Se connecter / S'enregistrer
Votre question

Pubs intempestives +pc lent

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Mai 2010 19:46:47

bonjour,
J'ai des fenêtres qui s'ouvrent lorsque je navigue , et cela ralentit considérablement mon pc. Pouvez vous me venir en aide.
Voici un rapport hijackthis.
Merci.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:41:57, on 26/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Documents and Settings\All Users\Application Data\BarDiscover\bardiscover125.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\System32\regsvr32.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\program files\repAd\repAd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\Program Files\Orange HSS\Launcher\Launcher.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\OfferBox\OfferBox.exe
C:\Program Files\Hotbar\bin\11.0.175.0\Weather.exe
C:\Program Files\BarDiscover\bardiscover.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Orange HSS\systray\systrayapp.exe
C:\Program Files\Orange HSS\Deskboard\deskboard.exe
C:\Program Files\Orange HSS\connectivity\connectivitymanager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\nobre\Mes documents\Téléchargements\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: lightspeedincome - {74294ac3-ea83-6b24-8080-a2682a3192c8} - C:\WINDOWS\system32\9600c45e.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll (file missing)
O2 - BHO: revenuebuster browser enhancer - {9E855962-E5F8-5526-C644-763780E1B6A6} - C:\WINDOWS\system32\gsosjbltblajum.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll (file missing)
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\programmes\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [wzhdsvqtgugs] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\gsosjbltblajum.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Orange HSS\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [repAd] C:\program files\repAd\repAd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SaveDefense] C:\Program Files\SaveDefense Software\SaveDefense\SaveDefense.exe -min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [OfferBox] C:\Program Files\OfferBox\OfferBox.exe
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.175.0\Weather.exe" -auto
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sourc...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{046F2DBC-6A6D-45F3-9FB6-040AD10A309A}: NameServer = 85.255.112.110,85.255.112.229
O17 - HKLM\System\CCS\Services\Tcpip\..\{922614CA-BA43-490E-8FA4-24C34B48CE16}: NameServer = 85.255.112.110,85.255.112.229
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4C43AA3-6AA2-40BD-9922-FB4B5C78E907}: NameServer = 81.253.149.1 80.10.246.132
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.110,85.255.112.229
O17 - HKLM\System\CS2\Services\Tcpip\..\{046F2DBC-6A6D-45F3-9FB6-040AD10A309A}: NameServer = 85.255.112.110,85.255.112.229
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.110,85.255.112.229
O17 - HKLM\System\CS3\Services\Tcpip\..\{046F2DBC-6A6D-45F3-9FB6-040AD10A309A}: NameServer = 85.255.112.110,85.255.112.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.110,85.255.112.229
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BarDiscover Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\BarDiscover\bardiscover125.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: Windows MSI - Unknown owner - \\?\globalrootC:\WINDOWS\system32\msihost.exe (file missing)

--
End of file - 17283 bytes

Autres pages sur : pubs intempestives lent

a c 295 8 Sécurité
a b , Internet Explorer
26 Mai 2010 20:07:24

Bonjour,

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    26 Mai 2010 22:01:24

    Salut,
    merci pour ta réponse , voici le rapport :

    ComboFix 10-05-26.01 - nobre 26/05/2010 20:30:13.1.2 - x86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1022.651 [GMT 2:00]
    Lancé depuis: c:\documents and settings\nobre\Mes documents\Téléchargements\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    c:\documents and settings\All Users\Application Data\HotbarSA
    c:\documents and settings\All Users\Application Data\HotbarSA\HotbarSA.dat
    c:\documents and settings\All Users\Application Data\HotbarSA\HotbarSA_hpk.dat
    c:\documents and settings\All Users\Application Data\HotbarSA\HotbarSA_kyf.dat
    c:\documents and settings\All Users\Application Data\HotbarSA\HotbarSAAbout.mht
    c:\documents and settings\All Users\Application Data\HotbarSA\HotbarSAau.dat
    c:\documents and settings\All Users\Application Data\HotbarSA\HotbarSAEULA.mht
    c:\documents and settings\nobre\Application Data\Hotbar
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\dynamic\1.sdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\dynamic\domains.txt
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\dynamic\ustat\39a2.dat
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\ads.cdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\btntrans.idx
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\btntrans1.dat
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\business_promo.htm
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\buttondir.txt
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\components.cdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\cursors.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_1000.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_2000.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_3000.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_bar.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_bbar1.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_logos.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_other.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_weather.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\default.cdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_511745-514279.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz1.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz10.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz11.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz12.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz13.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz14.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz15.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz16.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz17.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz18.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz19.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz2.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz20.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz3.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz4.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz5.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz6.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz7.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz8.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz9.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_categorize.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_comparison.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_em_PROFL_CA_flow_b_IEB.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_explorer-Mails.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_explorer-people.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_favorites.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Games.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Hide.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_hotbarcom.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Hotmail.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_hsskin.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jemster.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jemsterie.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jemsteruk.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jobsearch.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Mails.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_new.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_premium.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_reun.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_ringtones.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_SearchBoxTrapper.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_searchfor.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_searchgo.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_weather.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_yellowpages.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\editblbuttons.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\email-def-511724-548964.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\email-def-511724-9595.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\email-t1-bg.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\gamesmenu.cdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\gamesMenu.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\hb_ie_menu.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\hotbar-premium-hotbar-premium.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\hotbar-premium.cdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\hotbar_promo.htm
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\icons2.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\ie_games_icon.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\ie_video.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\keywords.idx
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\keywords1.dat
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\layout.cdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\linkpathlegal.txt
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\more.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\new_games.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\progress.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\s_icons_buttons.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\sales_buttons.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\sdfmodifier.xml
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\t2_bg.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\theweb.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\top7.cdf
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\Top7_theweb.mnu
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\tsd_bg.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\1\weathericon.res
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ads.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans1.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\business_promo.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\buttondir.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\cursors.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_1000.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_2000.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_3000.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bar.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_logos.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_other.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_weather.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\default.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\editblbuttons.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\email-t1-bg.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\gamesmenu.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hb_ie_menu.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar-premium.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar_promo.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\icons2.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ie_games_icon.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ie_video.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\keywords.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\keywords1.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\layout.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\linkpathlegal.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\more.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\progress.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\s_icons_buttons.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\sales_buttons.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.txt
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\sdfmodifier.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\t2_bg.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\top7.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\tsd_bg.xip
    c:\documents and settings\nobre\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\weathericon.xip
    c:\documents and settings\nobre\Application Data\Hotbar\Weather\history
    c:\documents and settings\nobre\Application Data\Hotbar\Weather\Weather_XML\General
    c:\documents and settings\nobre\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\Error
    c:\documents and settings\nobre\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\Loading
    c:\documents and settings\nobre\Application Data\Hotbar\Weather\WeatherDPA\WeatherPreferences
    c:\documents and settings\nobre\Application Data\Hotbar\Weather\WeatherStartup.xml
    c:\documents and settings\nobre\Application Data\WeatherDPA
    c:\program files\FunWebProducts
    c:\program files\FunWebProducts\ScreenSaver\Images\00466BC5.urr
    c:\program files\Hotbar
    c:\program files\Hotbar\bin\11.0.175.0\arrow.ico
    c:\program files\Hotbar\bin\11.0.175.0\CnTNtcntr.dll
    c:\program files\Hotbar\bin\11.0.175.0\copyright.txt
    c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions\chrome.manifest
    c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions\install.rdf
    c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions\plugins\npclntax_HotbarSA.dll
    c:\program files\Hotbar\bin\11.0.175.0\HoSTol.dll
    c:\program files\Hotbar\bin\11.0.175.0\HotbarSAAX.dll
    c:\program files\Hotbar\bin\11.0.175.0\HotbarSADF.exe
    c:\program files\Hotbar\bin\11.0.175.0\Srv.exe
    c:\program files\Hotbar\bin\11.0.175.0\ToOLbar.dll
    c:\program files\Hotbar\bin\11.0.175.0\Weather.exe
    c:\program files\Hotbar\bin\11.0.175.0\WeSkin.dll
    c:\program files\Internet Explorer\SET1117.tmp
    c:\program files\Internet Explorer\SET1B0B.tmp
    c:\program files\Internet Explorer\SET26D6.tmp
    c:\program files\Internet Explorer\SET54D.tmp
    c:\program files\MyWebSearch
    c:\program files\MyWebSearch\bar\History\search3
    c:\program files\MyWebSearch\bar\Settings\s_pid.dat
    c:\program files\MyWebSearch\bar\Settings\setting2.htm
    c:\program files\MyWebSearch\bar\Settings\setting2.htm.bak
    c:\program files\MyWebSearch\bar\Settings\settings.dat
    c:\program files\MyWebSearch\bar\Settings\settings.dat.bak
    c:\windows\1012zv5rus89.exe
    c:\windows\10525pamboz293.bin
    c:\windows\10577t9ojz56.ocx
    c:\windows\10d2z5r2699.bin
    c:\windows\11293wo5maz.cpl
    c:\windows\11520not-5-vizus926.cpl
    c:\windows\11525not-az9irus5f9.exe
    c:\windows\11691hac9t5ol52z.exe
    c:\windows\119945iruse1z.exe
    c:\windows\12443t5o9758z.exe
    c:\windows\12595spyz59.cpl
    c:\windows\12823vi95z4ed.dll
    c:\windows\12a7sp9rse58z3.bin
    c:\windows\13460vi5uz5a9.ocx
    c:\windows\13725noz5a-vi9us701.cpl
    c:\windows\138z0hack5ool26d9.bin
    c:\windows\1399troj5bz.exe
    c:\windows\14afback9o5r3z78.bin
    c:\windows\15385vi9usza2.exe
    c:\windows\15498troj494z.cpl
    c:\windows\15576s9ambzt527.exe
    c:\windows\157zthre9t25769.ocx
    c:\windows\1595zhacktool795.cpl
    c:\windows\15c6zh9ef5469.dll
    c:\windows\15cdspzwa9e1151.cpl
    c:\windows\16037sp5zbot2089.bin
    c:\windows\166945irusz26.dll
    c:\windows\167505zr9s5.dll
    c:\windows\16925spam5zt4e8.bin
    c:\windows\16z71not-a-9irus535.bin
    c:\windows\17572sp9z3d.exe
    c:\windows\1758b5ckd9oz2055.dll
    c:\windows\17829no5-azvirus2b99.ocx
    c:\windows\17z5py19d.bin
    c:\windows\18069woz9395.dll
    c:\windows\18295troj5z29.ocx
    c:\windows\18358ha9ztoolcf.dll
    c:\windows\18549spy5z5.exe
    c:\windows\18b5zir3971.ocx
    c:\windows\18z58v95us2c.cpl
    c:\windows\19055troj7z5.dll
    c:\windows\1909zspy453.dll
    c:\windows\190dbaczdoo52391.bin
    c:\windows\19505vi5uz755.ocx
    c:\windows\195abackdz9r3375.ocx
    c:\windows\19965spz955.cpl
    c:\windows\19z52spy63a.bin
    c:\windows\1a15addzare2859.exe
    c:\windows\1ae3spa9sez65.exe
    c:\windows\1bzd5hief29059.bin
    c:\windows\1cz9b5ckdoor1960.ocx
    c:\windows\1de8spar5e14z59.exe
    c:\windows\1z152worm5859.exe
    c:\windows\1z591spambot6a1.exe
    c:\windows\20049szam5ot984.cpl
    c:\windows\202485a9kzool144.exe
    c:\windows\20845hazkto9l7f5.cpl
    c:\windows\20z35spambot59e.exe
    c:\windows\20z79orm59f.bin
    c:\windows\215adownl5aderz291.cpl
    c:\windows\21985z9ware572.cpl
    c:\windows\21a3t9reaz26835.bin
    c:\windows\22472hac9tooz459.exe
    c:\windows\22588n5t-a-9iruzf6.bin
    c:\windows\228cdozn95ader2915.bin
    c:\windows\22996n9t-azvirus45f.cpl
    c:\windows\23278s5z299.exe
    c:\windows\23552zpy71b9.cpl
    c:\windows\2388sp9z54.cpl
    c:\windows\24093spamzot57f9.dll
    c:\windows\245099orm6fez.cpl
    c:\windows\24557viru9z54.exe
    c:\windows\245z4wo9ma2.ocx
    c:\windows\25209vzru9648.exe
    c:\windows\25247z5y1e9.cpl
    c:\windows\25317notza-virus2789.ocx
    c:\windows\25446h5ck9ozl551.dll
    c:\windows\2549vi91z98.cpl
    c:\windows\2560zsp5m9ot39d.cpl
    c:\windows\25699sp5zbot4db.cpl
    c:\windows\25704w9rmzd65.ocx
    c:\windows\25759hazkt5olb3.ocx
    c:\windows\25805ddwzre1199.exe
    c:\windows\258159ot-a-v5rusza5.bin
    c:\windows\26159virus413z.cpl
    c:\windows\265395ot-a-virus568z.exe
    c:\windows\265dbackdoo926z3.exe
    c:\windows\27055wzr9508.cpl
    c:\windows\27765szy903.dll
    c:\windows\28329spaz5ot962.cpl
    c:\windows\285asz9rse1559.cpl
    c:\windows\2902bacz5oor994.bin
    c:\windows\291astzal18555.cpl
    c:\windows\29450troj55z.bin
    c:\windows\29514hac5tool7z9.dll
    c:\windows\296addw5re290z.ocx
    c:\windows\29759viruz4a.cpl
    c:\windows\297aviz21755.exe
    c:\windows\2985threat9z099.cpl
    c:\windows\29949h5cktoolz79.cpl
    c:\windows\29z9spambot6045.bin
    c:\windows\2d0zd9wnlo5der1742.dll
    c:\windows\2e7z9r5138.ocx
    c:\windows\2f5aaddwz5e16499.exe
    c:\windows\2z049te5l2654.exe
    c:\windows\2z155n95-a-virus43e.exe
    c:\windows\2z546spambot7b99.cpl
    c:\windows\2z955spy2f8.dll
    c:\windows\30139wozm658.exe
    c:\windows\30601zacktool5e9.ocx
    c:\windows\3087zspy995.cpl
    c:\windows\30z495py7a9.exe
    c:\windows\31319nzt-a-virus6395.dll
    c:\windows\31544tzo97b5.exe
    c:\windows\32359spambo517z9.cpl
    c:\windows\33afspyware1z925.ocx
    c:\windows\34z7steal1592.exe
    c:\windows\3595thiez1843.bin
    c:\windows\359dsparsz2109.exe
    c:\windows\359ezackdoor308.bin
    c:\windows\35z59hreat23831.dll
    c:\windows\36z9downloader1531.cpl
    c:\windows\3724s5e9lz3.dll
    c:\windows\37b2do5nload9r2374z.ocx
    c:\windows\3843th9eaz51962.ocx
    c:\windows\3915spyware1z70.ocx
    c:\windows\39589zor533b.bin
    c:\windows\396czhie51109.exe
    c:\windows\398zwo5m6a69.dll
    c:\windows\39902spyze5.exe
    c:\windows\39z5vir5072.dll
    c:\windows\3b9abac59oorz018.ocx
    c:\windows\3b9dthzef5035.ocx
    c:\windows\3c075aczdoor9492.cpl
    c:\windows\3c55thrzat90569.cpl
    c:\windows\3cc9vir15z3.exe
    c:\windows\3e5bz9eal159.ocx
    c:\windows\3f8s9azse505.bin
    c:\windows\3z59vi999.ocx
    c:\windows\3za0v5r39.bin
    c:\windows\3zb7sp9r5e1908.bin
    c:\windows\3zebs9eal2065.exe
    c:\windows\4049down5oader1783z.ocx
    c:\windows\4095zir439.ocx
    c:\windows\4127zpywar923025.cpl
    c:\windows\4155no9-a-zi5us61a.dll
    c:\windows\4165down9oade517z1.ocx
    c:\windows\41f7ad9warz28085.bin
    c:\windows\42z1v5rus39f.dll
    c:\windows\431aba9kdz5r3055.bin
    c:\windows\4496sp9rse265z.ocx
    c:\windows\4574spyw5re890z.cpl
    c:\windows\45d359yware15z.exe
    c:\windows\45f69py5arez029.dll
    c:\windows\45z9v5rus614.cpl
    c:\windows\46359py753z.ocx
    c:\windows\4651zparse99.cpl
    c:\windows\4716thiz93215.exe
    c:\windows\4775az9ware79.ocx
    c:\windows\48f0zpyw9re26245.exe
    c:\windows\48fzb95kdoor2698.bin
    c:\windows\4937thre9t12085z.bin
    c:\windows\4964zir19265.exe
    c:\windows\49bzst9a51437.exe
    c:\windows\49c0zhie51275.cpl
    c:\windows\4b5fbackd9oz2932.ocx
    c:\windows\4c4495ywaze2356.bin
    c:\windows\4z7st95l1517.cpl
    c:\windows\4z9abackdoo58279.cpl
    c:\windows\4ze0spywa5e2191.cpl
    c:\windows\500zspywar92730.ocx
    c:\windows\5043downloaz9r2552.dll
    c:\windows\5070szyw9re537.ocx
    c:\windows\509wo5m25z.exe
    c:\windows\5189backdoorz25.exe
    c:\windows\521749oz-a-virus655.bin
    c:\windows\528zsparse28839.cpl
    c:\windows\53a2th9efz848.ocx
    c:\windows\53z79roj795.bin
    c:\windows\54186tz9j1eb.ocx
    c:\windows\5469pyware5z69.exe
    c:\windows\54fthreaz6159.bin
    c:\windows\551csteaz6719.dll
    c:\windows\552z4virus2ec9.cpl
    c:\windows\55490s9y71z.bin
    c:\windows\554fsteal204z9.dll
    c:\windows\5555zot-9-virus47e.exe
    c:\windows\5559szeal1475.ocx
    c:\windows\556679acktool4z8.bin
    c:\windows\556fz9yware1419.exe
    c:\windows\5591sza5bot730.cpl
    c:\windows\5594sz5rse2098.ocx
    c:\windows\55995troj1z9.exe
    c:\windows\55z7troj958.exe
    c:\windows\5660not-9-virus6zf.exe
    c:\windows\5673s95mboz45e.ocx
    c:\windows\5719v9rz906.bin
    c:\windows\5732zteal5941.exe
    c:\windows\576esp5zse1095.ocx
    c:\windows\577spar9e454z.dll
    c:\windows\58e39ownloade5z616.exe
    c:\windows\5921virz168.exe
    c:\windows\592spyz9re2654.ocx
    c:\windows\5930hac9zoo5209.ocx
    c:\windows\5943tzief5504.bin
    c:\windows\59617spambotz89.exe
    c:\windows\5979s5ambotza7.exe
    c:\windows\598c5ddwarez087.cpl
    c:\windows\5990adzware3025.cpl
    c:\windows\5a45threat2z8439.cpl
    c:\windows\5b54thiefz599.cpl
    c:\windows\5dacbazk9oor635.dll
    c:\windows\5debba5kdzor1196.cpl
    c:\windows\5dzathre9t3570.ocx
    c:\windows\5e5fth9ef3184z.cpl
    c:\windows\5ebb9hreat138z4.cpl
    c:\windows\5ezcsp9rse1077.exe
    c:\windows\5f039z5480.bin
    c:\windows\5f15d9znloader1956.bin
    c:\windows\5f589pzrse5.dll
    c:\windows\5fb25tezl9514.cpl
    c:\windows\5fd35z9276.cpl
    c:\windows\5z2bsparse8389.ocx
    c:\windows\6007spzw5re9987.exe
    c:\windows\6069zpyware529.cpl
    c:\windows\6169s5a9boz755.exe
    c:\windows\6271not-a-9irusz95.cpl
    c:\windows\62765hreat29z25.ocx
    c:\windows\6299downl5zder2782.bin
    c:\windows\65419pyware316z.bin
    c:\windows\656csteal309z.exe
    c:\windows\65739ackdzor857.ocx
    c:\windows\659cthreat841z.dll
    c:\windows\65c6threzt6980.ocx
    c:\windows\6601adzwar51459.dll
    c:\windows\6649t5ief2z18.bin
    c:\windows\670th5e9z97.exe
    c:\windows\6759addwaze1357.exe
    c:\windows\676cdzwnlo9der556.ocx
    c:\windows\68805pywa9e10z7.exe
    c:\windows\6929bazkdoor2550.exe
    c:\windows\69659rzj327.cpl
    c:\windows\69z5s5arse185.cpl
    c:\windows\6a79s5arse2z74.dll
    c:\windows\6bbbtz5ef3369.exe
    c:\windows\6c5espyware539z.exe
    c:\windows\6d6zd5wn9oader3000.exe
    c:\windows\6davi5z739.cpl
    c:\windows\6ea2ba9kd5zr441.cpl
    c:\windows\6z21worm4965.bin
    c:\windows\703da9dwarez354.ocx
    c:\windows\708spa5botz90.ocx
    c:\windows\711cback9zor27115.bin
    c:\windows\71acazdware5790.cpl
    c:\windows\72395zam9otd1.exe
    c:\windows\7253not-a-viru96ddz.exe
    c:\windows\7290threat325z9.ocx
    c:\windows\7353s9zr5e1554.ocx
    c:\windows\739dspyzare5603.exe
    c:\windows\74539rojz7.bin
    c:\windows\74e05teal98z9.dll
    c:\windows\7560ste59z976.cpl
    c:\windows\7599steal586z.bin
    c:\windows\7730st5az31089.exe
    c:\windows\7757d5wnlozd9r2750.cpl
    c:\windows\7798nzt-a-vi59s3c2.exe
    c:\windows\79z4thief5156.bin
    c:\windows\79z9threat50571.ocx
    c:\windows\79zbspywa5e2803.bin
    c:\windows\7c93t9ief41z5.dll
    c:\windows\7d2bdownlzader3985.cpl
    c:\windows\7d50th9ezt12957.cpl
    c:\windows\7e50thr9atz5255.dll
    c:\windows\7e96spyware265z.dll
    c:\windows\7f41downl5ad9rz63.ocx
    c:\windows\7f59thiez1652.dll
    c:\windows\7ff5thz9at27714.bin
    c:\windows\853995oj7z.ocx
    c:\windows\88895irus77z.cpl
    c:\windows\9025worm6z5.bin
    c:\windows\9058zhacktool105.exe
    c:\windows\90z83troj65.dll
    c:\windows\90z9v5r886.dll
    c:\windows\913thr5at76z2.cpl
    c:\windows\9159tzoj50c.bin
    c:\windows\916z5or9740.dll
    c:\windows\91790spambzt4a45.exe
    c:\windows\919zo9-a5virus128.bin
    c:\windows\91cbzteal504.ocx
    c:\windows\91z0vir3550.exe
    c:\windows\9229zpa5botb3.ocx
    c:\windows\9435spz56.dll
    c:\windows\95135hacztool3515.cpl
    c:\windows\9551z5wnloader1251.ocx
    c:\windows\9575virzs69.bin
    c:\windows\957viruz496.ocx
    c:\windows\95f5zddware126.exe
    c:\windows\95zthreat14336.dll
    c:\windows\96195izf702.cpl
    c:\windows\9823noz-a-virus15d5.exe
    c:\windows\988thief9557z.ocx
    c:\windows\98967szambo579c.exe
    c:\windows\99575ormz42.ocx
    c:\windows\9979w5rm61z.ocx
    c:\windows\998z1spa5bot136.dll
    c:\windows\99fzackdoor2352.dll
    c:\windows\99z5ddware3045.bin
    c:\windows\9b155parze427.ocx
    c:\windows\9b2bbackz5or1358.cpl
    c:\windows\9b5athreat519z8.dll
    c:\windows\9czthreat24576.dll
    c:\windows\9f6zir2594.exe
    c:\windows\9fe7z5eal2289.ocx
    c:\windows\9z45ddw9re1080.ocx
    c:\windows\9z7025orm356.exe
    c:\windows\9z865hief1109.exe
    c:\windows\9z87spy5are2006.dll
    c:\windows\ae9zir9425.dll
    c:\windows\azp9ware15745.cpl
    c:\windows\b1ct5re9z1744.cpl
    c:\windows\baezpyw5re2696.dll
    c:\windows\cbb5ck9zor2293.exe
    c:\windows\cddzddwar95087.exe
    c:\windows\d0bvirz591.bin
    c:\windows\d36do9nlo5dzr3110.bin
    c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
    c:\windows\ea8sparz5946.dll
    c:\windows\system32\_000103_.tmp.dll
    c:\windows\system32\_000105_.tmp.dll
    c:\windows\system32\_000114_.tmp.dll
    c:\windows\system32\_000117_.tmp.dll
    c:\windows\system32\_002747_.tmp.dll
    c:\windows\system32\_002748_.tmp.dll
    c:\windows\system32\_002749_.tmp.dll
    c:\windows\system32\_002750_.tmp.dll
    c:\windows\system32\_002757_.tmp.dll
    c:\windows\system32\_002758_.tmp.dll
    c:\windows\system32\_002759_.tmp.dll
    c:\windows\system32\_002760_.tmp.dll
    c:\windows\system32\_002762_.tmp.dll
    c:\windows\system32\_002763_.tmp.dll
    c:\windows\system32\_002766_.tmp.dll
    c:\windows\system32\_002767_.tmp.dll
    c:\windows\system32\_002769_.tmp.dll
    c:\windows\system32\_002770_.tmp.dll
    c:\windows\system32\_002771_.tmp.dll
    c:\windows\system32\_002772_.tmp.dll
    c:\windows\system32\_002773_.tmp.dll
    c:\windows\system32\_002776_.tmp.dll
    c:\windows\system32\_002777_.tmp.dll
    c:\windows\system32\_002781_.tmp.dll
    c:\windows\system32\_002782_.tmp.dll
    c:\windows\system32\_002784_.tmp.dll
    c:\windows\system32\_002787_.tmp.dll
    c:\windows\system32\_002789_.tmp.dll
    c:\windows\system32\_002790_.tmp.dll
    c:\windows\system32\_002791_.tmp.dll
    c:\windows\system32\_002792_.tmp.dll
    c:\windows\system32\_002793_.tmp.dll
    c:\windows\system32\_002796_.tmp.dll
    c:\windows\system32\_002797_.tmp.dll
    c:\windows\system32\_002798_.tmp.dll
    c:\windows\system32\_002799_.tmp.dll
    c:\windows\system32\_002800_.tmp.dll
    c:\windows\system32\_002805_.tmp.dll
    c:\windows\system32\_005275_.tmp.dll
    c:\windows\system32\_005289_.tmp.dll
    c:\windows\system32\_005293_.tmp.dll
    c:\windows\system32\_005296_.tmp.dll
    c:\windows\system32\_005299_.tmp.dll
    c:\windows\system32\_005310_.tmp.dll
    c:\windows\system32\_005322_.tmp.dll
    c:\windows\system32\1034add9arz657.exe
    c:\windows\system32\1047359ambot73z.bin
    c:\windows\system32\1049spz1e95.ocx
    c:\windows\system32\1075zha5ktool1ea9.ocx
    c:\windows\system32\1076thze5t39379.exe
    c:\windows\system32\10805worm29z.ocx
    c:\windows\system32\10887vi9us78z5.dll
    c:\windows\system32\10924hack5ozl7649.cpl
    c:\windows\system32\11155ha9ktool5z9.dll
    c:\windows\system32\11490not-azviru5585.bin
    c:\windows\system32\11546nzt9a-virus122.dll
    c:\windows\system32\117z0tr5j409.bin
    c:\windows\system32\1198thre5z25745.ocx
    c:\windows\system32\1199bac5dozr692.bin
    c:\windows\system32\12358t59j57z.ocx
    c:\windows\system32\12991n59-z-virus1ca.dll
    c:\windows\system32\12997not-a-viruz590.bin
    c:\windows\system32\130z5not-a-vir9s7c1.ocx
    c:\windows\system32\138cs9zrs52128.bin
    c:\windows\system32\138es9a5se69z.exe
    c:\windows\system32\14091hacktoo98z5.dll
    c:\windows\system32\1426zspam5ot59e.ocx
    c:\windows\system32\1455znot-a-virus498.dll
    c:\windows\system32\15052vzru9ef.exe
    c:\windows\system32\15148spamb9z44a.exe
    c:\windows\system32\1530zspam5o94fe.exe
    c:\windows\system32\15359hacktozl4bd.ocx
    c:\windows\system32\15459vizusb4.bin
    c:\windows\system32\15495not-59viruz5bf.exe
    c:\windows\system32\15559sp9z.exe
    c:\windows\system32\155995rojz1b.bin
    c:\windows\system32\1575dow9load5r175z.dll
    c:\windows\system32\15834n9t5a-virusz92.dll
    c:\windows\system32\158485zr9s99.exe
    c:\windows\system32\1593downz9ader1703.ocx
    c:\windows\system32\1598spywar527z.bin
    c:\windows\system32\16011s5amb9t62z.cpl
    c:\windows\system32\16197zac9tool353.cpl
    c:\windows\system32\16598not-a-virus5zb.exe
    c:\windows\system32\16691s9am5oz60f.bin
    c:\windows\system32\17632t9zj554.exe
    c:\windows\system32\17765hazkto9l54d.ocx
    c:\windows\system32\17z55not-a-virus619.exe
    c:\windows\system32\1859virz801.dll
    c:\windows\system32\189daddware255z.bin
    c:\windows\system32\191b5hreat16z56.ocx
    c:\windows\system32\194z1spy5a.bin
    c:\windows\system32\195099azktool52.ocx
    c:\windows\system32\19519z5t-a-virus299.cpl
    c:\windows\system32\19561not-a-virusz00.ocx
    c:\windows\system32\19735teal2273z.bin
    c:\windows\system32\19837spa5botz15.bin
    c:\windows\system32\19922nzt-a-virus6455.cpl
    c:\windows\system32\19955tzoj599.ocx
    c:\windows\system32\1c3czteal25229.dll
    c:\windows\system32\1dfzvi9745.cpl
    c:\windows\system32\1f38szarse24599.ocx
    c:\windows\system32\1z75s5y297.ocx
    c:\windows\system32\1z918spy5a5.exe
    c:\windows\system32\2009zt9o5e2.exe
    c:\windows\system32\20741troz2965.dll
    c:\windows\system32\2177ztr5j9ae.bin
    c:\windows\system32\21796viz5s5e9.ocx
    c:\windows\system32\21995zpy2e9.bin
    c:\windows\system32\223z5troj909.exe
    c:\windows\system32\2299spa9z5908.bin
    c:\windows\system32\23285hac5t9ol684z.ocx
    c:\windows\system32\23356h9c5tozlf6.bin
    c:\windows\system32\24095no95a-vizus711.cpl
    c:\windows\system32\2424znot-a-viru9588.exe
    c:\windows\system32\242d5parze9595.ocx
    c:\windows\system32\24525z9m214.exe
    c:\windows\system32\24905spz766.exe
    c:\windows\system32\251dszarse669.dll
    c:\windows\system32\25226haz5tool4939.exe
    c:\windows\system32\252bazdwar92684.bin
    c:\windows\system32\254troj39z.bin
    c:\windows\system32\25502tr9jz23.exe
    c:\windows\system32\2554ztrojbf9.cpl
    c:\windows\system32\25738spyz95.exe
    c:\windows\system32\2585zi9359.bin
    c:\windows\system32\25871tzo932a.dll
    c:\windows\system32\25b9viz987.cpl
    c:\windows\system32\25c1t9ie5242z.exe
    c:\windows\system32\25dfzdd5ar91886.bin
    c:\windows\system32\26244sp95bzt50d.ocx
    c:\windows\system32\2659z5irus2e9.dll
    c:\windows\system32\26z4backd5or12279.ocx
    c:\windows\system32\272579zru524e.bin
    c:\windows\system32\27309azk5ool69.ocx
    c:\windows\system32\27339spa9bot5z5.cpl
    c:\windows\system32\273z5spy9d.dll
    c:\windows\system32\27427not-a-5i9usz93.bin
    c:\windows\system32\27496hack59oz7f.bin
    c:\windows\system32\27538zr9jd8.dll
    c:\windows\system32\27690tr9j57z.exe
    c:\windows\system32\27975notza-9irus700.bin
    c:\windows\system32\27z215i9us58c.cpl
    c:\windows\system32\2894zt9oj655.ocx
    c:\windows\system32\28969ddw5re1781z.bin
    c:\windows\system32\28d7backd5orz409.dll
    c:\windows\system32\29041z5rm2aa9.ocx
    c:\windows\system32\2904backdoor190z5.cpl
    c:\windows\system32\2917thzea514931.dll
    c:\windows\system32\29381hackzool752.bin
    c:\windows\system32\29533virus254z.cpl
    c:\windows\system32\29559vi5us19z.ocx
    c:\windows\system32\295z2worm9f5.ocx
    c:\windows\system32\29948noz-a-v95us667.ocx
    c:\windows\system32\299959roj558z.exe
    c:\windows\system32\29a25ir30z9.dll
    c:\windows\system32\29a9thz9at27957.exe
    c:\windows\system32\2a59backdzor2313.dll
    c:\windows\system32\2d2bsp9wzr51538.bin
    c:\windows\system32\2dacv59z16.cpl
    c:\windows\system32\2z167w9rm335.ocx
    c:\windows\system32\2z16b95kdoor90.dll
    c:\windows\system32\2z2419roj3f85.bin
    c:\windows\system32\2z715tro9705.dll
    c:\windows\system32\2z87v9r1504.exe
    c:\windows\system32\2zf99ownloade51611.exe
    c:\windows\system32\3024addzare15799.dll
    c:\windows\system32\30982zroj545.cpl
    c:\windows\system32\30ea59eal3z99.cpl
    c:\windows\system32\31409spam9zt6fd5.exe
    c:\windows\system32\3145spzr952955.bin
    c:\windows\system32\31789spzmbot452.bin
    c:\windows\system32\317965azkt9ol2f0.dll
    c:\windows\system32\31925spamb9z6c5.dll
    c:\windows\system32\319835pz95.exe
    c:\windows\system32\319z95orm7f59.ocx
    c:\windows\system32\32157vzr9s1ba.dll
    c:\windows\system32\3236stea52914z.ocx
    c:\windows\system32\3245noz-a-9ir5s5f.exe
    c:\windows\system32\32935zroj48b.ocx
    c:\windows\system32\32z5thie92717.cpl
    c:\windows\system32\33caspyware1z59.dll
    c:\windows\system32\3500v9z3023.exe
    c:\windows\system32\3557a9zware23125.cpl
    c:\windows\system32\3635szarse1949.cpl
    c:\windows\system32\364dspyware1z59.dll
    c:\windows\system32\3704hac5zo9l749.ocx
    c:\windows\system32\3899hackto5l4z4.dll
    c:\windows\system32\3955spy9caz.dll
    c:\windows\system32\3963downlzade52660.exe
    c:\windows\system32\399cdoznlo5der410.exe
    c:\windows\system32\39a29pywar5121z.cpl
    c:\windows\system32\3a65spywarez196.bin
    c:\windows\system32\3be5a95zare1216.dll
    c:\windows\system32\3e4z9hie51032.bin
    c:\windows\system32\3e5bdow5lza9er3059.exe
    c:\windows\system32\3z4f9ownloader30855.exe
    c:\windows\system32\3z715v9rus47f.ocx
    c:\windows\system32\41259iz894.exe
    c:\windows\system32\41ad9i5z251.ocx
    c:\windows\system32\4262hzc5tool6c29.ocx
    c:\windows\system32\4365virz599.exe
    c:\windows\system32\4399bac5dooz27349.ocx
    c:\windows\system32\449zad5wa9e817.exe
    c:\windows\system32\44cdthz9f2957.ocx
    c:\windows\system32\44z95hreat17279.ocx
    c:\windows\system32\44zbsparse92235.dll
    c:\windows\system32\459threat290z9.exe
    c:\windows\system32\45d7vir3z459.ocx
    c:\windows\system32\4659steaz16519.exe
    c:\windows\system32\46afaddware2z95.cpl
    c:\windows\system32\476zbac5door3091.bin
    c:\windows\system32\4798spambzte85.dll
    c:\windows\system32\4869virzs654.exe
    c:\windows\system32\4879spars515z2.dll
    c:\windows\system32\487cbaz5do9r579.cpl
    c:\windows\system32\48b5adz9are2444.bin
    c:\windows\system32\48ezsteal9588.dll
    c:\windows\system32\48f3b5ckdzor9613.dll
    c:\windows\system32\4937s5azbot5b19.ocx
    c:\windows\system32\4995do5nloaderz075.exe
    c:\windows\system32\4995spazse799.bin
    c:\windows\system32\4998thze9t15534.cpl
    c:\windows\system32\49a05ow9loadez188.cpl
    c:\windows\system32\49ezthie51656.exe
    c:\windows\system32\4c0fzhi5f929.bin
    c:\windows\system32\4c94sp5zse3092.ocx
    c:\windows\system32\4d92downlzader2275.ocx
    c:\windows\system32\4e5zthief21459.cpl
    c:\windows\system32\4efz5hreat31979.exe
    c:\windows\system32\4f48backdo5r3933z.bin
    c:\windows\system32\4z02bac95oor2342.bin
    c:\windows\system32\50277h9cktooz29b.bin
    c:\windows\system32\5052spars5915z.dll
    c:\windows\system32\5065thie92z6.dll
    c:\windows\system32\5070vizus609.ocx
    c:\windows\system32\50973spamb9t1z0.bin
    c:\windows\system32\5117s5zmbot19a.exe
    c:\windows\system32\51375virus9d5z.cpl
    c:\windows\system32\51726w9rmz09.bin
    c:\windows\system32\51728s9amboz.dll
    c:\windows\system32\517ev9r257z.exe
    c:\windows\system32\520bspy9are1z31.cpl
    c:\windows\system32\520z9spy70.bin
    c:\windows\system32\5379vir524z.cpl
    c:\windows\system32\53a99ir297z.dll
    c:\windows\system32\53b659rezt24555.ocx
    c:\windows\system32\53z1d5wnloa9er2096.cpl
    c:\windows\system32\54539i5z12.cpl
    c:\windows\system32\5498spazse175.bin
    c:\windows\system32\54czp5war91986.ocx
    c:\windows\system32\54f5addw59e5z6.ocx
    c:\windows\system32\550as9ywar5z156.bin
    c:\windows\system32\5545sp5zs92589.cpl
    c:\windows\system32\5559notza-v9rus359.ocx
    c:\windows\system32\5563zhief32749.bin
    c:\windows\system32\5599downlozder1904.exe
    c:\windows\system32\5599spyz67.ocx
    c:\windows\system32\55a9ad5warz2860.dll
    c:\windows\system32\55b5th9eatz9421.dll
    c:\windows\system32\55fst5az2919.ocx
    c:\windows\system32\56b4sparze1095.bin
    c:\windows\system32\572cdownlozd5r965.dll
    c:\windows\system32\5738az5w9re876.bin
    c:\windows\system32\57504t9oj2z3.exe
    c:\windows\system32\57d5baczd9or799.cpl
    c:\windows\system32\58b0backdoo5z249.dll
    c:\windows\system32\5912backzoor1530.ocx
    c:\windows\system32\593dthizf17795.exe
    c:\windows\system32\5944zownloader153.ocx
    c:\windows\system32\5975threat2976z.exe
    c:\windows\system32\59a5addware135z.bin
    c:\windows\system32\59c4threzt24829.bin
    c:\windows\system32\59z51spam9ot94.dll
    c:\windows\system32\5a345oznlo9der772.dll
    c:\windows\system32\5a89stezl445.bin
    c:\windows\system32\5cedd95nloadez1311.cpl
    c:\windows\system32\5d96thrza917855.cpl
    c:\windows\system32\5d97zownloa9er1952.bin
    c:\windows\system32\5dfthief955z.bin
    c:\windows\system32\5eccsparsz9455.bin
    c:\windows\system32\5ee4adzwar531649.exe
    c:\windows\system32\5ez5vir986.bin
    c:\windows\system32\5f09threat17409z.bin
    c:\windows\system32\5f33ste9l583z.exe
    c:\windows\system32\5f639hiefz221.cpl
    c:\windows\system32\5fa5backdooz1916.cpl
    c:\windows\system32\5fe9backdo9rz993.exe
    c:\windows\system32\5z195orm69.exe
    c:\windows\system32\5z5659roj24d.cpl
    c:\windows\system32\5z787s9y248.exe
    c:\windows\system32\5zt9ief5505.exe
    c:\windows\system32\60z6spywa5e1905.dll
    c:\windows\system32\61b45parz9146.exe
    c:\windows\system32\61e39hizf5048.exe
    c:\windows\system32\61z3w9rm6845.bin
    c:\windows\system32\61z9w9rm285.ocx
    c:\windows\system32\624b5parze2519.dll
    c:\windows\system32\6314baz9doo52600.dll
    c:\windows\system32\6513vzr239.cpl
    c:\windows\system32\6519vir1536z.ocx
    c:\windows\system32\6597spywarez213.bin
    c:\windows\system32\6597steal1z65.exe
    c:\windows\system32\6639zhr5at25122.cpl
    c:\windows\system32\6750spambot55z9.ocx
    c:\windows\system32\6808dow5z9ader200.bin
    c:\windows\system32\6933v9r5z2.dll
    c:\windows\system32\6b7ezte9l28355.exe
    c:\windows\system32\6b8dv5931z3.bin
    c:\windows\system32\6bzb5hre9t977.bin
    c:\windows\system32\6d9tzreat13958.bin
    c:\windows\system32\6e66downlzader25559.ocx
    c:\windows\system32\6ec4addwar519z3.ocx
    c:\windows\system32\6ed95pywzre10429.exe
    c:\windows\system32\6fdzbackdo9r3185.ocx
    c:\windows\system32\6fe9thizf456.exe
    c:\windows\system32\6z089hie51635.ocx
    c:\windows\system32\6z5fspyware2559.exe
    c:\windows\system32\7119s5ywarz1339.exe
    c:\windows\system32\71c7download9rz527.exe
    c:\windows\system32\7229st5az2997.exe
    c:\windows\system32\7259spz5are2790.ocx
    c:\windows\system32\738s5ea9z568.cpl
    c:\windows\system32\746c9hreat56z8.dll
    c:\windows\system32\7539v5rzs98.ocx
    c:\windows\system32\75d5vi9236z.bin
    c:\windows\system32\75stzal9021.dll
    c:\windows\system32\76dvzr8965.exe
    c:\windows\system32\77z5addw9r52918.cpl
    c:\windows\system32\7905sparsz2950.dll
    c:\windows\system32\7918viru9z25.bin
    c:\windows\system32\7990vir529z.ocx
    c:\windows\system32\7999z5ckdoor2588.cpl
    c:\windows\system32\79bestezl2259.dll
    c:\windows\system32\79z2steal1455.exe
    c:\windows\system32\7a519pywarez417.cpl
    c:\windows\system32\7ad9thief150z.bin
    c:\windows\system32\7ae2z9ie5764.bin
    c:\windows\system32\7c5zvi92256.ocx
    c:\windows\system32\7z01not9a-5irus748.bin
    c:\windows\system32\7z06not5a-vi9us719.cpl
    c:\windows\system32\7z66spywa5e1959.ocx
    c:\windows\system32\7zca5parse940.bin
    c:\windows\system32\80z6worm5e59.ocx
    c:\windows\system32\8315ha9ktooz5f05.dll
    c:\windows\system32\84znot-a95irus372.cpl
    c:\windows\system32\85899roj26az.dll
    c:\windows\system32\859vzr5909.cpl
    c:\windows\system32\891spz5d89.exe
    c:\windows\system32\8969zroj1ae5.dll
    c:\windows\system32\8999zot-5-virus590.ocx
    c:\windows\system32\8c9spywar595z8.exe
    c:\windows\system32\9024s957z7.exe
    c:\windows\system32\9028spazbot175.dll
    c:\windows\system32\90854zot-a-virus61.bin
    c:\windows\system32\90945tzoj305.exe
    c:\windows\system32\91147virzs365.dll
    c:\windows\system32\91739spambotz05.bin
    c:\windows\system32\92785viruz45f.exe
    c:\windows\system32\929zvir15335.bin
    c:\windows\system32\92e2addware229z5.bin
    c:\windows\system32\9360vizu5405.ocx
    c:\windows\system32\936adownloade5147z.bin
    c:\windows\system32\9412zot-a-vir954c0.ocx
    c:\windows\system32\94w5rm5f4z.dll
    c:\windows\system32\95157worm5e6z.exe
    c:\windows\system32\9530spyware8z1.exe
    c:\windows\system32\9541threat910z.dll
    c:\windows\system32\9550zhreat30122.dll
    c:\windows\system32\9559spy9cz.cpl
    c:\windows\system32\955bzteal935.ocx
    c:\windows\system32\955faddwzre1794.ocx
    c:\windows\system32\9592sp9mbot1zd.ocx
    c:\windows\system32\95c1threat84z7.ocx
    c:\windows\system32\95f6spazse1857.cpl
    c:\windows\system32\9672s95z9.bin
    c:\windows\system32\9849z5y6b9.exe
    c:\windows\system32\98594trzj468.cpl
    c:\windows\system32\989addw59e2976z.ocx
    c:\windows\system32\98ezspyware23345.dll
    c:\windows\system32\99201v5rus1z2.exe
    c:\windows\system32\9936worz5395.bin
    c:\windows\system32\9965zt5oj7d6.dll
    c:\windows\system32\9bz9back5oor1355.dll
    c:\windows\system32\9c26vzr1557.cpl
    c:\windows\system32\9ea3spar5z98.dll
    c:\windows\system32\9f2daddware29z5.cpl
    c:\windows\system32\9f33zparse1415.dll
    c:\windows\system32\9z4backdoor27445.cpl
    c:\windows\system32\9z90ste5l418.exe
    c:\windows\system32\b19b5czdoor897.exe
    c:\windows\system32\cb59tezl381.ocx
    c:\windows\system32\d95tzreat13953.bin
    c:\windows\system32\gsosjbltblajum.dll
    c:\windows\system32\setup.ini
    c:\windows\system32\z01ste9l19595.cpl
    c:\windows\system32\z0998virus4375.exe
    c:\windows\system32\z099spam5ot52.dll
    c:\windows\system32\z0eedownl9ader2555.bin
    c:\windows\system32\z1302s9y105.dll
    c:\windows\system32\z17tr593eb.ocx
    c:\windows\system32\z335ha9ktool3a9.exe
    c:\windows\system32\z425w5rm3f69.ocx
    c:\windows\system32\z536s9ywar52710.dll
    c:\windows\system32\z590t5ief1457.cpl
    c:\windows\system32\z597threa518697.dll
    c:\windows\system32\z5983spambot9c95.bin
    c:\windows\system32\z5baddware9573.exe
    c:\windows\system32\z5efaddw9re969.dll
    c:\windows\system32\z63steal55889.bin
    c:\windows\system32\z6599tro514.bin
    c:\windows\system32\z7spy1795.cpl
    c:\windows\system32\z9409virus56e5.dll
    c:\windows\system32\z97not-a-5irus276.exe
    c:\windows\system32\z9882tro529a.dll
    c:\windows\system32\za45sparse1597.exe
    c:\windows\system32\za50a9dwa5e989.bin
    c:\windows\system32\zc27sp9rse12435.exe
    c:\windows\system32\zdb7th9ef1253.cpl
    c:\windows\system32\zde25ir694.dll
    c:\windows\system32\zfd6spywar595.ocx
    c:\windows\z0598troj553.exe
    c:\windows\z069ste5l144.ocx
    c:\windows\z0809worm9035.dll
    c:\windows\z1023virus6859.bin
    c:\windows\z13755roj3859.exe
    c:\windows\z1529not-a-vir9s315.dll
    c:\windows\z2152s5amboteb9.bin
    c:\windows\z2939spa5bot48c.exe
    c:\windows\z3022wor59ff.dll
    c:\windows\z375v9rus4aa5.exe
    c:\windows\z4489hackt59l445.cpl
    c:\windows\z479th5ef1965.bin
    c:\windows\z5179pyware1935.ocx
    c:\windows\z595v5r1069.dll
    c:\windows\z5b5addwa9e2239.exe
    c:\windows\z68t5reat6559.cpl
    c:\windows\z799v5ru940a.bin
    c:\windows\z81e5p9rse1108.dll
    c:\windows\z855ste5l2591.dll
    c:\windows\z914th5eat29810.cpl
    c:\windows\z92cthreat5956.ocx
    c:\windows\z935virus4c.ocx
    c:\windows\z941threat28596.exe
    c:\windows\z955vir3228.dll
    c:\windows\zaafste5l493.bin
    c:\windows\zb7b9teal3025.exe
    c:\windows\zb9cth5ef189.dll
    c:\windows\zc5bvi95291.dll
    c:\windows\zc7dvi52999.cpl
    c:\windows\zcefste9l5963.cpl
    c:\windows\ze9s5eal2718.ocx

