Votre question

Fenetres intempestive sous firefox

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Décembre 2009 10:09:03

Bonjour,
depuis quelques jours, des fenêtres intempestives s'ouvrent sous firefox.

J'ai téléchargé hijack et voici mon rapport, merci pour vos réponses :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:13, on 02/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Suppresion malwares\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll (file missing)
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1840\wso.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7021 bytes

Autres pages sur : fenetres intempestive firefox

a c 327 8 Sécurité
a b 9 Windows
2 Décembre 2009 16:14:46

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    3 Décembre 2009 13:17:02

    Je te remercie t'occuper de mon cas. Si ca peux t'aider, c'est depuis mardi 1er décembre en soirée, date à laquelle j'ai installé un logiciel pour voir la tv sur ordi. En fait, il m'a installé un programme nommé gamezstar.

    voici les 2 rapports, je te remercie :


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Propriétaire at 2009-12-03 13:06:49
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 22 GB (10%) free of 234 GB
    Total RAM: 255 MB (17% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:09:25, on 03/12/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
    C:\Program Files\Suppresion malwares\Propriétaire.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - (no file)
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
    O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 6795 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
    C:\WINDOWS\tasks\Symantec NetDetect.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
    Automated Content Enhancer - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll [2009-11-25 204800]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
    Content Management Wizard - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll [2009-11-26 1232896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
    CNavExtBho Class - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "NAV Agent"=C:\PROGRA~1\NORTON~1\navapw32.exe [2001-08-21 74832]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Acme.PCHButton"=C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe [2003-01-01 155648]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
    C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
    C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-08-12 335872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
    c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [2002-10-07 90112]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
    C:\WINDOWS\System32\hphmon05.exe [2003-05-23 483328]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
    c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
    c:\windows\system\hpsysdrv.exe [1998-05-07 52736]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IcoSet]
    c:\hp\bin\cloaker.exe [1999-11-07 27136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
    C:\HP\KBD\KBD.EXE [2003-02-11 61440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
    c:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE REBOOT []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\WINDOWS\System32\NvCpl.dll [2003-08-19 4841472]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
    nview.dll,nViewLoadHook []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /installquiet /keeploaded /nodetect []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
    C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
    C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordNow!]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\regcmdcons]
    c:\hp\bin\cloaker.exe [1999-11-07 27136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
    C:\Windows\Creator\Remind_XP.exe [2003-06-17 118784]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
    C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
    C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    VTTimer.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MsnFixer.lnk]
    C:\hp\bin\msnfix\msnfixjs.js []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe:*:Enabled:volley"
    "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
    "C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe:*:Enabled:volley"
    "C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe:*:Enabled:volley"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
    shell\AutoRun\command - D:\Info.exe folder.htt 480 480


    ======List of files/folders created in the last 1 months======

    2009-12-03 13:06:49 ----D---- C:\rsit
    2009-12-02 14:33:48 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-12-02 12:43:07 ----D---- C:\Program Files\Navilog1
    2009-12-02 10:26:51 ----D---- C:\Program Files\RegCleaner
    2009-12-02 00:07:39 ----D---- C:\Program Files\Suppresion malwares
    2009-12-02 00:03:45 ----D---- C:\Program Files\Hattrick Control
    2009-12-01 21:48:28 ----D---- C:\Program Files\Content Management Wizard
    2009-12-01 21:46:03 ----D---- C:\Program Files\Customized Platform Advancer
    2009-12-01 21:45:21 ----D---- C:\Program Files\Automated Content Enhancer
    2009-11-08 11:52:35 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-11-08 11:48:34 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-11-08 11:48:31 ----D---- C:\WINDOWS\system32\en-US
    2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-11-08 11:46:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll

    ======List of files/folders modified in the last 1 months======

    2009-12-03 13:07:57 ----D---- C:\WINDOWS\Prefetch
    2009-12-03 13:03:44 ----D---- C:\WINDOWS\Minidump
    2009-12-03 13:03:44 ----D---- C:\WINDOWS
    2009-12-03 12:25:30 ----D---- C:\Program Files\Mozilla Firefox
    2009-12-03 12:19:02 ----D---- C:\WINDOWS\Temp
    2009-12-03 11:38:30 ----N---- C:\WINDOWS\SchedLgU.Txt
    2009-12-02 16:07:20 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-12-02 14:33:48 ----RD---- C:\Program Files
    2009-12-02 09:43:53 ----D---- C:\Documents and Settings\Propriétaire\Application Data\vlc
    2009-12-01 23:00:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-12-01 22:06:41 ----SHD---- C:\WINDOWS\Installer
    2009-12-01 22:06:41 ----SHD---- C:\Config.Msi
    2009-11-29 03:50:34 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-11-26 23:23:43 ----D---- C:\Documents and Settings\Propriétaire\Application Data\dvdcss
    2009-11-26 23:14:58 ----D---- C:\Program Files\PokerStars
    2009-11-25 14:00:46 ----D---- C:\WINDOWS\system32
    2009-11-25 08:02:49 ----HD---- C:\WINDOWS\inf
    2009-11-25 08:02:35 ----D---- C:\WINDOWS\WinSxS
    2009-11-25 07:59:56 ----HD---- C:\WINDOWS\$hf_mig$
    2009-11-17 22:26:11 ----D---- C:\WINDOWS\Debug
    2009-11-17 22:22:49 ----D---- C:\WINDOWS\network diagnostic
    2009-11-08 21:32:00 ----D---- C:\WINDOWS\Microsoft.NET
    2009-11-08 21:31:59 ----RSD---- C:\WINDOWS\assembly
    2009-11-08 20:47:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-11-08 20:36:40 ----D---- C:\WINDOWS\Registration
    2009-11-08 12:40:16 ----D---- C:\WINDOWS\system32\CatRoot
    2009-11-08 12:33:20 ----D---- C:\WINDOWS\system32\URTTemp
    2009-11-08 11:51:56 ----D---- C:\WINDOWS\system32\fr-fr
    2009-11-08 11:51:18 ----D---- C:\WINDOWS\system32\mui
    2009-11-08 11:48:29 ----RSD---- C:\WINDOWS\Fonts
    2009-11-08 11:47:46 ----D---- C:\WINDOWS\system32\spool
    2009-11-08 11:18:41 ----D---- C:\WINDOWS\system32\drivers
    2009-11-08 10:56:56 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-11-06 00:26:31 ----D---- C:\WINDOWS\system32\Restore
    2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-11-05 08:11:41 ----D---- C:\WINDOWS\system32\LogFiles
    2009-11-05 07:58:18 ----D---- C:\Program Files\Messenger Plus! Live
    2009-11-04 23:22:36 ----D---- C:\WINDOWS\ie8updates
    2009-11-04 23:22:13 ----D---- C:\Program Files\Internet Explorer

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-01-01 43488]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
    R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-16 788300]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-13 594432]
    R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\System32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
    R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
    R3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
    R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NAVENG.Sys []
    R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NavEx15.Sys []
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-03 10368]
    R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
    R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
    R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
    S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
    S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
    S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
    S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-05-14 51056]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-05-16 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-05-14 21488]
    S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
    S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-08-11 265344]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-08-13 319488]
    R2 Capture Device Service;Capture Device Service; C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
    R2 navapsvc;Service Norton AntiVirus Auto-Protect; C:\Program Files\Norton AntiVirus\navapsvc.exe [2001-08-21 115792]
    R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
    S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-08-19 77824]
    S2 SBService;ScriptBlocking Service; C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------




    info.txt logfile of random's system information tool 1.06 2009-12-03 13:09:34

    ======Uninstall list======

    -->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
    -->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    -->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
    Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    HijackThis 2.0.2-->"C:\Program Files\Suppresion malwares\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
    HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
    HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
    HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}
    HPIZ311-->MsiExec.exe /X{F247869D-3643-4A9F-821B-3534145928E3}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
    InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
    Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
    KBD-->C:\HP\KBD\KBD.EXE uninstalled
    K-Lite Codec Pack 5.0.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
    LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
    Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
    Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Norton AntiVirus 2002-->MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
    NVIDIA GART Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA GART Driver
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    Photo et imagerie HP 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninst
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    PS2-->C:\WINDOWS\system32\ps2.exe uninstall
    Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
    Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
    RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
    VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    ======Hosts File======

    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com

    ======System event log======

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.


    Record Number: 3466
    Source Name: Service Control Manager
    Time Written: 20091024140027.000000+120
    Event Type: erreur
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7036
    Message: Le service Gestion d'applications est entré dans l'état : arrêté.

    Record Number: 3465
    Source Name: Service Control Manager
    Time Written: 20091024140027.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

    Record Number: 3464
    Source Name: Service Control Manager
    Time Written: 20091024140027.000000+120
    Event Type: Informations
    User: NOM-FQIMEKRLHDE\Propriétaire

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.


    Record Number: 3463
    Source Name: Service Control Manager
    Time Written: 20091024140027.000000+120
    Event Type: erreur
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7036
    Message: Le service Gestion d'applications est entré dans l'état : arrêté.

    Record Number: 3462
    Source Name: Service Control Manager
    Time Written: 20091024140027.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 103
    Message: msnmsgr (3764) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 1112
    Source Name: ESENT
    Time Written: 20091015161327.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 102
    Message: msnmsgr (3764) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

    Record Number: 1111
    Source Name: ESENT
    Time Written: 20091015160620.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 100
    Message: msnmsgr (3764) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 1110
    Source Name: ESENT
    Time Written: 20091015160619.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 101
    Message: msnmsgr (3796) Le moteur de base de données est arrêté.

    Record Number: 1109
    Source Name: ESENT
    Time Written: 20091014205611.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 103
    Message: msnmsgr (3796) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 1108
    Source Name: ESENT
    Time Written: 20091014205611.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=0a00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO

    -----------------EOF-----------------





    Contenus similaires
    a c 327 8 Sécurité
    a b 9 Windows
    3 Décembre 2009 16:44:53

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    3 Décembre 2009 17:33:04

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3285
    Windows 5.1.2600 Service Pack 3

    03/12/2009 17:29:45
    mbam-log-2009-12-03 (17-29-44).txt

    Type de recherche: Examen rapide
    Eléments examinés: 104689
    Temps écoulé: 12 minute(s), 57 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 36
    Valeur(s) du Registre infectée(s): 4
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 19
    Fichier(s) infecté(s): 231

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\config (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\Incoming (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\lang (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\skins (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\Temp (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\WDIR (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\webserver (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1004296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1031765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\106609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1075343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1076046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1076375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\110125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\110890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1146906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1151093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1151984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1220781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1221812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1221828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1239968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1241453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1242109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1243093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\124703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\126843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\127406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\143703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\145500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\146812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1484406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1485187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1485359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1486437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1487390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1487640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1588203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2087296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2120375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2145843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2147953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2148640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2218031.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2222531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2257406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\225796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\226078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\226093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\255625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\256203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\256390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\292796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\293078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\293093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\300250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\301390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\301937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\308671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\309281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\309312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\318421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\319500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\320046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\324296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\325140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\325687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\332312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\333171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\342343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\343843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\344390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\358046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\358312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\365296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\366671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\367218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\382687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\384265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\384937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\430812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\431046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\518687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\520312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\618765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\619265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\619609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\620593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\621921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\654437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\656015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\658625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\660875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\887781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\89562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\913718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\918375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\933203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\934921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\935640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\998578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\flec003.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\names.txt (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\hidires\config\preferences.ini (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-214526.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-215735.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-220110.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-220748.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224204.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224257.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224339.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-232743.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-234144.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-003306.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-003306.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-004834.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-005619.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-053306.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092235.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092929.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092933.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-093732.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-093738.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-104155.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-105427.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-112644.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-113658.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-114447.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-114538.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-121615.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-123404.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-124938.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-132422.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-142218.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-151140.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-172657.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-183126.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-183131.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-191544.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-195823.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-202705.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-114542.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-122522.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-132144.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-133954.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-134613.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-142539.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-144617.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-150534.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-151103.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-151827.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-160847.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-214619.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-215739.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-220110.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-220748.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224205.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224258.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224339.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-232747.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-234146.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-003308.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-003309.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-004838.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-005620.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-053307.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092236.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092929.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092933.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-093732.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-093738.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-104156.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-105428.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-112644.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-113658.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-114447.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-114538.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-121615.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-123404.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-124939.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-132422.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-142219.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-151140.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-183126.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-183131.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-191545.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-202706.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-114545.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-122524.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-142539.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-144617.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-150534.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-151103.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-151827.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-160847.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\drivers\11s11ro1s1a2.sys (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\WINDOWS\0535251103110107106.xry (KoobFace.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\010112010146120114.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\01011201014650105.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\01011201014650120.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\0101120101465653.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\ectbbyn.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\prxid93ps.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\th823567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
    a c 327 8 Sécurité
    a b 9 Windows
    3 Décembre 2009 17:40:16

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge FindyKill (de Chiquitine29 & C_XX) sur ton Bureau.
  • Double-clique sur FindyKill présent sur ton Bureau.
  • Tape F puis Entrée pour Français.
  • Au menu principal, choisis l'option 1 (Recherche).
  • Poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    3 Décembre 2009 18:42:35

    ############################## | FindyKill V5.020 |

    # User : Propriétaire (Administrateurs) # NOM-FQIMEKRLHDE
    # Update on 26/11/2009 by Chiquitine29
    # Start at: 18:12:06 | 03/12/2009
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # AMD Athlon(tm) XP 2800+
    # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Enabled

    # A:\ # Lecteur de disquettes 3 ½ pouces
    # C:\ # Disque fixe local # 228,36 Go (21,89 Go free) [HP_PAVILION] # NTFS
    # D:\ # Disque fixe local # 4,51 Go (601,85 Mo free) [HP_RECOVERY] # FAT32
    # E:\ # Disque CD-ROM
    # F:\ # Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | C: |

    Présent ! D:\autorun.inf

    ################## | C:\WINDOWS |


    ################## | C:\WINDOWS\system32 |


    ################## | C:\WINDOWS\system32\drivers |


    ################## | C:\Documents and Settings\Propri‚taire\Application Data |

    Présent ! C:\Documents and Settings\Propri‚taire\Application Data\drivers

    ################## | Autres detections ... |

    ################## | Temporary Internet Files |


    ################## | Registre / Clés infectieuses |

    Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
    Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
    Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
    Présent ! [HKLM\software\microsoft\security center] "FirewallOverride"
    Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"

    ################## | Etat / Services / Informations |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
    # Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )


    ################## | Cracks / Keygens / Serials |


    ################## | ! Fin du rapport # FindyKill V5.020 ! |

    a c 327 8 Sécurité
    a b 9 Windows
    3 Décembre 2009 18:44:39

  • Double-clique sur FindyKill présent sur ton Bureau.
  • Au menu principal, choisis l'option 2 (Suppression).

    /!\ Il y aura un redémarrage, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

  • Ensuite, poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    3 Décembre 2009 20:15:32


    ############################## | FindyKill V5.020 |

    # User : Propriétaire (Administrateurs) # NOM-FQIMEKRLHDE
    # Update on 26/11/2009 by Chiquitine29
    # Start at: 19:41:27 | 03/12/2009
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # AMD Athlon(tm) XP 2800+
    # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Enabled

    # A:\ # Lecteur de disquettes 3 ½ pouces
    # C:\ # Disque fixe local # 228,36 Go (21,9 Go free) [HP_PAVILION] # NTFS
    # D:\ # Disque fixe local # 4,51 Go (601,85 Mo free) [HP_RECOVERY] # FAT32
    # E:\ # Disque CD-ROM
    # F:\ # Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe

    ################## | C: |

    Supprimé ! D:\"autorun.inf"

    ################## | C:\WINDOWS |

    Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-0F8DCEDB.pf

    ################## | C:\WINDOWS\system32 |


    ################## | C:\WINDOWS\system32\drivers |


    ################## | C:\Documents and Settings\Propri‚taire\Application Data |

    Supprimé ! C:\Documents and Settings\Propri‚taire\Application Data\drivers

    ################## | Autres suppressions ... |

    ################## | Temporary Internet Files |


    ################## | Registre / Clés infectieuses |

    Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
    Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
    Supprimé ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
    Supprimé ! [HKLM\software\microsoft\security center] "FirewallOverride"
    Supprimé ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"

    ################## | Etat / Services / Informations |

    # Mode sans echec : OK


    # Affichage des fichiers cachés : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | PEH ... |

    Corrompu : C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\register.exe
    [Offset = 000000E4 - Valeur = 0x0001]


    ################## | Cracks / Keygens / Serials |


    ################## | ! Fin du rapport # FindyKill V5.020 ! |

    a c 327 8 Sécurité
    a b 9 Windows
    3 Décembre 2009 20:27:11

  • Relance FindyKill et choisis l'option 4 pour le désinstaller.

  • Refais un scan RSIT et poste le rapport log.
    3 Décembre 2009 20:55:23

    1er rapport :

    info.txt logfile of random's system information tool 1.06 2009-12-03 20:53:51

    ======Uninstall list======

    -->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
    -->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    -->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
    Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
    HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
    HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
    HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}
    HPIZ311-->MsiExec.exe /X{F247869D-3643-4A9F-821B-3534145928E3}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
    InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
    Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
    KBD-->C:\HP\KBD\KBD.EXE uninstalled
    K-Lite Codec Pack 5.0.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
    LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
    Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Norton AntiVirus 2002-->MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
    NVIDIA GART Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA GART Driver
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    Photo et imagerie HP 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninst
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    PS2-->C:\WINDOWS\system32\ps2.exe uninstall
    Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
    Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
    RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
    Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
    VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    ======Hosts File======

    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com

    ======System event log======

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

    Record Number: 3575
    Source Name: Service Control Manager
    Time Written: 20091024140031.000000+120
    Event Type: Informations
    User: NOM-FQIMEKRLHDE\Propriétaire

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.


    Record Number: 3574
    Source Name: Service Control Manager
    Time Written: 20091024140031.000000+120
    Event Type: erreur
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7036
    Message: Le service Gestion d'applications est entré dans l'état : arrêté.

    Record Number: 3573
    Source Name: Service Control Manager
    Time Written: 20091024140031.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

    Record Number: 3572
    Source Name: Service Control Manager
    Time Written: 20091024140031.000000+120
    Event Type: Informations
    User: NOM-FQIMEKRLHDE\Propriétaire

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.


    Record Number: 3571
    Source Name: Service Control Manager
    Time Written: 20091024140031.000000+120
    Event Type: erreur
    User:

    =====Application event log=====

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 0
    Message:
    Record Number: 1139
    Source Name: Capture Device Service
    Time Written: 20091017131448.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 101
    Message: msnmsgr (2084) Le moteur de base de données est arrêté.

    Record Number: 1138
    Source Name: ESENT
    Time Written: 20091016173054.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 103
    Message: msnmsgr (2084) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 1137
    Source Name: ESENT
    Time Written: 20091016173054.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 102
    Message: msnmsgr (2084) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

    Record Number: 1136
    Source Name: ESENT
    Time Written: 20091016162133.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-FQIMEKRLHDE
    Event Code: 100
    Message: msnmsgr (2084) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 1135
    Source Name: ESENT
    Time Written: 20091016162132.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=0a00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO

    -----------------EOF-----------------


    2ème rapport :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Propriétaire at 2009-12-03 20:52:43
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 22 GB (10%) free of 234 GB
    Total RAM: 255 MB (14% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:53:40, on 03/12/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Suppresion malwares\rsit\RSIT.exe
    C:\Program Files\trend micro\Propriétaire.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
    O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 5990 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
    C:\WINDOWS\tasks\Symantec NetDetect.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
    CNavExtBho Class - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "NAV Agent"=C:\PROGRA~1\NORTON~1\navapw32.exe [2001-08-21 74832]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    ""= []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Acme.PCHButton"=C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe [2003-01-01 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
    C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
    C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-08-12 335872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
    c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [2002-10-07 90112]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
    C:\WINDOWS\System32\hphmon05.exe [2003-05-23 483328]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
    c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
    c:\windows\system\hpsysdrv.exe [1998-05-07 52736]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IcoSet]
    c:\hp\bin\cloaker.exe [1999-11-07 27136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
    C:\HP\KBD\KBD.EXE [2003-02-11 61440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
    c:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE REBOOT []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\WINDOWS\System32\NvCpl.dll [2003-08-19 4841472]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
    nview.dll,nViewLoadHook []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /installquiet /keeploaded /nodetect []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
    C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
    C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordNow!]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\regcmdcons]
    c:\hp\bin\cloaker.exe [1999-11-07 27136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
    C:\Windows\Creator\Remind_XP.exe [2003-06-17 118784]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
    C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
    C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    VTTimer.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MsnFixer.lnk]
    C:\hp\bin\msnfix\msnfixjs.js []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe:*:Enabled:volley"
    "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
    "C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe:*:Enabled:volley"
    "C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe:*:Enabled:volley"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
    shell\AutoRun\command - D:\Info.exe folder.htt 480 480


    ======List of files/folders created in the last 1 months======

    2009-12-03 20:52:48 ----D---- C:\Program Files\trend micro
    2009-12-03 20:52:43 ----D---- C:\rsit
    2009-12-03 18:10:46 ----D---- C:\FindyKill
    2009-12-03 17:12:38 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2009-12-03 17:12:22 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-12-03 17:12:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-12-02 10:26:51 ----D---- C:\Program Files\RegCleaner
    2009-12-02 00:07:39 ----D---- C:\Program Files\Suppresion malwares
    2009-12-02 00:03:45 ----D---- C:\Program Files\Hattrick Control
    2009-11-08 11:52:35 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-11-08 11:48:34 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-11-08 11:48:31 ----D---- C:\WINDOWS\system32\en-US
    2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-11-08 11:46:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll

    ======List of files/folders modified in the last 1 months======

    2009-12-03 20:53:11 ----D---- C:\WINDOWS\Prefetch
    2009-12-03 20:52:48 ----RD---- C:\Program Files
    2009-12-03 20:49:38 ----D---- C:\Program Files\Mozilla Firefox
    2009-12-03 20:37:08 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-12-03 20:13:43 ----D---- C:\WINDOWS\system32
    2009-12-03 20:13:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-03 20:12:52 ----D---- C:\WINDOWS\Temp
    2009-12-03 19:59:10 ----D---- C:\WINDOWS
    2009-12-03 19:40:21 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-12-03 17:12:28 ----D---- C:\WINDOWS\system32\drivers
    2009-12-03 16:42:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-12-03 14:45:05 ----D---- C:\Program Files\HattrickOrganizer
    2009-12-03 13:03:44 ----D---- C:\WINDOWS\Minidump
    2009-12-02 09:43:53 ----D---- C:\Documents and Settings\Propriétaire\Application Data\vlc
    2009-12-01 23:00:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-12-01 22:06:41 ----SHD---- C:\WINDOWS\Installer
    2009-12-01 22:06:41 ----SHD---- C:\Config.Msi
    2009-11-26 23:23:43 ----D---- C:\Documents and Settings\Propriétaire\Application Data\dvdcss
    2009-11-26 23:14:58 ----D---- C:\Program Files\PokerStars
    2009-11-25 08:02:49 ----HD---- C:\WINDOWS\inf
    2009-11-25 08:02:35 ----D---- C:\WINDOWS\WinSxS
    2009-11-25 07:59:56 ----HD---- C:\WINDOWS\$hf_mig$
    2009-11-17 22:26:11 ----D---- C:\WINDOWS\Debug
    2009-11-17 22:22:49 ----D---- C:\WINDOWS\network diagnostic
    2009-11-08 21:32:00 ----D---- C:\WINDOWS\Microsoft.NET
    2009-11-08 21:31:59 ----RSD---- C:\WINDOWS\assembly
    2009-11-08 20:36:40 ----D---- C:\WINDOWS\Registration
    2009-11-08 12:40:16 ----D---- C:\WINDOWS\system32\CatRoot
    2009-11-08 12:33:20 ----D---- C:\WINDOWS\system32\URTTemp
    2009-11-08 11:51:56 ----D---- C:\WINDOWS\system32\fr-fr
    2009-11-08 11:51:18 ----D---- C:\WINDOWS\system32\mui
    2009-11-08 11:48:29 ----RSD---- C:\WINDOWS\Fonts
    2009-11-08 11:47:46 ----D---- C:\WINDOWS\system32\spool
    2009-11-08 10:56:56 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-11-06 00:26:31 ----D---- C:\WINDOWS\system32\Restore
    2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-11-05 08:11:41 ----D---- C:\WINDOWS\system32\LogFiles
    2009-11-05 07:58:18 ----D---- C:\Program Files\Messenger Plus! Live
    2009-11-04 23:22:36 ----D---- C:\WINDOWS\ie8updates
    2009-11-04 23:22:13 ----D---- C:\Program Files\Internet Explorer

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-01-01 43488]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
    R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-16 788300]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-13 594432]
    R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\System32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
    R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
    R3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
    R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NAVENG.Sys []
    R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NavEx15.Sys []
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-03 10368]
    R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
    R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
    R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
    S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
    S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
    S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
    S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-05-14 51056]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-05-16 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-05-14 21488]
    S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
    S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-08-11 265344]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-08-13 319488]
    R2 Capture Device Service;Capture Device Service; C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
    R2 navapsvc;Service Norton AntiVirus Auto-Protect; C:\Program Files\Norton AntiVirus\navapsvc.exe [2001-08-21 115792]
    R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
    S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-08-19 77824]
    S2 SBService;ScriptBlocking Service; C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 327 8 Sécurité
    a b 9 Windows
    4 Décembre 2009 00:45:37

    Citation :
    C:\Program Files\Suppresion malwares

    --> Tu connais ce dossier ?

    Pourquoi n'as-tu pas d'antivirus ?
    4 Décembre 2009 10:16:46


    "C:\Program Files\Suppresion malwares", c'est moi qui ai crée ce dossier afin d'y regrouper les différents logiciels pour supprimer mes fenêtres intempestives.
    Pour l'anti virus, mon ordi rame avec, c'est un vieux ! Mais, on me conseille avast, je pense l'intaller prochainement afin déviter toute complications pour le futur.

    En tout cas, merci à toi, les fenetres intempestives ont disparus.
    Affaire résolue.
    a c 327 8 Sécurité
    a b 9 Windows
    4 Décembre 2009 18:40:06

    Citation :
    Pour l'anti virus, mon ordi rame avec, c'est un vieux !

    --> 256Mo de RAM pour XP, c'est peu.

    Citation :
    Mais, on me conseille avast, je pense l'intaller prochainement afin déviter toute complications pour le futur.

    --> Je te conseille plutôt AntiVir Personal.

  • Désinstalle Java 2 Runtime Environment, SE v1.4.2.

  • Mets à jour Java.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS