau\PaperPort\IndexSearch.exe" [2008-05-10 46368]
"PDFHook"="d:\bureau\PDF Create 5\pdfcreate5hook.exe" [2009-04-10 1277952]
"PDF5 Registry Controller"="d:\bureau\PDF Create 5\RegistryController.exe" [2008-12-13 58656]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2009-02-25 2553088]
"Dit"="Dit.exe" - c:\windows\Dit.exe [2002-08-28 73728]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-07-28 323584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Gendy\Menu D‚marrer\Programmes\D‚marrage\
Dragon NaturallySpeaking.lnk - d:\bureau\NaturallySpeaking9\Program\natspeak.exe [2007-5-14 2524776]
MailWasherPro.lnk - d:\internet\MailWasher Pro\MailWasher.exe [2008-10-14 18202840]
RocketDock.lnk - d:\utilitaires\vista\Vista Inspirat 2\RocketDock\RocketDock.exe [2008-12-14 630784]
TransBar.lnk - d:\utilitaires\vista\Vista Inspirat 2\TransBar\TransBar.exe [2008-12-14 65536]

c:\documents and settings\Gendy\Menu D‚marrer\Programmes\D‚marrage\
Dragon NaturallySpeaking.lnk - d:\bureau\NaturallySpeaking9\Program\natspeak.exe [2007-5-14 2524776]
MailWasherPro.lnk - d:\internet\MailWasher Pro\MailWasher.exe [2008-10-14 18202840]
RocketDock.lnk - d:\utilitaires\vista\Vista Inspirat 2\RocketDock\RocketDock.exe [2008-12-14 630784]
TransBar.lnk - d:\utilitaires\vista\Vista Inspirat 2\TransBar\TransBar.exe [2008-12-14 65536]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
e-Carte Bleue LCL.lnk - d:\securite\Ecarte\ecbl-lcl.exe [2008-12-27 278528]
GammaTray.lnk - c:\program files\MagicTune Premium\GammaTray.exe [2009-2-1 36864]
PyGrenouille.lnk - d:\internet\PyGrenouille\pygrenouille.exe [2009-1-4 83968]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="d:\bureau\Adobe\Acrobat\Acrobat_sl.exe"
"DNS7reminder"="d:\bureau\NaturallySpeaking9\Ereg\Ereg.exe" -r "c:\documents and settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
"Acrobat Assistant 8.0"="d:\bureau\Adobe\Acrobat\Acrotray.exe"
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"SerialNumber"="A109A-K13-3ZXD-BAP5-TE"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Bureau\\Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\MagicTune Premium\\MagicTune.exe"=
"d:\\Multimedia\\HomePlayer\\HomePlayer.exe"=
"d:\\Multimedia\\HomePlayer\\VLC\\vlc.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP2\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 Arrakis3;BitDefender Arrakis Server;c:\program files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [17/07/2008 13:06 118784]
R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [04/09/2008 17:33 82696]
R2 PD91Agent;PD91Agent;d:\securite\Raxco\PD91Agent.exe [22/04/2008 12:21 689416]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [11/07/2009 10:14 603904]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [18/09/2008 12:09 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [17/10/2008 15:01 104328]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [13/12/2008 14:55 24704]
S2 a2freeAcrSch2Svc;a-squared Free Service a2freeAcrSch2Svc;c:\windows\TEMP\wmxufybwtx.exe service --> c:\windows\TEMP\wmxufybwtx.exe service [?]
S2 gupdate1c99408aa0950da;Google Update Service (gupdate1c99408aa0950da);c:\program files\Google\Update\GoogleUpdate.exe [21/02/2009 11:42 133104]
S2 ppcdufbqhkp;ppcdufbqhkp;\??\c:\windows\system32\drivers\lyctogy.sys --> c:\windows\system32\drivers\lyctogy.sys [?]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [13/12/2008 22:45 223232]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [07/02/2009 16:56 13224]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864]
S3 PD91Engine;PD91Engine;d:\securite\Raxco\PD91Engine.exe [22/04/2008 12:21 894216]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe [17/03/2009 22:16 98488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 09:41]

2009-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 09:41]

2008-12-13 c:\windows\Tasks\LifeChatTask.job
- c:\program files\Microsoft LifeChat\LifeChat.exe [2008-08-21 10:16]

2009-07-17 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 13:04]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl


.
------- Supplementary Scan -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter au fichier PDF existant - d:\bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - d:\bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Ajouter le contenu du lien à un fichier PDF existant - d:\bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Barre RoboForm - file://i:\roboform\RoboFormComShowToolbar.html
IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Créer des fichiers PDF à partir des liens sélectionnés - d:\bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Créer fichier PDF - d:\bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Créer un fichier PDF depuis le contenu du lien - d:\bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: E&xporter vers Microsoft Excel - d:\bureau\OFFICE\Office12\EXCEL.EXE/3000
IE: Enregistrer le formulaire - file://i:\roboform\RoboFormComSavePass.html
IE: Personnaliser le menu - file://i:\roboform\RoboFormComCustomizeIEMenu.html
IE: Remplir le formulaire - file://i:\roboform\RoboFormComFillForms.html
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Gendy\Application Data\Mozilla\Firefox\Profiles\rr8glrr7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://voila.fr/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - component: d:\internet\FIREFOX\components\FFComm.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: d:\bureau\Adobe\Acrobat\browser\nppdf32.dll
FF - plugin: d:\bureau\ADOBE\ACROBAT\browser\nppdf32.dll
FF - plugin: d:\internet\Firefox\plugins\np-mswmp.dll
FF - plugin: d:\internet\Firefox\plugins\npornap.dll
FF - plugin: d:\internet\JAVA\JRE6\bin\new_plugin\npdeploytk.dll
FF - plugin: d:\internet\JAVA\JRE6\bin\new_plugin\npjp2.dll
FF - plugin: d:\photos\Picasa3\npPicasa3.dll
FF - plugin: d:\utilitaires\ma-config.com\nphardwaredetection.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
d:\internet\FIREFOX\greprefs\all.js - pref("media.enforce_same_site_origin", false);
d:\internet\FIREFOX\greprefs\all.js - pref("media.cache_size", 51200);
d:\internet\FIREFOX\greprefs\all.js - pref("media.ogg.enabled", true);
d:\internet\FIREFOX\greprefs\all.js - pref("media.wave.enabled", true);
d:\internet\FIREFOX\greprefs\all.js - pref("media.autoplay.enabled", true);
d:\internet\FIREFOX\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
d:\internet\FIREFOX\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
d:\internet\FIREFOX\greprefs\all.js - pref("dom.storage.default_quota", 5120);
d:\internet\FIREFOX\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
d:\internet\FIREFOX\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
d:\internet\FIREFOX\greprefs\all.js - pref("layout.css.dpi", -1);
d:\internet\FIREFOX\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
d:\internet\FIREFOX\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
d:\internet\FIREFOX\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
d:\internet\FIREFOX\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
d:\internet\FIREFOX\greprefs\all.js - pref("geo.enabled", true);
d:\internet\FIREFOX\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
d:\internet\FIREFOX\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
d:\internet\FIREFOX\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
d:\internet\FIREFOX\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-17 15:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="86C71B16550F2A3E4FF8D3360C4BE95371DE0247C6FE0E721AC727880BDBAEBCAF35B9A2ADFAC7F83120562261A6CA59F553B78799390746B1D006DA38905DCB4D4571DB9285BF02921221363BFE1017A2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98089DB7CE019D40AA5CA2D97226D213B55556459A40F735E8056549DF2C61C8B8965E59BDE99419938C1E087C201D74B63B94B94070EC08165CD1104445EBB1DF8915A4A8F013A58F85F59BC7A19EE094CF9CF8A21E4C72F91484CF5E5CA40D365F5642CAD861E97125CEC67C4FD57EF21FB1CCFD3670830BEF53A2019348C5991D2C35AF19BBCD1F59821C83951E52E31BA176B1B8F87B20859A95A6A0D6FB4B20A1F90BB924EF6463ED24E5F29C96D80A392AC2B8CA52F63FBA286ACB9502F018477E335CDE1F6DD5F358547BB4B82904CB0F57E00AB3AFDD97510F730B60148834A3A03076E04D9BF9A7A0D592D912F7AFC0BD6BA4FACD7297F8F808845122C9FEBF71FC37EBFAF0E7F641BDA34F31284051E22948BD3964A77C300F11C6EB06449CE89B32AE51E5AC9B528219A30BA95B435D7DE7C0C06D362CE12206E1A63E26786CFC3D498DDF3A6012076B9486E5648EE3633B00929E384EDFED7AFAECC647060421708F539786066343D1916E1C412051643EA7C458241C1E344B9E3B46D1EB6020A98A271A893D4DC04CC2735CDC57A7A12E9D4FD2764036CA180B73B97241D12289777547C22FFAA09D7F288DA5080A500FF40D98AE5EE51947B3DAEED8174EE675450C55B2763A964BD583690FF9BFB7A97ABF88500A8B9EFC419A8BBA6D70BF97991CCBDFA180671D88E2FB8FEA353485AB8B55634C2D6A288EBF86CF3C7594DB4CBD0853336170250C832A2109F9B6F5BBF9847223742478AABC2CD56C3FDDF36BEABA9AA29921330A892743F942C20B1175720EFE2E03E159661C8C5BD3AA54B5816747DB88FADE60FCFD7754E5F01DC5CFCEC9C44A569C13F5C8B85B5D1D37A044696F3DAF160020480CC5A4E0ED47283C193DCDDE7D2582097CA2B3A9EB98D3596B2D19B79E370FBB8337EAD378E83CD42B84E6A3ED3B0821D0981DABE0BAAC4B6F1DB7E853E4278AE8DB1B0167A4B693AE3E5176B2E135A4B6E8C5F6DAA1BB89C9E153B4863015CA18C59DD0A0E103DBA18E4257E764545AF06AD0474B97C56423211BAD2082BAF9BC8CCDD0A1CB40EFD71EE16C3E4B5E711973537939A9C113F703B2881D0B2E76D9C8FC2EFA51BF79F716CDFD7BE984FA986357903D28DDB11A362FA20ABB3883451BEDBF50A58883FCA997787951A96D32195BB088A8FABB2D6C9EF90BC956C8A725D87BD8C0D47F3488C36D255C65A076F8D0265B842B96AADBFCB1D82FB951"
"OODEFRAG08.00.00.01WORKSTATION"="9EC1DC4D16074264553C55787BC2EDCF8CD26A8361257A30F0C879EA31E76A72DF1D40CEF22B954FE12679A831E46C8E63CDC596A05806CED6CB61AD9D9FFE6B8FFBB060F8472FE6FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D14078EDD5E5BE2F6E667A6171C11EC38DE3DBB9C1FBC7A35C72EB953A23C6ED29F5DC0D9AF377A98714ADA55B7D5AEB909F555DCD0210B66C183AC59BE68CBE937253EDCCD390755441B499CF5E195B958C14970598D55F10F33986307E5B1FB2CEEE2DA1A4D00E6D1A2EB459AA1ADC995ECA15FBC963CD163458203E51A8DDA27E5D30F83C98116D44A21D2B8FB5FCD34411718D4D415A50207A1B095ED44FCE1F5E218CB091CD51D43FB2EB7DC87CDB7D19B6CCA65A92DC58A62C32A4F2B7E2CD11C7B886A53B791FEC2A2D1B3F7F7B86FD0102068B8D09FA465FC85308D1EE9703C1FA2509EF5A8B570611674F31D67B58F1EA78374988E6E807EE107AB3E118C354F5A216AEA6E62B27EE596B73283FE63148ADD81B2AB45BA4DCACB36E5AEA2AB3ABE48979583C3EB72F895EC4FE16A0B524325FBEF1FCAD055237D574060F5797537B47A1C9CDD3399DA72B632EB5EF91EA18970C827E233E41E9C279BD90CABF5FC57D8C502F553B4E9AEA9BB1F02D722C940E05597B608ADC530B6EA63AF05181E27F07D8E994AE758D3CDEF8D4181EA3301435456B4A64575C108C6D6EE7A1B7B9F71D335164B3C2DEBA1785A4C06E9AA898227DC0D9A285D5D12E7259BB423CB407E7CF77F3B1DC28795A2C197A6744F19FBD3B93526B30595C0ADCFCA13B6988931CF6F2CB6DB493A0EDD8E5BDD4415F503858FE6BC2AC300F11CEED926424004944A49B98BAB429BE4BF2314D57642E8DA87949D083245B779D82E63B293F3B9A98943833BA685486782F4806E8C74BC404D129C62D68BD79E30CC4C33DF39B76253B42F7DC63CDD55810DA5B9EB1B43E06DE7E75E05EA049B8F9D3855BDE9932A8F83A33CEE660165BD87CB815EF9D05D200848C08F0CE19F0A071479A8346259C82D8B17E257D93FDC177FC091A7BE4C45F74B802D6D99CE57068BB67F99BEC2B042D65F4AB41400A70110A5151268B75C5142CA795DD83E522991D405EFC6A799E5389BB1785FB98A1E1294E077309D8DC4C2007081D27A79935D53E2609EC37C5026870AF3EC70965C5DA64BEBF9F0A0922535F653BC81EF7C68E123EA6BBF75CEDB8F2747781D803B8E241557AD9706920732519FCF47FB30EF67B65E59BDC34259D7C1EABA2DA1D2860FDC74B7E9CDAD4AF32B86C9B2898C777CED621550C91DE1B776A9F382F6C9679A2AD50B37AE61122B137CEB1F268545EE827053819267FBB7C4A16970A05E1B2D655C99C102C248"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(372)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(5820)
c:\windows\system32\SHDOCVW.dll
d:\utilitaires\vista\RocketDock\RocketDock.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\eappprxy.dll
d:\securite\SPYBOT~1\SDHelper.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
c:\program files\BitDefender\BitDefender 2009\vsserv.exe
d:\securite\a-squared Free\a2service.exe
c:\program files\Fichiers communs\Acronis\Schedule2\schedul2.exe
d:\internet\Java\JRE6\bin\jqs.exe
c:\program files\MagicTune Premium\MagicTuneEngine.exe
d:\utilitaires\Gravure\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\oodag.exe
c:\program files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\DitExp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\rundll32.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
c:\program files\BitDefender\BitDefender 2009\seccenter.exe
d:\internet\Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2009-07-17 15:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-17 13:51

Pre-Run: 30 814 126 080 octets libres
Post-Run: 30 717 865 984 octets libres

385 --- E O F --- 2009-07-15 16:45

En tout cas, le problème n'est peut être pas encore completement regle, mais je constate de sacre reprise de mes programmes, Partition magic refonctionne, en tout cas dejà pour les ameliorations constaté un grand merci.

Relance genproc, poste le rapport

Rapport GenProc 2.604 [4] - 17/07/2009 à 16:54:25
@ Windows XP Service Pack 3 - Mode normal
@ Internet Explorer (7.0.5730.13) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


Poste un rapport Nod32 http://www.eset-nod32.fr/scanner.html (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
- C:\Program Files\EsetOnlineScanner\log.txt




~~~~ INFORMATION COMPLEMENTAIRE ~~~~


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:20, on 17/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Securite\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
C:\WINDOWS\System32\svchost.exe
D:\INTERNET\JAVA\JRE6\bin\jqs.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
D:\Utilitaires\Gravure\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
D:\Securite\Raxco\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Dit.exe
D:\Securite\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
D:\Securite\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\WINDOWS\DitExp.exe
D:\INTERNET\JAVA\JRE6\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\System32\TUProgSt.exe
D:\Bureau\PaperPort\pptd40nt.exe
D:\Bureau\PDF Create 5\pdfcreate5hook.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\Utilitaires\vista\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
D:\Internet\PyGrenouille\pygrenouille.exe
D:\Internet\MailWasher Pro\MailWasher.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
D:\Internet\Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\GenProc\outil\Gendy_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - D:\Utilitaires\vista\Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Securite\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\INTERNET\JAVA\JRE6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\INTERNET\JAVA\JRE6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand2526.dll
O3 - Toolbar: (no name) - {724d43a0-0d85-11d4-9908-00400523e39a} - (no file)
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MultiScreen] C:\Program Files\MagicTune Premium\Multiscreen\MultiScreen.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] D:\Securite\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] D:\Securite\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\INTERNET\JAVA\JRE6\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "D:\Bureau\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "D:\Bureau\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PDFHook] D:\Bureau\PDF Create 5\pdfcreate5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] D:\Bureau\PDF Create 5\RegistryController.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [SIDEBAR] "D:\Utilitaires\vista\Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [RocketDock] "D:\Utilitaires\vista\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PPScheduler] D:\Bureau\PaperPort\PPScheduler.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dragon NaturallySpeaking.lnk = D:\Bureau\NaturallySpeaking9\Program\natspeak.exe
O4 - Startup: MailWasherPro.lnk = D:\Internet\MailWasher Pro\MailWasher.exe
O4 - Startup: RocketDock.lnk = D:\Utilitaires\vista\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = D:\Utilitaires\vista\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Global Startup: e-Carte Bleue LCL.lnk = D:\Securite\Ecarte\ecbl-lcl.exe
O4 - Global Startup: GammaTray.lnk = ?
O4 - Global Startup: PyGrenouille.lnk = D:\Internet\PyGrenouille\pygrenouille.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Barre RoboForm - file://I:\RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Créer fichier PDF - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien - res://D:\Bureau\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\BUREAU\OFFICE\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://I:\RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://I:\RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://I:\RoboForm\RoboFormComFillForms.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Utilitaires\vista\Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Utilitaires\vista\Sidebar\sbhelp.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\BUREAU\OFFICE\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Securite\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Securite\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - D:\Bureau\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - D:\Bureau\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - D:\Bureau\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - D:\Securite\a-squared Free\a2service.exe
O23 - Service: a-squared Free Service a2freeAcrSch2Svc (a2freeAcrSch2Svc) - Unknown owner - C:\WINDOWS\TEMP\wmxufybwtx.exe (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c99408aa0950da) (gupdate1c99408aa0950da) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\INTERNET\JAVA\JRE6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Utilitaires\Gravure\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - D:\Securite\Raxco\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - D:\Securite\Raxco\PD91Engine.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
End of file - 16873 bytes

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 16:57:31 ~~




Desole pour le delais et je vais devoir aller prendre mon travail pour le week end. Si cela ne te fait rien je réessaye dimanche soir à mon retour du boulot.

En tout cas merci pour ton aide jusqu'a present et desole de ne pouvoir continuer pour le moment.

Poste un rapport Nod32 http://www.eset-nod32.fr/scanner.html (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
- C:\Program Files\EsetOnlineScanner\log.txt

Bonjour

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=1
# version=6
# iexplore.exe=7.00.6000.16850 (vista_gdr.090423-0018)
# OnlineScanner.ocx=1.0.0.5886
# api_version=3.0.2
# EOSSerial=d8f0acbafb1de541a098c792a62b4b9a
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-07-19 09:04:42
# local_time=2009-07-19 11:04:42 (+0100, Paris, Madrid (heure d'été))
# country="France"
# lang=1036
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=2053 21 100 100 103016093750
# scanned=14221
# found=0
# cleaned=0
# scan_time=9372
esets_scanner_update returned -1 esets_gle=53251
# version=6
# iexplore.exe=7.00.6000.16850 (vista_gdr.090423-0018)
# OnlineScanner.ocx=1.0.0.5886
# api_version=3.0.2
# EOSSerial=d8f0acbafb1de541a098c792a62b4b9a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-07-20 06:11:57
# local_time=2009-07-20 08:11:57 (+0100, Paris, Madrid (heure d'été))
# country="France"
# lang=1036
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=2053 21 100 100 332496406250
# scanned=99263
# found=1
# cleaned=1
# scan_time=32763
C:\Documents and Settings\Gendy\Mes documents\GrabIt Downloads\alt.binaries.boneless\nero\Nero 9.4.13.2\Nero-9.4.13.2_trial.exe Win32/Toolbar.AskSBar application (supprimé - mis en quarantaine) 00000000000000000000000000000000 C

* Pour terminer, utilise ToolsCleaner! (de A.Rothstein et Dj Quiou) http://pc-system.fr/TC/ToolsCleaner2.exe pour nettoyer les utilitaires téléchargés,
* Désactive la restauration système, redémarre l'ordinateur, puis réactive-la, en procédant comme indiqué ici http://service1.symantec.com/...

* Lance le nettoyage avec CCleaner

* Visite régulièrement le site http://windowsupdate.microsoft.com afin d'avoir un système toujours actualisé.
* Utilise hebdomadairement ce petit programme http://alt-shift-return.org/Info/Update_Checker.html pour effectuer tes mises à jour logicielles.
* N'installe jamais un programme sans avoir entièrement lu et compris les termes de son contrat d'utilisation, ou sans être définitivement certain qu'il n'installe pas discrètement un logiciel publicitaire (renseigne-toi sur Google ou sur les forums)
* Préfère l'utilisation de logiciels libres http://fr.wikipedia.org/wiki/Logiciel_libre : ils sont transparents et plus sécurisés, à l'inverse des logiciels propriétaires http://fr.wikipedia.org/wiki/Logiciel_propri%C3%A9taire ; Firefox, Thunderbird, OpenOffice, VLC... en font partie.

* A ce moment là, tu pourras marquer ton sujet "résolu" si tu estimes que c'est le cas

* Note importante : il est fortement conseillé d'utiliser un compte limité pour une utilisation classique d'un ordinateur afin de minimiser très siginificativement les risques d'infection.
Mode d'emploi : http://www.microsoft.com/...

à+

Un grand merci Narco!4, j'ai re scanner mon pc et tout semble rentrer dans l'ordre.