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_ASC3550P
    -------\Legacy_ESQULserv.sys
    -------\Legacy_WINDOWS_MSI
    -------\Service_asc3550p
    -------\Service_ESQULserv.sys
    -------\Service_Windows MSI


    ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-26 au 2010-05-26 ))))))))))))))))))))))))))))))))))))
    .

    2010-05-26 17:26 . 2010-05-26 17:26 0 ----a-w- c:\windows\nsreg.dat
    2010-05-26 17:26 . 2010-05-26 17:26 -------- d-----w- c:\documents and settings\nobre\Local Settings\Application Data\Mozilla
    2010-05-26 14:43 . 2010-05-26 14:43 196608 ----a-w- c:\windows\system32\avisynth.dll
    2010-05-26 14:42 . 2010-05-26 14:42 33280 ----a-w- c:\windows\system32\HUFFYUV.DLL
    2010-05-26 14:41 . 2010-05-26 14:41 -------- d-----w- c:\program files\repAd
    2010-05-26 14:26 . 2010-05-26 14:29 -------- d-----w- c:\documents and settings\nobre\Application Data\banshee-1
    2010-05-26 02:23 . 2010-05-26 02:23 -------- d-----w- c:\program files\Fluendo
    2010-05-26 01:59 . 2010-05-26 14:39 -------- d-----w- c:\documents and settings\nobre\Application Data\vlc
    2010-05-26 01:43 . 2010-05-26 06:31 -------- d-----w- c:\program files\BarDiscover
    2010-05-26 01:43 . 2010-05-26 01:45 -------- d-----w- c:\documents and settings\All Users\Application Data\BarDiscover
    2010-05-26 01:43 . 2010-05-26 01:43 -------- d-----w- c:\program files\ShoppingReport2
    2010-05-25 14:49 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
    2010-05-25 10:04 . 2010-05-25 10:04 -------- d-----w- c:\documents and settings\nobre\Application Data\widestream
    2010-05-25 10:04 . 2010-05-25 10:04 -------- d-----w- c:\program files\Widestream6
    2010-05-25 10:03 . 2010-05-25 10:04 -------- d-----w- c:\documents and settings\nobre\Application Data\OfferBox
    2010-05-25 10:03 . 2010-05-25 10:03 -------- d-----w- c:\program files\OfferBox
    2010-05-25 08:27 . 2008-11-20 16:15 65536 ----a-w- c:\windows\system32\Autodial2000.dll
    2010-05-25 08:26 . 2010-05-25 08:33 -------- d-----w- c:\program files\Orange HSS
    2010-05-22 13:49 . 2010-05-26 14:05 -------- d-----w- c:\documents and settings\nobre\Application Data\skypePM
    2010-05-22 13:49 . 2010-05-22 13:49 56 ---ha-w- c:\windows\system32\ezsidmv.dat
    2010-05-22 13:43 . 2010-05-26 18:23 -------- d-----w- c:\documents and settings\nobre\Application Data\Skype
    2010-05-22 13:42 . 2010-05-22 13:42 -------- d-----w- c:\program files\Fichiers communs\Skype
    2010-05-22 13:42 . 2010-05-22 13:43 -------- d-----r- c:\program files\Skype
    2010-05-22 13:42 . 2010-05-22 13:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2010-05-19 07:19 . 2007-04-05 19:53 335872 ----a-w- c:\windows\Nero PhotoShow.scr
    2010-05-19 07:19 . 2007-03-28 23:56 245408 ----a-w- c:\windows\system32\unicows.dll
    2010-05-19 07:17 . 2010-05-19 07:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Simple Star Shared
    2010-05-19 07:17 . 2010-05-19 07:19 -------- d-----w- c:\program files\Fichiers communs\Simple Star Shared
    2010-05-19 07:16 . 2010-05-19 07:16 -------- d-----w- c:\documents and settings\nobre\Application Data\Simple Star
    2010-05-19 06:52 . 2008-05-02 06:26 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
    2010-05-16 20:49 . 2010-05-16 20:49 -------- d-----w- c:\documents and settings\nobre\Application Data\Avira
    2010-05-16 20:44 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
    2010-05-16 20:44 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
    2010-05-16 20:44 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
    2010-05-16 20:44 . 2010-05-16 20:44 -------- d-----w- c:\program files\Avira
    2010-05-16 20:05 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2010-05-16 20:05 . 2010-05-16 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
    2010-05-03 05:08 . 2010-05-03 05:08 96760 ----a-w- c:\windows\system32\6d6b8508.exe
    2010-05-03 05:08 . 2010-05-03 05:08 50992 ----a-w- c:\windows\system32\srehffevtychvzygm.exe
    2010-05-02 13:14 . 2005-12-06 03:27 287360 ----a-r- c:\windows\system32\drivers\LV561AV.SYS
    2010-05-02 13:11 . 2005-12-06 03:26 380928 ----a-r- c:\windows\system32\LVUI2RC.dll
    2010-05-02 13:11 . 2005-12-06 03:26 39424 ----a-r- c:\windows\system32\drivers\LVUSBSta.sys
    2010-05-02 13:11 . 2005-12-06 03:22 110592 ----a-r- c:\windows\system32\lvcoinst.dll
    2010-05-02 13:11 . 2005-12-06 02:27 2112 ----a-r- c:\windows\system32\Repository.reg
    2010-05-02 13:11 . 2005-12-06 03:25 217088 ----a-r- c:\windows\system32\LVUI2.dll
    2010-05-02 13:11 . 2005-12-06 03:25 204800 ----a-r- c:\windows\system32\lvcodec2.dll
    2010-05-02 13:11 . 2005-12-06 03:30 916096 ----a-r- c:\windows\system32\drivers\LV302AV.SYS
    2010-05-02 13:11 . 2008-04-14 02:33 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
    2010-05-02 13:11 . 2008-04-14 02:33 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
    2010-05-02 13:02 . 2005-12-09 13:35 245824 ----a-r- c:\windows\Instexec.exe
    2010-05-02 13:02 . 2005-12-09 13:31 245824 ----a-r- c:\windows\system32\InstExec.exe
    2010-05-02 13:01 . 2010-05-02 13:02 -------- d-----w- c:\program files\Fichiers communs\Logitech
    2010-04-30 07:56 . 2010-04-30 07:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
    2010-04-29 12:20 . 2010-04-29 12:24 -------- d-----w- c:\program files\Microsoft
    2010-04-29 07:20 . 2009-10-21 05:39 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
    2010-04-29 07:20 . 2009-10-21 05:39 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
    2010-04-29 07:20 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys
    2010-04-29 07:20 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
    2010-04-29 07:20 . 2009-10-12 13:39 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
    2010-04-29 07:20 . 2009-10-12 13:39 150528 -c----w- c:\windows\system32\dllcache\rastls.dll
    2010-04-29 07:20 . 2009-12-14 07:09 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
    2010-04-29 07:20 . 2010-02-12 04:34 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
    2010-04-29 07:20 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
    2010-04-29 07:20 . 2009-11-27 17:13 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
    2010-04-29 07:20 . 2009-12-24 07:00 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
    2010-04-29 07:19 . 2009-10-13 10:33 271360 -c----w- c:\windows\system32\dllcache\oakley.dll
    2010-04-29 07:19 . 2009-11-27 16:08 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
    2010-04-29 07:19 . 2009-11-27 16:08 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
    2010-04-29 07:19 . 2009-11-27 16:08 28672 -c----w- c:\windows\system32\dllcache\msvidc32.dll
    2010-04-29 07:19 . 2009-11-27 16:08 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
    2010-04-29 07:19 . 2010-01-13 14:01 87040 -c----w- c:\windows\system32\dllcache\cabview.dll
    2010-04-29 07:19 . 2009-12-17 07:41 347648 -c----w- c:\windows\system32\dllcache\mspaint.exe
    2010-04-29 02:09 . 2008-04-13 18:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
    2010-04-29 02:09 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
    2010-04-29 02:03 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
    2010-04-29 02:03 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
    2010-04-29 02:00 . 2010-04-29 02:00 -------- d-----w- c:\windows\system32\wbem\Repository

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-05-26 06:28 . 2006-01-16 16:23 545566 ----a-w- c:\windows\system32\perfh00C.dat
    2010-05-26 06:28 . 2006-01-16 16:23 100502 ----a-w- c:\windows\system32\perfc00C.dat
    2010-05-26 02:24 . 2010-05-26 02:24 102400 ----a-r- c:\documents and settings\nobre\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_206049A8CD534D8B87D5F66190F05AB3.exe
    2010-05-26 02:24 . 2010-05-26 02:24 102400 ----a-r- c:\documents and settings\nobre\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_F4EE65F1A6CD4124B059E9FA9A98EBF7.exe
    2010-05-26 02:24 . 2010-05-26 02:24 110592 ----a-r- c:\documents and settings\nobre\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\ARPPRODUCTICON.exe
    2010-05-26 02:24 . 2010-05-26 02:24 102400 ----a-r- c:\documents and settings\nobre\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut4_A414E067513C43BA8786F3DC788BC961.exe
    2010-05-26 02:24 . 2010-05-26 02:24 102400 ----a-r- c:\documents and settings\nobre\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_BCB4A930B9F04A2480525A437423D92B.exe
    2010-05-26 02:24 . 2010-05-26 02:24 102400 ----a-r- c:\documents and settings\nobre\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut2_B4703F8364D440ADB60E472AD5422128.exe
    2010-05-25 08:29 . 2009-05-16 12:29 -------- d-----w- c:\program files\Fichiers communs\France Telecom
    2010-05-25 01:35 . 2010-05-26 01:45 61712 ----a-w- c:\documents and settings\All Users\Application Data\BarDiscover\bardiscover125.exe
    2010-05-19 07:19 . 2009-06-06 08:27 -------- d-----w- c:\documents and settings\nobre\Application Data\Nero
    2010-05-19 07:19 . 2009-06-06 02:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
    2010-05-19 07:17 . 2009-06-06 02:36 -------- d-----w- c:\program files\Nero
    2010-05-19 07:09 . 2009-06-06 02:35 -------- d-----w- c:\program files\Fichiers communs\Nero
    2010-05-18 02:44 . 2009-05-23 19:31 -------- d-----w- c:\documents and settings\nobre\Application Data\Winamp
    2010-05-17 07:57 . 2009-05-18 10:57 -------- d-----w- c:\program files\Fichiers communs\Adobe
    2010-05-12 14:21 . 2010-05-12 14:21 0 ----a-w- c:\documents and settings\All Users\Application Data\ISx14.tmp
    2010-05-05 15:43 . 2010-05-05 15:43 0 ----a-w- c:\documents and settings\All Users\Application Data\ISx57.tmp
    2010-05-05 15:41 . 2010-05-05 15:41 0 ----a-w- c:\documents and settings\All Users\Application Data\ISx56.tmp
    2010-05-05 15:40 . 2010-05-05 15:40 0 ----a-w- c:\documents and settings\All Users\Application Data\ISx55.tmp
    2010-05-02 14:06 . 2010-05-02 14:06 0 ----a-w- c:\documents and settings\All Users\Application Data\ISx40.tmp
    2010-05-02 14:00 . 2010-05-02 14:00 0 ----a-w- c:\documents and settings\All Users\Application Data\ISx3C.tmp
    2010-05-02 14:00 . 2010-05-02 14:00 0 ----a-w- c:\documents and settings\All Users\Application Data\ISx3B.tmp
    2010-05-02 13:00 . 2010-05-02 13:00 -------- d-----w- c:\program files\Logitech
    2010-05-02 13:00 . 2006-01-17 10:35 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-05-01 18:52 . 2010-04-22 14:07 -------- d-----w- c:\program files\Microsoft Silverlight
    2010-04-29 12:23 . 2009-08-12 13:09 -------- d-----w- c:\program files\Windows Live
    2010-04-29 02:11 . 2009-07-30 22:40 -------- d-----w- c:\program files\myBabylon_English
    2010-04-29 01:59 . 2010-04-22 14:03 -------- d-----w- c:\program files\Microsoft(2)
    2010-04-22 16:44 . 2009-05-16 12:09 -------- d-----w- c:\program files\JetAudio
    2010-04-22 14:06 . 2010-04-22 14:06 -------- d-----w- c:\program files\Microsoft Sync Framework
    2010-04-05 09:41 . 2009-10-17 10:42 -------- d-----w- c:\program files\KONAMI
    2010-04-05 06:48 . 2010-04-05 06:48 -------- d-----w- c:\documents and settings\nobre\Application Data\NeroDigital™
    2010-04-02 11:31 . 2010-04-02 11:31 1406976 ----a-w- c:\windows\system32\9600c45e.dll
    2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.2\ARM\ARM Update\AdobeARM.exe
    2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.2\ARM\ARM Update\AdobeExtractFiles.dll
    2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.2\ARM\ARM Update\ReaderUpdater.exe
    2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.2\ARM\ARM Update\AcrobatUpdater.exe
    2010-03-23 07:49 . 2010-03-23 07:49 101008 ----a-w- c:\documents and settings\nobre\Application Data\OfferBox\offerboxffx@offerbox.com\components\DataXPCOM.dll
    2010-03-10 06:16 . 2006-01-16 16:23 420352 ----a-w- c:\windows\system32\vbscript.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74294ac3-ea83-6b24-8080-a2682a3192c8}]
    2010-04-02 11:31 1406976 ----a-w- c:\windows\system32\9600c45e.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
    2010-05-20 13:38 2515552 ----a-w- c:\program files\myBabylon_English\tbmyB1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyB1.dll" [2010-05-20 2515552]

    [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyB1.dll" [2010-05-20 2515552]

    [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 65536]
    "msnmsgr"="c:\progra~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2009-07-26 3883856]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
    "Nero PhotoShow Media Manager"="c:\progra~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe" [2007-04-27 312848]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-07 26211624]
    "OfferBox"="c:\program files\OfferBox\OfferBox.exe" [2010-03-23 632464]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CFSServ.exe"="CFSServ.exe -NoClient" [X]
    "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945]
    "RTHDCPL"="RTHDCPL.EXE" [2005-12-09 15691264]
    "THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2006-01-05 352256]
    "TPSMain"="TPSMain.exe" [2005-08-03 266240]
    "NDSTray.exe"="NDSTray.exe" [BU]
    "Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]
    "SmoothView"="c:\program files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 118784]
    "TFncKy"="TFncKy.exe" [BU]
    "TDispVol"="TDispVol.exe" [2005-09-15 73728]
    "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-10-06 122940]
    "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 667718]
    "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-04-10 37888]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 88203]
    "LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2004-08-18 184320]
    "Symantec PIF AlertEng"="c:\program files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
    "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
    "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]
    "LogitechCameraAssistant"="c:\program files\Logitech\Video\CameraAssistant.exe" [2006-01-05 489472]
    "LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2006-01-05 06:15 73728]
    "LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
    "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
    "NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
    "ORAHSSSessionManager"="c:\program files\Orange HSS\SessionManager\SessionManager.exe" [2008-11-20 107248]
    "repAd"="c:\program files\repAd\repAd.exe" [2010-05-26 6656]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Toshiba\\ConfigFree\\CFXFER.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
    "c:\\Program Files\\Winamp\\winamp.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\Orange HSS\\Connectivity\\ConnectivityManager.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17/10/2009 12:15 721904]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [16/05/2010 22:44 135336]
    R2 BarDiscover Service;BarDiscover Service;c:\documents and settings\All Users\Application Data\BarDiscover\bardiscover125.exe [26/05/2010 03:45 61712]
    R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [16/05/2009 13:24 60533]
    S3 TaurusUsb;Siemens ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [16/05/2009 13:24 688864]
    .
    Contenu du dossier 'Tâches planifiées'
    .
    .
    ------- Examen supplémentaire -------
    .
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
    IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Trusted Zone: orange.fr
    Trusted Zone: voila.fr\rw.search.ke
    Trusted Zone: weborama.fr\orange
    TCP: {E4C43AA3-6AA2-40BD-9922-FB4B5C78E907} = 80.10.246.130 81.253.149.10
    FF - ProfilePath - c:\documents and settings\nobre\Application Data\Mozilla\Firefox\Profiles\x8cj22fq.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.netvibes.com/privatepage/1#General
    FF - component: c:\documents and settings\nobre\Application Data\OfferBox\offerboxffx@offerbox.com\components\DataXPCOM.dll
    FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJPI150_04.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\
    Contenus similaires
    a c 295 8 Sécurité
    a b , Internet Explorer
    27 Mai 2010 12:12:40

  • Télécharge Ad-Remover (de C_XX) sur ton Bureau.
  • Déconnecte-toi et ferme toutes applications en cours.
  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
  • Choisis Nettoyer puis valide.
  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
    27 Mai 2010 18:40:40

    voici le rapport d AD merci.
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 19/05/10 à 19:20
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 18:07:02 le 27/05/2010 | Mode normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft Windows XP Édition familiale (Service Pack 3 - X86)
    Nom du PC: YOUR-01199F19B2
    Utilisateur actuel: nobre
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    C:\Documents and Settings\All Users\Application Data\bardiscover
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar
    C:\Program Files\AskTBar
    C:\Program Files\bardiscover

    (!) -- Fichiers temporaires supprimés.
    .
    HKCU\Software\Fun Web Products
    HKLM\Software\bardiscover
    HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
    HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
    HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
    HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
    HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
    HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
    HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
    HKLM\Software\Classes\Interface\{4C3B62AF-CA25-4FBA-8405-32E44F83BB6F}
    HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
    HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
    HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
    HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
    HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
    HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
    HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
    HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
    HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
    HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
    HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
    HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
    HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
    HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
    HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
    HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
    HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
    HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
    HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
    HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
    HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
    HKLM\Software\Classes\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB}
    HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
    HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
    HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
    HKLM\Software\Microsoft\Office\Word\Addins\HostOL.MailAnim
    .
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version 3.6.3 (fr) *
    .
    C:\Documents and Settings\nobre\..\x8cj22fq.default\prefs.js - browser.startup.homepage: hxxp://www.netvibes.com/privatepage/1#General
    C:\Documents and Settings\nobre\..\x8cj22fq.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ========================================
    .
    C:\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Ad-Remover\Backup: 13 Fichier(s)
    .
    C:\Ad-Report-CLEAN[1].txt - 5254 Octet(s)
    .
    Fin à: 18:14:10, 27/05/2010
    .
    ============== E.O.F - CLEAN[1] ==============
    a c 295 8 Sécurité
    a b , Internet Explorer
    27 Mai 2010 19:14:11

  • Relance Ad-Remover et choisis Désinstaller.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS